Hello.
I am currently trying to set up a working environment based on Your Ebox 1.4.2/Samba 3.4.6 + Win XP workstations for schools that I work with. It would be a great replacement of costly MS Win Servers.
I managed to use profiles/shares etc, applied policies created with PolEdit,
I encountered this strange thing:
I have to make a share which is visible and browseable for all, but only one time writeable with each file, that means that users can put their files there, but can't view it or remove it after. I figured that since NT ACL is somewhat different than Linux ACL, i got to use force mask feature of smb.conf.
Here is what I managed:
[prace]
comment = Prace
path = /home/samba/prace
admin users = @"Administratorzy", @"Nauczyciele"
valid users = @"Administratorzy", @"Nauczyciele", @"Uczniowie"
browseable = Yes
read only = No
create mask = 0111
directory mask = 0700
Where administratorzy and nauczyciele are domain admins.
So, after that i receive something strange:
as normal user from uczniowie group I can only put the file in there, can;t view it or remove it after (same goes for all users from that group) - so it was a success
Strangely, after logging to admin account, I was somewhat amused that I can actually read the file, copy it etc, but not remove it by any means.
Your help in understanding of this problem would be of great value to me
Best Regards
Chris
Topic: Samba and create mask switch (Read 1499 times)