On Mon, 28 Jan 2002, Andrew RAY wrote:
We currently do not have the correct permissions on the file shares as most of them were originally setup by Tiny who installed the server and they just set Everyone Full Control. We have been going through fixing it but not got very far! He wants Win2K because we are having problems with Win2K Workstations connecting properly on to the network - it might just be a policy thing rather than a server thing - i'm not sure. Be clever with linux permissions - use features like SGUID (chmod 2xxx folder) and also your smb.conf settings for the share: force group = pupils
Just to expand on this point (because SGID folders might not mean much to many people reading this): If you change the permissions on a folder so that the SGID bit is set, then the folder's group will become "sticky": anything created within that folder will be owned by the folder's own group instead of the group of the creating user. For example: An ordinary folder: [root]# mkdir nonsticky [root]# chgrp pupils nonsticky [root]# chmod g+w nonsticky [root]# ls -ld nonsticky drwxrwxr-x 2 root pupils 48 Jan 28 11:10 nonsticky/ [root]# su mcb30 [mcb30]$ cd nonsticky [mcb30]$ touch test [mcb30]$ ls -l -rw-rw-r-- 1 mcb30 mcb30 0 Jan 28 11:14 test A sticky folder: [root]# mkdir sticky [root]# chgrp pupils sticky [root]# chmod g+w sticky [root]# chmod g+s sticky # Make it sticky [root]# ls -ld sticky drwxrwxr-x 2 root pupils 48 Jan 28 11:10 sticky/ [root]# su mcb30 [mcb30]$ cd sticky [mcb30]$ touch test [mcb30]$ ls -l -rw-rw-r-- 1 mcb30 pupils 0 Jan 28 11:14 test Note that with the sticky folder any other member of pupils is then able to edit the file I have created. HTH, Michael