RE: [SLUG] shares on samba

From: Backward Thinker (backwardthinker@juno.com)
Date: Thu Jun 17 2004 - 16:06:25 EDT

Next message: Logan Tygart: "Re: [SLUG] SCSI vs "cdrecord -scanbus""
Previous message: Eben King: "[SLUG] SCSI vs "cdrecord -scanbus""
Maybe in reply to: Chad Perrin: "[SLUG] shares on samba"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> and test out the ACL's. If I go down that road, will
> new files that are copied up to the server via scp
> inherit the permissions of the directory? Or will they
> still retain the permissions (and attributes) of the
> user that did the copying?

The short answer is: Yes, the new files can inherit the
access permissions of the directory.

A more accurate answer is: the new files can inherit that
access, or any access you want (the default ACL inherited
by the files can differ from the access ACL or permissions
of the directory itself). *BUT*, ACLs govern access, not
ownership. If you have genuine requirements that the
user/group of the file be owned by someone other than the
creating user, then you need suid/guid sticky bits on the
directory. If you only care about the access, and not the
ownership, then you're golden. From the information you've
said so far, you shouldn't need to care about real file
ownership unless maybe you are playing quota games.

Since this thread was originally a Samba thread... if you
also plan on having users write to these directories via
Samba in addition to scp, you probably want to enable
"inherit acls = yes" in Samba to ensure new files don't
trip over the Samba create mode/mask for a filesystem with
ACLs enabled (assuming you ./configured samba
--with-acl-support, or are using most any of the already
available Samba rpms or srpms).

HTH,
~ Daniel

p.s. if you don't know about posix acls: there are two
"styles" of ACL's... access ACLs (for files and directories),
and default ACLs (for directories only). New files will be
created with access ACLs to match the default ACL of the
directory. And "extended" access ACLs just means an access
ACL with anything beyond ugo-style permissions.

________________________________________________________________
The best thing to hit the Internet in years - Juno SpeedBand!
Surf the Web up to FIVE TIMES FASTER!
Only $14.95/ month - visit www.juno.com to sign up today!
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

Next message: Logan Tygart: "Re: [SLUG] SCSI vs "cdrecord -scanbus""
Previous message: Eben King: "[SLUG] SCSI vs "cdrecord -scanbus""
Maybe in reply to: Chad Perrin: "[SLUG] shares on samba"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:50:49 EDT