[NTLUG:Discuss] Samba, ACL - permissions
Greg Edwards
greg at nas-inet.com
Tue Jun 5 17:11:51 CDT 2007
Keller Giacomarro wrote:
> Greg,
>
>
> So, what if I wanted different permissions for different folders? For
> example...
>
> user1
> user2
> user3
>
> share1 - user1(rw), user2(rw), user3(r)
> share2 - user1(none), user2(rwx), user3 (r)
>
> Would I then need to create several groups to accommodate each situation?
>
> Group1 - user1, user2 : given rw to share1
> Group2 - user3 : given r to share1
> Group3 - user2 : given rwx to share 2
> Group4 - user 3 : given r to share2
>
> While this would functionally work, it seems overkill. Is this just how
> things are done in the Linux world? Makes Windows ACLs seem (gasp) easy.
> Is there something simple I've overlooking?
>
> Thanks again in advance.
>
> -Keller
>
Set other permissions to r-- (read only) and any valid user can read files
in that directory. You only need to deal with users that are allowed to
write in a directory. Of course, if you want all users to be able to
write set other to rw-. That should generate some SECURITY comments ;)
Group management is allot easier than it seems. The number of groups that
a user can belong to is larger than you'll ever make use of. A group can
belong to a group. And groups are inherited.
--
Greg Edwards
http://consult.nas-inet.com
More information about the Discuss
mailing list