[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Samba et permissions [was Re: [linux] Samba, again]
> From: Fabian Vilers <Fabian.V@SPEOS.BE>
>
> Un autre sujet sur samba...
>
> un utilisateur ouvre un fichier sur un disque linux via samba, fait qqs
> modifs, et le sauve.
>
> probleme, les droits concernant ce fichier sont modifies (souvent +x).
> Comment l'eviter?
>
> on m'a dit que c'est la conversion entre rwx... linux et
> archive/systeme/cache/... windows
Je vois ceci dans /etc/samba/smb.conf
; File creation mask is set to 0700 for security reasons. If you want to
; create files with group=rw permissions, set next parameter to 0775.
create mask = 0775
; Directory creation mask is set to 0700 for security reasons. If you want to
; create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0775
Il y a aussi un security mask:
security mask (S)
This parameter controls what UNIX permission bits
can be modified when a Windows NT client is manipu
lating the UNIX permission on a file using the
native NT security dialog box.
This parameter is applied as a mask (AND´ed with)
to the changed permission bits, thus preventing any
bits not in this mask from being modified. Essen
tially, zero bits in this mask may be treated as a
set of bits the user is not allowed to change.
If not set explicitly this parameter is set to the
same value as the create mask parameter. To allow a
user to modify all the user/group/world permissions
on a file, set this parameter to 0777.
Note that users who can access the Samba server
through other means can easily bypass this restric
tion, so it is primarily useful for standalone
"appliance" systems. Administrators of most normal
systems will probably want to set it to 0777.
See also the force directory security mode, direc
tory security mask, force security mode parameters.
Default: security mask = <same as create mask>
Example: security mask = 0777
Sais pas si ça va aider...
--
Arnaud Vandyck
"Qwand n'a pus, n'a co"
(Quand il n'[y en] a plus, [il y] en a encore)
[ Soyez précis dans vos sujets svp afin de déterminer directement ]
[ le type de demande... ]
[ Pour vous (dés)inscrire, aller sur http://linuxbe.org/ml.php ]
[ http://LinuxBe.org Contact: listmaster@linuxbe.org ]