samba problem

Mike Schwartz mike.l.schwartz at gmail.com
Wed Mar 29 12:44:13 MST 2006 

On 3/29/06, Eric Shubes <plug at shubes.net> wrote:
>
> Nathan England wrote:
> > I have a folder called /files
> > everyone has access to this folder, but there are a few folders inside
> that
> > only a few people are allowed to access. What is the best way to allow
> > everyone access to the /files directory but only allow those required to
> have
> > access to the specific folders inside?
> >
> > Do I create a seperate share for each specific folder?
> > I want to avoid mapping more drives to the users. Can I change the
> access
> > permissions on the windows machines? I don't want to make it too
> confusing.
> > What is the best way?
> >
> I'm not sure of the best way.
> I think I would create a new group for the 'few people', and make them
> members of the group. Then change the groupid of the restricted folders
> to the new group, and turn off 'other' permissisions on said folders.
> Then you can give the share for /files to everyone.
> I'm pretty sure that'll work for you, but I'd test it to be sure.
> --
> -Eric 'shubes'

[...]
>

comment from Mike Schwartz:
umm, I think there may be a way to do  this with
access control lists.
If an ignorant lurker may insert his 0.02
The problem with groups, as I understand it, is that
if you want a person to be able to be a member of
several of them,
(especially if the groups are not monotonically nested),
then a given person might have to have "more than
one" userid (not a cool solution...);
Whereas with an acl, I think there is much more
flexibility.  I have used ACLs before under VAX/VMS,
but for Gnu/Linux, I do not know the details.
However:
The textbook being used for CIS238DL at GCC
this semester (a Linux class taught by  "Ray
Esparza" <ray.esparza at gcmail.maricopa.edu>)
(Sobell, Mark G., A Practial Guide to Red Hat
  Linux, 2nd ed., Prentice-Hall PTR, 2005)
(ISBN 0131470248)
says on page 927 to see the acl man page
for more information.  It also says that ACLs  are
part of Solaris, Win 2000/XP,  VAX/VMS, and
mainframe OSs, and that they are available
under Fedora Core 2
(so presumably Fedora Core 2 "and later").
I hope this helps.
--
Mike Schwartz
Glendale  AZ
schwartz at acm.org
Mike.L.Schwartz at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.plug.phoenix.az.us/pipermail/plug-discuss/attachments/20060329/8264d46d/attachment.htm

More information about the PLUG-discuss mailing list