Samba share and file attributes

[Eric Shubert]

Alan Dayley wrote:
> 
> The attributes part is killing me.  I cannot get the combination of
> file-system permissions and all the Samba settings involved such that
> I can allow the "mastershare" group control of the attributes!
> 
> Samba settings involved are:
> map hidden
> map system
> map archive
> map readonly
> store dos attributes
> create mask
> directory mask
> force user
> force group
> (Others?)
> 
> This is all interacts with the linux file system permissions bits,
> user, group, etc.  It's driving me crazy.
> 

The way in which dos attributes are mapped to linux is a little tricky, 
and has evolved over time. The following is my present understanding, 
and may be a little off.

The older way (still supported) was to map the dos attributes using the 
unix attributes in a convoluted sort of way (not the way in which the 
unix attributes were intended). The "map xxx" configuration parameters 
control this type of mapping. This method makes it difficult (if not 
impossible) to use both samba and unix permission settings concurrently.

Then along came ext2 extended attribute capabilities (or at least the 
ability for samba to use them). This method stores the dos attributes in 
the extended attributes area of the ext2 filesystem, and leaves the unix 
permission bits alone. This method allows unix and dos permissions to 
coexist nicely, although the authentication mechanisms are entirely 
separate. In order to use this method, you need "store dos attributes = 
yes" in your configuration, and you need to be sure that the filesystem 
is mounted with the "user_xattr" option (in fstab).

For your situation, I'd try this in smb.conf:

map archive = no
map hidden = no
map read only = no
map system = no
store dos attributes = yes
dos filemode = yes

either globally or on each share, and also add "user_xattr" to fstab for 
the appropriate filesystem. (user_xattr is not on by default)

I'm guessing that'll work for you. Let me know.

-- 
-Eric 'shubes'