On 3/29/06, <b class="gmail_sendername">Eric Shubes</b> &lt;<a href="mailto:plug@shubes.net">plug@shubes.net</a>&gt; wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Nathan England wrote:<br>&gt; I have a folder called /files<br>&gt; everyone has access to this folder, but there are a few folders inside that<br>&gt; only a few people are allowed to access. What is the best way to allow
<br>&gt; everyone access to the /files directory but only allow those required to have<br>&gt; access to the specific folders inside?<br>&gt;<br>&gt; Do I create a seperate share for each specific folder?<br>&gt; I want to avoid mapping more drives to the users. Can I change the access
<br>&gt; permissions on the windows machines? I don't want to make it too confusing.<br>&gt; What is the best way?<br>&gt;<br>I'm not sure of the best way.<br>I think I would create a new group for the 'few people', and make them
<br>members of the group. Then change the groupid of the restricted folders<br>to the new group, and turn off 'other' permissisions on said folders.<br>Then you can give the share for /files to everyone.<br>I'm pretty sure that'll work for you, but I'd test it to be sure.
<br>--<br>-Eric 'shubes'</blockquote><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">[...]<br></blockquote></div><br>
<span style="text-decoration: underline; color: rgb(51, 102, 255);">comment from Mike Schwartz:</span> <br>umm, I think there may be a way to do&nbsp; this with<br>
<span style="font-weight: bold; text-decoration: underline;">access control lists.</span><br style="color: rgb(192, 192, 192);">
<span style="color: rgb(192, 192, 192);">If an ignorant lurker may insert his 0.02 </span><br style="color: rgb(0, 153, 0);">
<span style="color: rgb(0, 153, 0);">The problem with groups, as I understand it, is that</span><br style="color: rgb(0, 153, 0);">
<span style="color: rgb(0, 153, 0);">if you want a person to be able to be a member of </span><br style="color: rgb(0, 153, 0);">
<span style="color: rgb(0, 153, 0);">several of them, </span><br style="color: rgb(153, 153, 153);">
<span style="color: rgb(153, 153, 153);">(especially if the groups are not monotonically nested),</span><br style="color: rgb(0, 153, 0);">
<span style="color: rgb(0, 153, 0);">then a given person might have to have &quot;more than</span><br style="color: rgb(0, 153, 0);">
<span style="color: rgb(0, 153, 0);">one&quot; userid <span style="color: rgb(153, 153, 153);">(not a cool solution...)</span></span><span style="color: rgb(0, 153, 0);">; <br>
Whereas with an acl, I think there is much more </span><br style="color: rgb(0, 153, 0);">
<span style="color: rgb(0, 153, 0);">flexibility.</span>&nbsp; I have used ACLs before under VAX/VMS,<br>
but for Gnu/Linux, I do not know the details.<br>
<span style="color: rgb(192, 192, 192); font-weight: bold; text-decoration: underline;">However:</span><br>
The textbook being used for CIS238DL at GCC<br>
this semester<span style="color: rgb(192, 192, 192);"> (a Linux class taught by&nbsp;  &quot;Ray </span><br style="color: rgb(192, 192, 192);">
<span style="color: rgb(192, 192, 192);">Esparza&quot; &lt;<a href="mailto:ray.esparza@gcmail.maricopa.edu">ray.esparza@gcmail.maricopa.edu</a>&gt;)</span><br>
(Sobell, Mark G., <span style="text-decoration: underline;">A Practial Guide to Red Hat</span><br style="text-decoration: underline;">
&nbsp; <span style="text-decoration: underline;">Linux</span>, 2nd ed., Prentice-Hall PTR, 2005)<br>
(ISBN 0131470248)<br>
says <span style="color: rgb(192, 192, 192);">on page 927</span> to see <span style="color: rgb(204, 0, 0);">the </span><span style="font-weight: bold; color: rgb(204, 0, 0);">acl</span><span style="color: rgb(204, 0, 0);">
 man page</span> <br>
for more information.&nbsp; It also says that<span style="color: rgb(192, 192, 192);"> <span style="color: rgb(0, 0, 0);">ACLs&nbsp;</span> are</span><br style="color: rgb(192, 192, 192);">
<span style="color: rgb(192, 192, 192);">part of Solaris, Win 2000/XP,&nbsp; VAX/VMS, and </span><br style="color: rgb(192, 192, 192);">
<span style="color: rgb(192, 192, 192);">mainframe OSs, and that</span> <span style="color: rgb(192, 192, 192);">they</span> are available<br>
under <font size="4">Fedora Core </font>2 <br>
(so presumably Fedora Core 2  &quot;and later&quot;).<br>
I hope this helps.<br>-- <br>Mike Schwartz&nbsp;&nbsp;&nbsp;&nbsp;<br>Glendale&nbsp;&nbsp;AZ <br><a href="mailto:schwartz@acm.org">schwartz@acm.org</a><br><a href="mailto:Mike.L.Schwartz@gmail.com">Mike.L.Schwartz@gmail.com</a>