Re: using samba with unix acls

andy baxter <andy@xxxxxxxxxxxxxxxxxxxxxxxxxxx> writes:

hi all,

I am setting up a file server for a small company. The people who will
be using it want to be able to control who accesses particular
directories on a user/group basis. I originally thought that it would
be enough to set up a standard samba system with unix home
directories, plus shares for each group of users (admin / tech etc.),
but they are keen to have a system which allows them to make some
parts of the filesystem available to more than one group, which as far
as I know isn't supported by this kind of setup. (Unless I were to
have shares for each possible combination of groups...)


I think that to achieve this I will need to set up samba with unix
ACLs, but I'm not sure what's the best way of doing this - the two
options seem to be using a patched kernel with an ext3 filesystem, or
else using the XFS filesystem which has built in ACL support. Which of
these would you recommend?

Hi,

I did approximately same thing with samba and bind-mounts. When user
logs in "shares" (not visible to samba) are mount -bind:ed under users
homedir with 'root preexec'. Obviously You need intelligence in the root
preexec -script to decide what directories user wants to see at any
particular time :) Or mount all directories user has rights reading
and/or writing to. 'root postexec' does the unmounting afterwards.


The XFS option seems a lot simpler to maintain (no need to patch the
kernel every time an update is released), but I'm worried that because
this filesystem is not used so much, it may not be as reliable as
ext3.

Thanks for any help with this,

andy baxter, lancaster UK.

--

--

Perttu Muurimäki
perttu.muurimaki@xxxxxx


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/87sk675xdi.fsf@xxxxxxxxxxx