Re: [opensuse] cifs files always created as owner root



On Saturday 15 Oct 2011 09:53:05 lynn wrote:
On Friday 14 Oct 2011 19:18:26 John Andersen wrote:
On 10/13/2011 11:42 PM, Roger Oberholtzer wrote:
On Thu, 2011-10-13 at 18:07 -0700, John Andersen wrote:
The key was to disallow the local machine from setting uid/gid on the
server, and allow samba to do this via the rules in the smb.conf.

We always set the smb.conf to force some things:
[datashares]

comment = Company Files
path = /raid/.......
force group = +datashare
read only = No
create mask = 0660
force create mode = 0660
security mask = 0770
directory mask = 0770
force directory mode = 0770
directory security mask = 0770

It seems that you have sort of focused on group permissions rather than
user permissions. I suspect that this is the only approach for CIFS.
Then, all users that should share a volume are a member of that
volume's group. You could, I guess, have a group for each share.

Exactly right Roger.

We had to do that because we had a mix of Windows and Linux machines
on the network, and folks had to share documents in a common
directory. We wanted to maintain owner (creater) info, but still
allow full group access (read/write, etc).

For the user's server based Home directory we used
different permissions of course.

The fact still remains that CIFS does not know what the the user:group
permissions are of the user who has just authenticated. What is clear is
that new files will be created with either:

1. The uid of the user who mounts the share. Or,
2. The uid and gid specified on the mount line.

What I need is this:

mount -t cifs //hh1.com/users /home -o rw,user,uid=$USER,gid=users

but of course $USER is only available after the user has authenticated. Is
there a script that runs immediately after the user has authenticated where
I could place this line?

Thanks.

Duh. Sorry. I would also need an environment variable for password=. Can's see
how to set that although google tells me that it is available somewhere.

x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx