Shared samba directories
By user12625760 on Oct 21, 2006
The samba set up on the new server for users has been flawless, but the shared directories slightly less so. I had a problem where if one of the family created a directory then the rest of the family could not add to that directory. Looking on the Solaris side it was clear the problem, the directory was created mode 755. Typing this I realize just how bad that is. 755 could not possibly mean anything to anyone who was not up to their armpits into UNIX computing and the explication would fill pages and indeed it does.
The permissions I want to force for directories are "read, write and execute for group" as well as the owner. Ie mode 775. It would also be nice if I could stop one user deleting the other users work so setting the sticky bit would also be good giving mode 1755.
Trundling through the smb.conf manual page tells me that there is an option, "force directory mode" that does exactly what it implies and what I want. I'm sure I could achieve the same with an ACL and will do that later so that SMB and NFS give the same results. However for now smb.conf serves this purpose.
So the new entry in the smb.conf for the shared area where we keep pictures looks like this:
[pics] comment = Pictures path = /tank/shared/pics public = yes writable = yes printable = no write list = @staff force directory mode = 1775 force create mode = 0444 root preexec = ksh -c '/usr/sbin/zfs snapshot tank/shared/pics@smb$(/tank/local/smbdate)'
Now everyone can add to the file system but can't delete others photos, plus I get a snapshot every time someone starts to access the file system.