Topic: Different permissions for ibay subfolders

[tanzul]

Hi!
First i'll have to say "Thank you all!" for SME-Server in general. It was nearly exactly what i was searching for and at the moment i'm trying lots of things but i'm stuck with one situation. As example:
First, i have two users: John and Jane. I have one ibay and in this ibay two foldes. In one of these foldes, both should have read + write privileges (which works as expected) but in the other folder John should be able to r+w and Jane should only be able to read.
I tried to set permissions from the client-pc (win xp) but allways get a message "access denied" if i try to change anything concerning access rights.
I should also add, that i'm a linux newbie.
Thanks in advance for you help!

[jonic]

Use server-manager to add a new group and make John a member of it (but not Jane).
Then change the group of the ibay in question to the new group, that John is a member of.
Then set User access via file sharing or user ftp to:  "Write = Group, Read = Everyone".

That's all there is to it.

[tanzul]

Thanks for your answer but i think I did't described the problem precisly enough.
The problem I have is, that I need different access-rules inside one single ibay.
For example there are users A, B, C and D.
Folder 1 = for all read and write.
Folder 2 = read for A, read+write for D
Folder 3 = read for A,B,C read+write for D
Folder 4 = read for all, writable for C
Any Idea how i could make this possible without creating lot's if ibays?
If under MS Server 2003 I could just right-click and set access-rights. But how can I handle this with SME (or Samba in general)?

[bpivk]

By ssh-ing into the SME box and using the chmod command (http://www.computerhope.com/unix/uchmod.htm).

Is this what you're looking for?

[tanzul]

I googled a lot, tried different things out and it was ACL what I was looking for and it's working great! With these I can do exactly what I want. CHMOD was not "precise" enough because one can't change permissions for single users.
But thanks for your help! I'll be back soon, thats for sure

[daniel]

would you post a bit more detail on what you meant by ACL?  I do something similar but would like to compare notes to see if I'm doing it the best, most efficent way.  Thanks

[cactus]

By ssh-ing into the SME box and using the chmod command (http://www.computerhope.com/unix/uchmod.htm).

Is this what you're looking for?

That will probably not work as ownerships and security rights will be reset on ibay events such as adding/removing new users/groups if I remember correctly from sniffing the source code.

[Stefano]

I googled a lot, tried different things out and it was ACL what I was looking for and it's working great! With these I can do exactly what I want. CHMOD was not "precise" enough because one can't change permissions for single users.
But thanks for your help! I'll be back soon, thats for sure

Hi.. I'm interested too... can you please give me more details?

I've done some test mounting a disk with "acl" directive in fstab and it's working fine..

TIA

Stefano

[tanzul]

Ok, here's what I did:

1. yum install acl
2. edit /etc/fstab [/dev/main/root 'change' usrquota,grpquota 'to' acl,usrquota,grpquota]
3. reboot
4. now you can use as example the command 'setfacl -m u:john:rw- importantdata' to give john read and write access to importantdata. as next step you can forbid jane to access the same file (or folder) by using 'setfacl -m u:jane:--- importantdata'.

I'm testing this a little bit more the next few days. If I'll experience any problems, I'll report them here.

[StuartTaylor]

can I ask which ACL package you used?

[Confucius]

can I ask which ACL package you used?

When you do : yum install acl

You would probably see the same as I see : 2.2.23-5

[StuartTaylor]

I more meant the developer then package version but I guess it doesn't really matter, If yum has an autoinstall for it ill just that one

[imcintyre]

I suppose by definition, this over rides how groups and ibays are matched up in the server-manager panel?
Does it create any conflicts?
What happens when you add another user? Can you still use the server-manager to set permissions and this device is for fine tuning?

I seem to recall another set of posts regarding recycle bins where thee were problems with the permissions for the folders that were created when recycle bins were enabled. Would this be useful to modify those permissions?

tia

Ian