Hi, i'm new of SME and i've not a good english.
I use on my SME server sharedfolders with acl and i've this situation:
By web panel i've created 17 users, 22 groups and 27 shares with their permissions.
I've 3 mounts (/mnt/dati1 with 17 shares, /mnt/dati2 with 6 shares, /mnt/dati3 with 4 shares), i've created symbolic links for each share (in /home/e-smith/files/shares/nomeshare/files) to a dir of the mountpoint. ex.: ln -s /mnt/dati1/dir1 /home/e-smith/files/shares/share1/files/dir1. So i've assigned my shares to the 3 mountpoints.
After with templates i've modified the browsable value for primary to no, so it's not visible.
I've modified the structure of smb.conf with template, deleting [home] section
i've modified the path for each share with template to the symbolic links, so when a client with permissions open a share, it works directly in the mount point.
That's all ok but there's a problem...
I've given the onlyread flag to a share for a group and the r/w flag to the same share for other two groups.
The user belonging to the group with readonly permissions is able to write in the folder, as the other users belonging to the groups with r/w permissions.
I don't understand this situation.
I've also tried this setfacl ...
setfacl -m user:sfregolaa:r,group:g2:r /mnt/dati2/amministraz
chmod g-w /mnt/dati2/amministraz
to force the situation
with this log
# file: /mnt/dati2/amministraz
# owner: root
# group: root
user::rwx
user:sfregolaa:r--
group::rwx #effective:r-w
group:g2:r--
mask::r-x
other::rwx
but nothig, now the user of the onlyread group don't open the share yet.
cancelling this settings, all returns as before, the user of the group with onlyread permission can access and write in the share.
Can you halp me.
I use SME from a few days, and no longer know what to do.
thx.
Antonio.
1 Replies
946 Views