Trouble with file permissions on samba share.. file creation mask, etc.

Latest response

 

I'll do my best to explain this. Let me know if any other information is needed. Full disclosure; I am using Centrify to integrate this system into Active Directory. 

 

This is my smb.conf file: 

 

[global]
    security = ADS
    realm = child.root.pri
    workgroup = CHILD
    netbios name = server

    auth methods = guest, sam, winbind, ntdomain
    machine password timeout = 0
    passdb backend = tdbsam:/etc/samba/private/passdb.tdb

    #
    #   Using kerberos keytab may lead to a serious samba crash.
    #   Centrify recommends against using it.
    #   Kerberos authentication is still supported without it.
    #
    use kerberos keytab = No

    # If your samba server only serves to Windows systems, try server signing = mandatory.
    server signing = auto

    template shell = /bin/bash

    winbind use default domain = Yes

    winbind enum users = No
    winbind enum groups = No
    winbind nested groups = Yes

    ignore syssetgroups error = No
    idmap uid = 1000 - 200000000
    idmap gid = 1000 - 200000000

    enable core files = false
    #  Disable Logging to syslog, and only write log to Samba standard log files.
    syslog = 0

[datasets]
        path = /datasets
        comment = ETL Datasets
        read only = no
        public = no
        write list = +ETL_DataStage_Admin +ETL_DataStage_User KingZing

 

If user1 creates a file in the datasets share, user2 cannot change it. 

 

KingZing goes to the share and creates test.txt - permissions are as follows. 

-rwxr--r-- 1 KingZing KingZing    0 Jul 28 08:02 test.txt

 

So no other users can edit/change/delete that file... and that's now what we want. :( 

 

What do I need to adjust? 

Responses