[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensolaris-storage-discuss
Subject:    [storage-discuss] Solution to overly-restrictive SMB file
From:       Dan Anderson <opensolaris () drydog ! com>
Date:       2007-12-30 13:02:35
Message-ID: 10101844.1199048585065.JavaMail.Twebapp () oss-app1
[Download RAW message or body]

Here's a workaround to the problem with SMB creating files with permission 000 + ACL, which means only the owner can access the file.  It's a cron script that runs periodically to fix the permissions to make files accessible by other users.  It's a kludge, but it works until a better solution is available (such as a mechanism to have more-reasonable default file permissions :-).

#! /bin/ksh
DESIRED_OWNER_GROUP="samba:dan"
BASEDIR=/export
DATEFILE=${BASEDIR}/acl-date
FILE_PERM="read_data/write_data/append_data/read_xattr/write_xattr/delete_child/
read_attributes/write_attributes/delete/read_acl/synchronize:allow"
DIR_PERM="read_data/write_data/append_data/read_xattr/write_xattr/execute/delete
_child/read_attributes/write_attributes/delete/read_acl/synchronize:allow"
# Change Ownership
find $BASEDIR -exec chown -R $DESIRED_OWNER_GROUP {} \;
# Change File permissions
find $BASEDIR -type f -exec chmod A=owner@:${FILE_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type f -exec chmod A+group@:${FILE_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type f -exec chmod A+everyone@:${FILE_PERM} {} \
;
# Change Directory permissions
find $BASEDIR -newer $DATEFILE -type d -exec chmod A=owner@:${DIR_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type d -exec chmod A+group@:${DIR_PERM} {} \;
find $BASEDIR -newer $DATEFILE -type d -exec chmod A+everyone@:${DIR_PERM} {} \;
touch $DATEFILE
 
 
This message posted from opensolaris.org
_______________________________________________
storage-discuss mailing list
storage-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/storage-discuss
[prev in list] [next in list] [prev in thread] [next in thread]