From owner-freebsd-questions@FreeBSD.ORG Sun Feb 5 23:24:50 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F9521065752 for ; Sun, 5 Feb 2012 23:24:50 +0000 (UTC) (envelope-from fbsd@thorshammare.org) Received: from smtprelay-b12.telenor.se (smtprelay-b12.telenor.se [62.127.194.21]) by mx1.freebsd.org (Postfix) with ESMTP id C1BF58FC1C for ; Sun, 5 Feb 2012 23:24:49 +0000 (UTC) Received: from ipb2.telenor.se (ipb2.telenor.se [195.54.127.165]) by smtprelay-b12.telenor.se (Postfix) with ESMTP id B3DACC353 for ; Mon, 6 Feb 2012 00:24:48 +0100 (CET) X-SENDER-IP: [83.227.225.121] X-LISTENER: [smtp.bredband.net] X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AiNvAA0PL09T4+F5PGdsb2JhbABBoD+NensZAQEBATcygXMBAQEDAQEBBSACEAwIAgYYCwcCBAMBAQkNAjcZDgEFBAgDBxQBAQQIBwQBChIEh14GrgqJYIF6BQEBAQIBKgYBBAEBCQQUCw8GBIQLBwYNIwEVgxwEjUmFN5UE X-IronPort-AV: E=Sophos;i="4.73,366,1325458800"; d="scan'208";a="262173337" Received: from ua-83-227-225-121.cust.bredbandsbolaget.se (HELO odin.thorshammare.org) ([83.227.225.121]) by ipb2.telenor.se with ESMTP; 06 Feb 2012 00:24:48 +0100 Received: from Obah (obah.thorshammare.org [192.168.1.10]) by odin.thorshammare.org (8.14.5/8.14.5) with ESMTP id q15NOiqN013549; Mon, 6 Feb 2012 00:24:44 +0100 (CET) From: "Dan Nelson" Sender: "Hasse Hansson" To: References: In-Reply-To: Date: Mon, 6 Feb 2012 00:24:37 +0100 Message-ID: <000101cce45d$569f3e70$03ddbb50$@com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AczkLcsoDIgNegjXQ/SM78HDNU/Jdw== Content-Language: sv X-Virus-Scanned: clamav-milter 0.97.3 at mailhub.thorshammare.org X-Virus-Status: Clean Cc: 'FreeBSD Questions' Subject: Re: setuid directories - or other option? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Feb 2012 23:24:50 -0000 In the last episode (Feb 04), Modulok said: > I have a media project directory shared with windows users via samba. > Every authenticated samba user that accesses the directory is forced to > the same FreeBSD user, 'foo', regardless. The group also has > write-access: > > drwxrwxr-x 47 foo foo 2.5K Feb 4 05:42 foo/ > > Local shell users, however, are a problem. Ideally, I want a simliar > behavior for them too i.e. Any files they create in the directory are > also owned by the user 'foo'. How do I do that? (See below about > setuid.) > > I wouldn't even care who owns the files, so long as file permission bits > in this directory defaulted to 664 so every member of the group 'foo' > could edit them. Can I do this without changing every user's default > umask? (I want to avoid that.) Is there some kind of 'umask for this > directory is blah' feature? > > I looked at setuid bit on directories. Sounds perfect! BUT I'll be moving > to ZFS soon and from what I gather, it won't work there. I guess I could > have a cron job run every minute and change offending permission bits, but > that feels hacky. I think you mean the setgid bit (so that all files in the subdirectory will have group="foo"), and that should work on ZFS as well. Another option might be to use ACLs to grant access to the "foo" group outside of the standard unix mode system: setfacl -m group:foo:rwx:df:allow /path That will grant the "foo" group read/write/execute access on all files under "/path" , regardless of the regular owner/group/umask settings. Also, make sure that the zfs aclmode and aclinherit properities on the filessytem are set to something other than "discard". -- Dan Nelson dnelson@allantgroup.com _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"