[ILUG] Samba Query
Niall O Broin
niall at linux.ie
Wed Mar 2 10:56:47 GMT 2005
On 2 Mar 2005, at 10:38, Dale Dunlea wrote:
> We use Samba as our domain controller. Someone recently did something
> silly, and accidentally dragged an entire directory into another
> directory without noticing, thus "losing" it. He claims that he has
> worked on systems in the past which allowed creation and modification
> of a file, but not deletion. Now, to me this sounds a little silly. If
> you can modify a file, then you can truncate it to zero bytes, making
> inability to delete somewhat of a moot point. Nonetheless, I suppose
> it would make it harder for people to do stupid things.
>
> Does such a feature exist in Samba, and if not, can someone at least
> tell me it doesn't exist in windows either such that I can refute his
> claim.
I don't think this feature exists in Samba, because in order to be able
to create a file in a Unix directory, you need write permission on the
directory, which also allows you to delete files. It's been a while but
AFAIR Netware has Delete and Write as separate rights and I think NT
has the same. As you pointed out, it's not terribly useful, except to
stop accidental deletions.
Unix file permissions have historically been much less granular than
other OS such as VMS or Netware. Using ACLs allows for finer control of
file permissions, and this document
http://www.bluelightning.org/linux/samba_acl_howto
might be helpful.
Niall
More information about the ILUG
mailing list