1

I have setup a Samba share on Ubuntu 12.04 for our finance team, and they access it via Windows 7 and Mac OS X. They mount the share using their LDAP credentials. All of our LDAP users have "employees" as their primary group, and the finance team belongs to a secondary group named "finance".

When any of the finance team members create a folder within the Samba share, the folder's group defaults to "employees". How can I force all files and folders created on the share to have the group set to "finance"?

zymhan
  • 1,351
  • 1
  • 14
  • 30

2 Answers2

3

For share foo, with path /bar/foo, the following in your smb.conf file should do it:

[foo]
        path = /bar/foo
        force create mode = 0020
        force directory mode = 0030
        force group = +finance

The mode statements are to ensure that all directories and files created via samba are group-writeable: it's no good just being group-owned by the right group if that group has no privileges to do anything.

MadHatter
  • 78,442
  • 20
  • 178
  • 229
  • Can you explain how "force create mode" and "force directory mode" work? I can't really figure out what this is telling me: http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#FORCECREATEMODE – zymhan Jun 21 '13 at 20:14
  • 1
    As used above, the first says that regular files must have the group-write bit on, whatever else they may or may not have; the second that all directories must have the group write and execute bits on, whatever else they may or may not have. – MadHatter Jun 21 '13 at 20:32
  • Gotcha, thanks. I like this solution the best, as I can use it within my samba configuration. – zymhan Jun 21 '13 at 21:44
1

You can use setfacl for this purpose. Man setfacl here. Setfacl allows you to set ownerships and rights different than default ones. Here is a similar question which can also helps you:

Community
  • 1
philippe
  • 2,131
  • 4
  • 30
  • 53