Linked by Brian Snipes on Sat 10th Apr 2004 07:28 UTC
Recently I got the opportunity to setup a new lab for a small school. The server runs Linux and the workstations run WindowsXP. There are 3 levels of access on the workstations (admin, teacher, and student) and security on the workstations is based on Windows policies applied at logon.
Permalink for comment
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
chmod 775 /home/samba/teachers
...
directory mask = 0775
Well, in order to disallow users (of group "teachers" here) to just remove the whole dir, maybe by mistake... I'd change set the "sticky" bit on it, ie:
chmod 1775 /home/samba/teachers
directory mask = 1775
But while we're at it, since Linux supports "inheritance" of the GID bit on files when a directory is setgid, why not use that, like:
chmod 3775 /home/samba/teachers
directory mask = 3775
And when useing a filesystem that supports it (such as ext2 or ext3) you can set the inmuteable attribute on it, as well:
chattr +i /home/samba/teachers
Furthermore, the 2.6.x kernel series support POSIX ACLs and Samba 3.x can translate that to MS-Windows ACLs in such a way that the Linux box would look very much like a NT server... (From the perspective of a "Windows Explorer" session on the client.)
http://www.bluelightning.org/linux/samba_acl_howto/
http://networking.earthweb.com/netsysm/article.php/10954_3077971_1
Kernel 2.4.x can be patched to support it, BTW:
http://acl.bestbits.at/
Have fun ...