2

I want to create a Samba share (with my NAS running on Linux) where Users are allowed to:

  • Create new files and new folders

And or are not allowed to:

  • Delete or edit files or folders

Since Linux only has rwx-Permissions without distinguishing between "write" and "rewrite" I wonder, whether this is possible.

(Although the OS and context is different, I want something similar to Allow users to create files but not edit and delete them. Additionally, folders added by the user should follow the same rules: no changing/deleting of files/folders in them)

Improve this question

1 Answer 1

Reset to default
1

There's a couple of a semi-answers here and here, and I think it's as close as you're going to get.

Basically, you need to set the owner of the files to not be a Samba user and the group of the files to one that the Samba user is not a member of (you can create a dummy group if needs be).

chown -R root:emptygroup * /path/to/dir/

Then set the sticky bit on the files to 1:

chmod -R 1777 /path/to/dir/

RESTRICTED DELETION FLAG OR STICKY BIT

The restricted deletion flag or sticky bit is a single bit, whose interpretation depends on the file type. For directories, it prevents unprivileged users from removing or renaming a file in the directory unless they own the file or the directory; this is called the restricted deletion flag for the directory, and is commonly found on world-writable directories like /tmp.

The linked posts talk about the need to schedule a cron job that sets the permissions on newly created files, but in your smb.conf file you could put the following lines that should take care of this situation:

inherit owner=yes
inherit permissions=yes
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .