Re: [netatalk-admins] Problems grasping permissions with Netatalk

Subject: Re: [netatalk-admins] Problems grasping permissions with Netatalk
From: Jonathan Benson (tech@phoenixmags.com.au)
Date: Tue Aug 18 1998 - 04:13:11 EDT

• Next message: David Kulp: "[netatalk-admins] getppdent: line too long"
• Previous message: a sun: "Re: [netatalk-admins] Varying difference in file size on shares viewed from Macs"
• In reply to: rodgerd@wnl.co.nz: "[netatalk-admins] Problems grasping permissions with Netatalk"
• Reply: Jonathan Benson: "Re: [netatalk-admins] Problems grasping permissions with Netatalk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

rodgerd@wnl.co.nz wrote:

> *But* production can't copy files into the /home/clients/foo directory, or
> trash them. On the mac side, I get a generic "You don't have permission"
> error; on the Linux side, I see:
>
> Initially, I couldn't create folders, but resolved that after looking at the
> FAQ; I'm still stuck with the file creation.

Try setting the suid on the group.

Eg. chmod 2770 (from memory) or chmod g+s (for sure)

Then any folders/files created within that folder will inherit those permissions
(or something like that). Sorry I'm not too clear on the matter as I'm about to
flee the office and can't be bothered delving in to my memory banks. :)

I have 2 scripts I run for similar purposes and they MIGHT help you. They are
run from the root of the directory tree to be shared. I'm not sure if they are
current or reflect the current permissions on the directories, but...

This one is for a public directory which the group nobody can read/write to
and/or trash from. This is shared via the /etc/atalk/AppleVolumes.system file.
Anyone who connects as a guest will be able to connect to it, as can those in the
group nobody.

chown nobody.nobody .
chown -R nobody.nobody * .??*
chmod -R g+w * .??*
cd "Network Trash Folder"
chmod g+rx .
chmod -R g+rx * .??*
cd ..
chmod 2770 `ls -Ra | grep / | sed s/:$// | sed s/" "/?/g | sed s/"'"/?/g | sed
s/"\""/?/g`

This one is for the production directories. prod3 is just one of 4 users in the
production group. These users (and one other) are also in the group nobody.
These directories are only seen to them by the use of an "AppleVolumes" file in
their home directories. Eg. "/home/prod1/AppleVolumes"

chown prod3.production .
chown -R prod3.production * .??*
chmod -R g+w * .??*
cd "Network Trash Folder"
chmod g+rx .
chmod -R g+rx * .??*
cd ..
chmod 2770 `ls -Ra | grep / | sed s/:$// | sed s/" "/?/g | sed s/"'"/?/g`

I'm not sure, but the trash may be broken on the public share, but I think that's
a fault with netatalk and not my manipulation of the permissions.

Anyway, I hope that some of that makes sense. :)

Jonathan

--
Jonathan Benson B.Eng. (Soft Sys Hon) <tech@phoenixmags.com.au>
Systems Administrator, Phoenix Magazines, Phone: +61 3 9696 7200
http://www.phoenixmags.com.au

• Next message: David Kulp: "[netatalk-admins] getppdent: line too long"
• Previous message: a sun: "Re: [netatalk-admins] Varying difference in file size on shares viewed from Macs"
• In reply to: rodgerd@wnl.co.nz: "[netatalk-admins] Problems grasping permissions with Netatalk"
• Reply: Jonathan Benson: "Re: [netatalk-admins] Problems grasping permissions with Netatalk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:33:08 EST