Home / server / Questions / 114270
Accepted
cb0
Asked: 2010-02-19 07:22:10 +0800 CST

Samba Public and "Dropbox" folder

  • 772

I want to create a special Group Directory structure for my Users.

/home/groupA - home folder for groupA where every user of groupA can create/edit/delete files

/home/groupA/Public - Public Folder where every user can read files

/home/groupA/Public/Dropbox - Folder where every user can write files but only users of groupA can access this directory and create/edit/delete files

Now I have:

4 drwxrwx--t 10 nobody groupA 4096 Feb 18 15:44 /home/groupA  
4 drwxrwxr-x  7 nobody groupA 4096 Feb 18 15:40 /home/groupA/Public/    
4 drwxrwx-w- 10 nobody groupA 4096 Feb 18 15:55 /home/groupA/Public/Dropbox

My smb.confcontains the following entries

[groupA]  
path = /home/groupA  
comment = Folder for users of groupA    
browseable = yes  
read only = no  
create mask = 0770  
directory mask = 0770  
force group = groupA

[groupA Public]
path = /home/groupA/Public
comment = Admins Public   
Browseable = yes  
write list = @groupA  
create mask = 0775  
directory mask = 0775  

[groupA DropBox]  
path = /home/groupA/Public/Dropbox  
comment = groupA Dropbox  
read only = no   
valid users = @groupA  
browseable = yes  
inherit owner = yes  
directory mode = 3770  
force directory mode = 3770

The working part is that users of groupA can access and fully use /home/groupA. All users can access /home/groupA/Public/ and read the files from there.

My problem is that all users, even those who are not in groupA, can access the /home/groupA/Public/Dropbox and see all files. I just want them to be able to put files in there but not see the content of the folder and prohibit them from deleting any files in there.

Does anybody have a clue what could be the problem and how I can fix it?

network-share permissions samba

3 Answers

  1. Best Answer

    Unfortunately it's impossible to make a folder in which you can't list contents and can write files, Windows goes crazy when it sees something like this.

    Most users can't deal with something like this through FTP, where it's quite common configuration.

    You'll need to use some kind of website that allows posting files.

    • 2

  2. We do this type of thing for our school district, on Debian Linux. We setup the shares as such in smb.conf:

    [Classwork]
path = /usr/local/share/Classwork
inherit permissions = yes
writeable = yes
comment = "All users can read contents and subfolders; only staff can write to it"

[Dropbox]           
path = /usr/local/share/Dropbox
writeable = yes
inherit permissions = Yes
comment = "All users can see the Dropbox folder, and each staff member has a group. Students (or teachers) can drag files into the folder, but not open them up. Only the staff member who owns the folder can open it, or its contents"

    Set the permissions on the folders in the file system, not in Samba. Try that out, and report back.

    • 1

  3. You'll want the drop box to have write privileges, but not read privileges. So 773 would let others write files to the folder, but only the owner and group can read them.

    Edited: Misread the premise of the dropbox.

    So, it turns out I misread the whole question, and don't know what the issue is. But I did find this article, which might be helpful if you haven't already read it.

    • 0