This may not be the best from a security perspective but as you use samba, why not just set it to force the correct user, group and mask setting for that share?
My server at home is setup that way and it works just fine.
-Drew
On 06/21/2011, Todd Cary todd@aristesoftware.com wrote:
Grasping a full understanding of setting default Users, Groups and Masks has alluded me over the years, but now I find myself in a situation where manually "setting" the file/directory attributes is becoming a pain.
I understand the fundamentals of the file attributes, though from time to time I have to review the "sticky bit"; what I do not understand is where/how the attributes are set when a user creates or modifies a file/directory. Here is my situation:
My /var/www/html files have been manually set by me to apache/apache 774. This allows my PHP applications to access the files, and I assume this is a "good" setting.
Now, my server is connected via Samba to my desktop. If I create a file, it is todd/todd 744, so Apache cannot access them.
If PHP (Apache) creates or modifies a file, it is apache/apache 755, so I cannot access them (Write/Delete).
Is there a way to resolve this? When I FTP to a friend's rent-a-server, I can read/write/delete all of the files I have placed there *and* the same for files touched by PHP (Apache).
My Linux Admin books as well as my Linux books do not appear to cover this and/or my experience is lacking.
Todd
-- Ariste Software Petaluma, CA 94952
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos