I see "everyone permission" at windows security even i didn't add.

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

I see "everyone permission" at windows security even i didn't add.

Samba - General mailing list
I created a share with the config I gave below. As you can see in pictures
I have two Everyone at "Permission" and one Everyone at "Share" section.
These permissions comes when i create a share.. One of them is definitely
related to samba because it is in the "share" section, but I guess the
other two permits are comes with "posix acl".

But i did not add everyone permission to my share? I did "setfacl
other:---" and "public = no" Where these permissions are come from?

I know "everyone" permissions are harmless but still I don't want to see
them. Do you know a way to delete these permissions when you create a samba
share?

getfacl iotest/
# file: iotest/
# owner: root
# group: root
user::rwx
user:8008:rwx
group::---
mask::rwx
other::---

------------------------------

[iotest]
    comment = iotest ACL Test
    path = /ozkaniotest/iotest
    valid users = "test.local\test"
    admin users = "test.local\test"
    write list = "test.local\test"
    public = no
    read only = yes
    inherit permissions = yes
    inherit acls = yes

BTW: I use ZFS as filesystem and my zfs parameters are:


   - aclytpe=posixacl
   - xattr= sa

*Yes, pictures are not in English but this is just Windows Security->
Permission tab.. And attrb's are not important.*

[image: https://i.imgur.com/F0G0G6V.png]
<https://i.stack.imgur.com/plLMP.png>[image: enter image description here]
<https://i.stack.imgur.com/7CYib.png>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: I see "everyone permission" at windows security even i didn't add.

Samba - General mailing list
On Thu, 30 Nov 2017 14:09:44 +0200
Özkan Göksu via samba <[hidden email]> wrote:

> I created a share with the config I gave below. As you can see in
> pictures I have two Everyone at "Permission" and one Everyone at
> "Share" section. These permissions comes when i create a share.. One
> of them is definitely related to samba because it is in the "share"
> section, but I guess the other two permits are comes with "posix acl".
>
> But i did not add everyone permission to my share? I did "setfacl
> other:---" and "public = no" Where these permissions are come from?
>
> I know "everyone" permissions are harmless but still I don't want to
> see them. Do you know a way to delete these permissions when you
> create a samba share?
>
> getfacl iotest/
> # file: iotest/
> # owner: root
> # group: root
> user::rwx
> user:8008:rwx
> group::---
> mask::rwx
> other::---
>
> ------------------------------
>
> [iotest]
>     comment = iotest ACL Test
>     path = /ozkaniotest/iotest
>     valid users = "test.local\test"
>     admin users = "test.local\test"
>     write list = "test.local\test"
>     public = no
>     read only = yes
>     inherit permissions = yes
>     inherit acls = yes
>
> BTW: I use ZFS as filesystem and my zfs parameters are:
>
>
>    - aclytpe=posixacl
>    - xattr= sa
>
> *Yes, pictures are not in English but this is just Windows Security->
> Permission tab.. And attrb's are not important.*
>
> [image: https://i.imgur.com/F0G0G6V.png]
> <https://i.stack.imgur.com/plLMP.png>[image: enter image description
> here] <https://i.stack.imgur.com/7CYib.png>

Yes, I do know of a way to remove the entry, go to windows and remove
ALL the entries, go to Unix and set Unix permissions on the directory
and files, never look at or change the permissions from windows ever
again.

OR, to put it another way, either use posix ACLs or Windows ACLs, not
both as you are trying to do now.

Change the share to this:

[iotest]
    comment = iotest ACL Test
    path = /ozkaniotest/iotest
    read only = No

and set the permissions from Windows

Or carry on as you are doing now and IGNORE the share tabs on windows.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba