On Tue, Aug 9, 2011 at 12:56 PM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
On 8/9/2011 12:32 PM, Trey Dockendorf wrote:You could make a separate samba share with different ownership. At some
>
>
> Now I have a new requirement passed to me, which is a bit more complicated.
>
> How would I allow individual users the ability only to access specific
> subfolders within that share without them being a part of the
> department_a group? My initial idea was to make use of ACLs, but if the
> POSIX permissions don't allow them write access, then ACLs won't help,
> will they ? The model is I need users of group department_a to have
> full control over this share while allowing individual faculty members
> to access only their personal folders within this share.
point it might make more sense to use a web-based content manager that
understands logins/permissions or perhaps a wiki that permits uploads
instead of randomly mapping file access around. If the users in
question already have home directories on the server you might make
things work for individuals with symlinks out of their home directories
that show up by default in samba - or map the URLs into the public_html
directory you get with ~ expansion so the home directories are
self-contained.
That will probably be the best option while we move these sites to a CMS. The users are accustomed to using Windows drive letters that are mapped by our AD to access their content, and I'd like to have to leave that intact for now.
Now the fun part of making that many share definitions not take up 100's of lines in my puppet node definitions :-/.
In case anyone is interested I've uploaded what I have thus far for my Puppet samba module. It's here, https://github.com/treydock/puppet-samba
Thanks
- Trey
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
