Pretty sure smb gets "control" of a directory via the group. For my
setup, each directory defined by a path in smb.conf has group
smbusers, and has rwx permissions. This is applied just to that
directory, it is not applied recursively. The files and folders in
that directory have the actual remote user's ownership and
permissions.
What is applied recursively is the selinux label. I find it's better
to have a dedicated filesystem volume so you can use the mount option
context="system_u:object_r:samba_share_t:s0" and that will apply that
context to the whole file system. If a file system volume is being
shared, then you'll need to use chcon -R
"system_u:object_r:samba_share_t:s0" <path> to apply that context to
everything. New files and directories will inherit this context (so
long as it's a copy and not a move; so if you move things behind the
scenes outside of samba, you can run into label problems since
inheritance doesn't apply to moving).
Chris Murphy
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
