Johannes Wiedersich wrote:
Almut Behrens wrote:
As to the permissions, setting the appropriate umask would be an
important prerequisite. However, it doesn't _enforce_ that files in
fact do end up with the required permissions (it's only a mask after
all). IOW, if someone copies a file that's not world- or group-
readable, it'll keep those insufficient permissions - they won't
automagically be corrected... (upon rethinking, maybe that's what
Johannes was referring to?) Unfortunately, there's no such thing as
a "set-permission bit" analogous to the set-GID bit on directories.
Yes, this is what I was referring to. I got tired of telling people
with access problems to go to the owner of the file and tell them to
chmod their files (and occasionaly forgot it on some of my own files...)
So, depending on how failsafe the whole thing is supposed to become,
some special care might need to be taken. Experience from real-world
scenarios, with real-world people (like you and me :) shows that
it's not a good idea to require them to always do something like
"chmod -R g+rX ..." after having copied stuff into the public folder.
This _will_ be forgotten, sooner or later...
One possible workaround would be to use some kind of wrapper script to
"upload" files (and ensure correct permissions), or something like that.
The solution I chose was this:
- export and mount the 'public' folder enforcing a special user and
group.
If the directory is mounted from a client machine the squash_all
option ensures that the mounted directory belongs to a special user
(lanshare in OP's case) and group. In our case this is the desired
behaviour (ie. also non-owners can delete a file), but I think it
could adapted.
(Drawback: It only works on clients, not on the machine with the
directory itself. I'm not sure, how to implement this. )
Looking at the manuals, I saw that /etc/exports applies to nfs; I
don't know if and how such a solution would work on zeroconf (netatalk).
The solution via a special upload skript to change the permissions
sounds about as complicated as the manually chown approach -- having
users who are used to drag or copy/paste files accross with a file
manager.
Another solution could be to run a cron job to regularly chmod -R g+rX
the directory.
Johannes
Thanks for the clarification Johannes.
What I've been trying to figure out is if there is something in Debian
Linux that is analogous to "folder actions" in OS X. That is enabling a
folder to respond to various events (opening, closing, adding to,
deleting from, ...) by automatically running a script tied to an event.
As I previously noted, this isn't really much of an issue in my little
implementation, but I would like to address as many issues as possible
in my writeup of the approach. I'm aiming the writeup at Mac users that
are putting up with doze on their LAN because they can make it work with
samba, and don't realize how much easier and safer (i.e. cleaner) a
Linux component on their LAN would be even if they have to interface
with external doze :-)
Lee C
PS: Jaccon - please post replies to the list. You will have better
exposure for your follow up questions - i.e. someone smarter than me
will also see them :-) I don't reply to OL inquiries unless they are
necessarily personal in nature - hope you understand.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
