On Wed, Apr 1, 2009 at 12:31 PM, Steven Lembark <lemb...@wrkhors.com> wrote: > That was the idea, RH did it that way a dozen > years ago for exactly the reason you mention: > dir mods of 02770 make it easy to share files > but require 002 umask. Fix was to set the > per-user group, allowing private dir's (largely > $HOME) to have tighter mods with files below > them "group readable" by a single-user group.
Hey, I use 2770 for directories too, but I notice there's one problem with that setup. If a user moves or copies a directory to a share that with 2770 mods, the files under moved directory retain their old group. Which is technically correct: small, tightly managed shares (I'm thinking programmers and code) probably need user-intervention for keeping permissions in check. But I'm doing a bunch of really large data shares on the order of several thousand pictures, sounds, clips, etc that are meant to have essentially free-for-all permissions, and having to manually have all users change the group of copied/moved files to the shared group wasn't acceptable. So I did a workaround for it so that files under my shares are correctly group-owned after default copy/move operations. The workaround I did? The "real" share is under /store, but the shares being directly accessed by the users are actually samba exports which force the user and group permissions to be correct for sharing via force user mask and friends. Unfortunately, this workaround doesn't help with a shared winedrive (I figure wine does weird things with opening files multiple times or something, which makes sense, it's a bunch of programs/libraries). What does work though, is to create a shared winedrive under an NTFS partition and to mount that using the users group. I'm not too amenable to creating a shared NTFS drive for everything else though! It's ext3 for me. Does that sound like an overly roundabout way to do things? My smbd's system use doesn't bother me. The "there must be a better way to do it" voice at the back of my head sometimes does, though.
