Web lists-archives.com

[Samba] "Create-only" Samba share


I'm sharing a ZFS (ZoL) directory through Samba. Right now I have it set up so my user has full RWX access to everything, but for security reasons I'd like to only allow myself to copy and read files and create and list directories, but make it so once something is created I can't modify it in any way other than by logging in through SSH. I've looked at several threads in various places, but I've not seen a definite answer on how to do this, beyond some hinting at it involving ACLs in some unspecified way. My understanding is that ZoL doesn't support Linux ACLs, so I'm wondering if it might be easier to just make a modification to smbd. After all, all I'd need to do is check if a flag for the share is set when the user attempts certain actions (e.g. delete, rename, etc.), right? I'm thinking something like

path = /mnt/foo
valid users = foo
available = yes
browseable = yes
writable = yes
read only = no
create only = yes   ; <==

Any opinions?


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba