File permissions and group and user access problem

Jeff Boyce jboyce at meridianenv.com
Thu Apr 27 20:01:21 UTC 2006 

Greetings -

    I am not sure if this is a Linux or a Samba problem, so let me know if I 
should be posting to the Samba list.  I am not sure I fully understand how 
permissions work and making sure they are set up properly.  I have read 
through all of my Linux, Samba, and networking books and haven't been able 
to resolved my issue.

My System:
    RHES 3 fully up to date
    Dell PE 2600 used primarily as a Samba file server to 10 Windows boxes

My Objective:
    I need to establish a directory for our accounting files that only allow 
two users to access the file.  The accounting software (QuickBooks) is setup 
on a desktop Windows box with the accounting data file stored on the Linux 
server.

What I have done:
    1.  Setup an Accounting directory on server; current permissions are 
drwxrws--T
    2.  Created an Accounting group on the Linux server and included the two 
users in this group.
    3.  Setup accounting users passwords (matching their Linux passwords) on 
a common Window box (vers. ME/2000) that is used by the two users.
    4.  A Guest user is also setup on this Windows box for other purposes (I 
realize the potential for risk with this but don't have another option, that 
is why I am trying to achieve my objective).
    5.  A copy of an accounting data file for testing purposes is on the 
Linux server with permissions of -rwxrw----
    6.  The owner of the accounting data file is one of the two users in the 
accounting group.
    7.  Both users in the accounting group can access the Accounting 
directory and accounting data file through Windows file manager and can make 
changes to the data file in QuickBooks.
    8.  The Guest user can not access the Accounting directory or data file 
through Windows file manager, but if they run QuickBooks they can open the 
data file and it accepts changes to the file (this is what I want to 
prevent).

What I need to do:
    I need to make sure that the Guest user (if they are able to start 
QuickBooks on this box) is restricted from making changes to the accounting 
data file.  In other words, the Linux file permissions would not accept any 
changes to the data file if it recognizes the Guest user is logged onto the 
box.

    Is this a Linux permissions issue, or a Samba share configuration 
problem?  I can post my Samba share configuration if that would assist. 
What should I change to address my problem and meet my objective?  Thanks.


Jeff Boyce
www.meridianenv.com

More information about the redhat-list mailing list