smbcacls

Previous page
Table of content
Next page
   
smbcacls

This program provides a way of modifying Windows NT ACLs on files and directories shared by the Samba server.

Command synopsis 

 smbcacls //   server   /   share filename     [options]

Options

-A acls

Adds one or more ACLs to the file or directory. Any ACLs already existing for the file or directory are unchanged.

-M acls

Modifies the mask of the ACLs specified. Refer to the following section, "Specifying ACLs," for details.

-D acls

Deletes the specified ACLs.

-S acls

Sets the specified ACLs, deleting any ACLs previously set on the file or directory. The ACLs must contain at least a revision, type, owner, and group .

-U username

Sets the username used to connect to the specified service. The user is prompted for a password unless the argument is specified as username % password . (Specifying the password on the command line is a security risk.) If -U domain \\ username is specified, the specified domain or workgroup will be used in place of the one specified in the smb.conf file.

-C username

Changes the owner of the file or directory. This is a shortcut for -M OWNER : username . The username argument can be given as a username or a SID in the form S-1- N-N-D-D-D-R .

-G groupname

Changes the group of the file or directory. This is a shortcut for -M GROUP : groupname . The groupname argument can be given as a group name or a SID in the form S-1- N-N-D-D-D-R .

-n

Causes all ACL information to be displayed in numeric format rather than in readable strings.

-h

Prints a help message.

Specifying ACLs

In the previous options, the same format is always used when specifying ACLs. An ACL is made up of one or more Access Control Entries (ACEs), separated by either commas or escaped newlines. An ACE can be one of the following:

REVISION : revision_number
OWNER : username_or_SID
GROUP : group_name_or_SID
ACL : name_or_SID : type / flags / mask

The revision_number should always be 1. The OWNER and GROUP entries can be used to set the owner and group for the file or directory. The names can be the textual ones or SIDs in the form S-1- N - N - D - D-D-R .

The ACL entry specifies what access rights to apply to the file or directory. The name_or_SID field specifies to which user or group the permissions apply and can be supplied either as a textual name or a SID. An ACE can be used to either allow or deny access. The type field is set to 1 to specify a permission to be allowed or for specifying a permission to deny. The mask field is the name of the permission and is one of the following:

R

Read access.

W

Write access.

X

Execute permission.

D

Permission to delete.

P

Change permissions on the object.

O

Take ownership.

The following combined permissions can also be specified:

READ

Equivalent to RX permissions

CHANGE

Equivalent to RWXD permissions

FULL

Equivalent to RWXDPO permissions

The flags field is for specifying how objects in directories are to inherit their default permissions from their parent directory. For files, flags is normally set to . For directories, flags is usually set to either 9 or 2 .

   

Previous page
Table of content
Next page
Using Samba
Using Samba: A File and Print Server for Linux, Unix & Mac OS X, 3rd Edition
ISBN: 0596007698
EAN: 2147483647
Year: 2003
Pages: 475
Authors: Gerald Carter, Jay Ts, Robert Eckstein
BUY ON AMAZON
C++ GUI Programming with Qt 3
Developing Tablet PC Applications (Charles River Media Programming)
Cisco IOS Cookbook (Cookbooks (OReilly))
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Programming .Net Windows Applications
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy