NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
File permission service acc vs. permissions set in FrontView
I came to place where I can't figure out what I'm doing wrong and before I throw here wall of text with my config I have a question.
As far as I know Sabnzbd, SickBeard and CouchPotato are running on accout called admin, group admin.
I have my cifs permisions and two groups. RW and RO. If I add user admin to group RW he should have also priviliges to access shares with RW rights right? So now "he" is in two groups:
Correct me if I'm wrong but his main group is admin. So when "he" creates files/folders default group is admin. Is there a way to change default group, if there is anything like that under Linux. So each time a file or folder is being create he will be still owner but group will change.
If that's unclear I will explain my current permissions and hope for help.
Currently the problem is that files/folders downloaded by Sab are accessible for my user rwx but then depending on the content either ScikBeard or CouchPotato are renaming those files/folder and moving into right place. After that the folder is stil rwx but file is rw.
As far as I know Sabnzbd, SickBeard and CouchPotato are running on accout called admin, group admin.
I have my cifs permisions and two groups. RW and RO. If I add user admin to group RW he should have also priviliges to access shares with RW rights right? So now "he" is in two groups:
uid=98(admin) gid=98(admin) groups=98(admin),102(RW)
Correct me if I'm wrong but his main group is admin. So when "he" creates files/folders default group is admin. Is there a way to change default group, if there is anything like that under Linux. So each time a file or folder is being create he will be still owner but group will change.
If that's unclear I will explain my current permissions and hope for help.
Currently the problem is that files/folders downloaded by Sab are accessible for my user rwx but then depending on the content either ScikBeard or CouchPotato are renaming those files/folder and moving into right place. After that the folder is stil rwx but file is rw.
6 Replies
Replies have been turned off for this discussion
bbaraniec wrote: So when "he" creates files/folders default group is admin. Is there a way to change default group, if there is anything like that under Linux.
You can't change the group of files created by admin directly, but Google for "SGID". Its a special permission you can set that allows you to setup a folder such that any files/folders created within that parent folder assume the group rights of the parent folder, and not the user creating the file/folder.Currently the problem is that files/folders downloaded by Sab are accessible for my user rwx but then depending on the content either ScikBeard or CouchPotato are renaming those files/folder and moving into right place. After that the folder is stil rwx but file is rw
What's wrong with that? Seems appropriate to me.- Your post got me thinking and I think I totally screw up permissions in Frontview.
Lets go thru that again.
My idea was having Nas requiring authentication in order to access shares, so what I did:
1. Created 3 users: me, my wife and son - so far ok.
2. Created 2 group: RO and RW, my sons account is in RO, me and my wife acc are in RW - so far ok.
3. Created a share Videos:
http://imageshack.us/photo/my-images/820/cifs1.jpg/
Now advanced Cifs is as follows:
http://imageshack.us/photo/my-images/839/cifsadvance.jpg
So now where I'm kinda lost. Starting with Cifs tab. If me or my wife as a member of a RW group which has RW rights, creates a file or folder group rights are RW which is correct, everyone else has RO. Now who is everyone else? If I would set everyone else RW will that overwrite permissions from RO group? Which means that my sons account added to group RO will still have RW rights? This is what I don't get it.
So now when admin with default admin group is creating a file, my user is everyone else right? So even having RW to that share I can't delete file. - Don't confuse *Access* rights (upper part of your first image) with file/folder permissions (lower part of that image)
The upper part of the CIFS tab only controls who can access the share - it does nothing with respect to the permissions of files/folders created within the share
If a user has access, then any file/folder that user creates will - by default - be assigned to the primary group of that user which - again by default - is called "users". It is not clear from your description if you have changed that, or if "RW" and "RO" are secondary groups. *Permissions* of those files/folder will be determined by the lower half of the CIFS tab.
As for the Advanced Options - you might want to take a look at this - Yeah sorry for not clearing that out. RW is set as default group.
I'm just looking for best solution, should I give RW to owner/group and everyone and rest control over groups via protocol? - In most cases I'd recommend the following:
1. All users are members of the same primary group (eg "users" - the default)
2. Add users to secondary groups as required (eg RW and RO)
3. Control access to the share via the secondary groups in the upper half of the CIFS tab
4. Setup group permissions to read/write in the lower half of the CIFS tab
5. Set all permissions in the Advanced options tab to Read/Write (the default)
With the above, all users with Read/Write access rights to the share can access eachothers files. Everyone else gets read-only access
This doesn't address the issue of files created by the admin user - but that is a different topic that needs addressing separately - Thanks sphardy, after reading whole topic again, I see where I made mistake.
I haven't take CIFS into consideration. Now having only me accessing Nas I have have RW for everyone and control access via protocol which is fast and easy. At the same time I will have no problem accessing file created by user admin.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
