Skip navigation

Default file sharing permissions

1643 Views 5 Replies Latest reply: Jul 12, 2011 7:58 AM by jeremyfromwilmington RSS
gcosgrove Calculating status...
Currently Being Moderated
Apr 18, 2011 2:27 PM

I'm using Snow Leopard 10.6.6 Server with about 10 Mac desktops running 10.6 also.  I'm confused about ACL vs. POSIX sharing permissions.

 

I would like to have shared folder(s) where anyone can create folders and files that have default READ & WRITE permissions so that any other desktop user can open/modify/edit, etc any of the folders and files within the folders.

 

I set a FOLDER A to have the following permissions:

ACL

     Everyone; Allow; Full Control; This folder, Child folders, Child Files, All descendants (inherited)

POSIX

     sysadmin; Allow; Read & Write; This folder

     admin; Allow; Read & Write; This folder

     Others; Allow; Read & Write; This folder

 

And then someone creates a folder named FOLDER B in FOLDER A and those permissions are:

ACL

     Everyone; Allow; Full Control; This folder, Child folders, Child Files, All descendants (inherited)

POSIX

     bob (or whoever created the folder); Allow; Read & Write; This folder

     admin; Allow; Read Only; This folder

     Others; Allow; Read Only; This folder

 

And files created within FOLDER B has permissions:

ACL

     Everyone; Allow; Full Control; This file (inherited)

POSIX

     bob (or whoever created the file/folder); Allow; Read & Write; This file

     admin; Allow; Read Only; This file

     Others; Allow; Read Only; This file

 

How can I set this up so that users can create folders and files that other users can read & write?

Mac OS X (10.6)
  • Xepharalon Level 1 Level 1 (10 points)
    Currently Being Moderated
    Apr 18, 2011 4:28 PM (in response to gcosgrove)

    ACLs should be read first for access control, so you shouldn't have any problems with this setup. Have you actually encountered errors?

    If you're testing prior to applying this use the Effective Permissions Inspector (accessible through the gear under permissions settings of a share point) to see if your users have access. From server admin, select the AFP service, then from the Settings tab, select Access, and enable administrator to masquerade as any user. You can then create files and folders as different users and test your effective permissions again.

     

    Hope this works for you.

  • VincensoXFIN Level 1 Level 1 (40 points)
    Currently Being Moderated
    Apr 19, 2011 2:28 AM (in response to gcosgrove)

    So you want your users to gain access to all new child folders? You set all the permissions right in the folder A, but I think you have forgot to propagate permissions.

     

    Go to folder A (the main folder), and see if your permissions are still OK, (Everyone; Allow; Full Control; This folder, Child folders, Child Files, All descendants (inherited)). Then click the gear button in the bottom of server admin and click propagate permissions, and OK on the popup. Then it will rewrite permissions to all child files and folders. Did this help?

  • VincensoXFIN Level 1 Level 1 (40 points)
    Currently Being Moderated
    Apr 21, 2011 2:15 AM (in response to gcosgrove)

    So, old files are still in the right permission format, and only the new files have issues?

     

    I dont know if you described the full structure of your share point, but please do. Are there more folders above this level of subfolders? Look to top of the disk and check the permissions in there. For instance try allowing full control to almost root level of disk to everyone for a while to see if it would help.

     

    Yeah, it really sounds like something is making the ACL to be ignored. Can you edit the POSIX?

  • jeremyfromwilmington Calculating status...
    Currently Being Moderated
    Jul 12, 2011 7:58 AM (in response to gcosgrove)

    Has anyone figured this out?  Im having the exact same problem and can't seem to be able to find a fix for it.  Any help would be greatful.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.