Currently Being ModeratedOct 11, 2012 9:24 AM (in response to jdejesus429)
Did you ever get a solution to this issue? I'm having the same problem with a couple of Mac users creating files where the inherit permissions are being ignored.
Currently Being ModeratedOct 11, 2012 9:42 AM (in response to dtodd-hta)
Unfortunately we have not found a solution for the problem. It seems to only be affecting users in Windows, luckily the two users have both Windows and Mac computers so they have ceased using windows for now to edit the files which is a headache.
I have tried redoing out ACL permissions, stop sharing and re-enabling and a few other things. NOTHING seems to help. Again, only affecting users on Windows, if the same user tried editing from a Mac it works. So i can confirm its not a user specific issue but just something to do with smb most likely
Currently Being ModeratedOct 22, 2012 6:07 PM (in response to jdejesus429)
I'll try to help you some. Most of this is from my experience with LINUX. Since the core OS and some of the technologies in OSX are taken from Open Source it should apply to you here on the Mac OS.
I do not know why this hasn't (or whether it has) been implemented in the GUI of the Mac OS.
I will try to answer some of your questions as they pertain to the Windows shares/samba. OSX does use samba.
In Linux, say Ubuntu, the configuration file for samba is in your "/etc/samba" folder and it is called "smb.conf", but under OSX the configuration file (smb.conf) is located directly in your "/etc" folder, at least it is under OSX 10.6.
You can open your terminal app and type "cd /etc"
Then you can do an "ls -al"
That'll list out the files in that folder. In that folder is the smb.conf file and if you use "more" ("more smb.conf") to view it you will see the settings (basic only -- actually quite primitive). In that configuration file it points to a "/var/db/samba/smb.shares" include file.
In that include file is where your shares are referenced. When samba loads it reads the original smb.conf file and reads the smb.shares also.
If you look at that file you'll see it has a section header and then the common entries related to each share's configuration.
There are at least two entries that relate to creating files. Those are:
create mask =
directory mask =
and there is the
read only =
Ensure that the read only flag is set to "no".
The create mask has to do with creating files. The directory mask is related to creating folders.
A create mask of 740 (create mask = 740) is only an example Create mask of 777 is an example that gives all permissions to everyone.
These numbers serve the same function in all of the file related mask and mode parameters. The numbers are "bit masks" for the file or directory access privileges.
- The first digit (7) indicates the file's owner's options.
- The second digit (4) indicates the file's group member's options.
- The third digit (0) indicates the file's options for everyone else.
A create mask of 644 would give:
read/write to the owner
read only to the group
read only to everyone else
A create mask of 777 would give
read/write to the owner
read/write to the group
read/write to everyone else
Remember these are only for when you create a file or folder.
When you set the permissions in "get info" and you click the padlock icon to unlock you can tell the system to copy your permissions to all sub folders and the files in them. That only applies to the existing folders and files. What I explained above applies to the files and folders someone creates after you set that all up.
So you can edit your /var/db/samba/smb.shares to modify the create and directory mask to make all new files added with certain permissions. In order to edit this file I'm sure you'll need to use "sudo" to make it work and I believe "nano" is available as a text based text editor. Ctrl+x exits nano.
Yeah, I just verified you can use nano to edit it and you proceed with sudo.
sudo nano /var/db/samba/smb.shares
In the *nix universe services were meant to be started and stopped on the fly. The samba service is known as the smbd daemon. While at the terminal command line you can type "sudo smbd restart". That should shut down the service and restart it. It should happen quickly and anyone connected should reestablish immediately.
In the event that doesn't work you may need to restart the server. I'm not sure how reliable Apple is when it comes to complying with those sorts of things.
This is by no means an indepth description. You'll have to read some more and experiment to get what you want, preferrably after everyone has gone home for the night and you have a chance to make some changes and test till you get what you want.
Currently Being ModeratedOct 22, 2012 6:53 PM (in response to jdblaich)
I just tested this and it didn't give me the results I was looking for. OSX may ignore these file and folder masks. I certainly hope not.
Currently Being ModeratedOct 22, 2012 7:29 PM (in response to jdblaich)
I did a bit of further testing and found that if I turned off AFP things worked better. Maybe AFP is overriding the samba permissions settings. I also noted that the newly created files prompted me for a password in order to change them. Apple is certainly doing something non-standard here.