RoseValley

Q: network users create files with incorrect permissions

Hi,

 

Here is my situation. I have setup a single MacPro as a temp file server. It has 3 X 3TB HDD's that are each set as a shared volume and the permissions are set yo Read / Write on all levels. The problem is when a user logs into the server and creates a file or folder, the permissions are set at RW for the owner only and Read Only on the rest. I have removed and reset all volumes and made sure that they had all open Read Write permissions and the same problem. Anyone have any ideas on where to look next?

 

Thank you,

Kevin

 

PS: I am using the Open Directory from another server if that matters.

Mac OS X (10.7.4), Lion Server

Posted on May 23, 2013 8:29 AM

Close

Q: network users create files with incorrect permissions

  • All replies
  • Helpful answers

  • by jepping,

    jepping jepping May 24, 2013 3:19 AM in response to RoseValley
    Level 2 (430 points)
    May 24, 2013 3:19 AM in response to RoseValley

    Hi Kevin,

     

    Does the MacPro run it's own Server software and does it act as an replica?

     

    Reading your setup it might be a replica, so all shares need to get ACL permissions from the replica-master OD.

    Just setting POSIX permissions on shares is going to mess things up.

    Everytime someone creates a file is does exactly what you describe RW-R-R permissions just like POSIX.

    Disable the share and enable it with correct ACL permissions for a specific group or users from the master OD.

    Goodluck

     

    Jeffrey

  • by infinite vortex,

    infinite vortex infinite vortex May 27, 2013 2:17 AM in response to RoseValley
    Level 7 (21,405 points)
    May 27, 2013 2:17 AM in response to RoseValley

    You need to either set up your Mac Pro up either as an OD replica as jepping suggest else at least have it join the OD master as a client to get access to the OD users and groups. After which use Server.app to apply ACLs to your file shares, and subdirectories, in Harware > server name > Storage.

     

    If you've set it up right the POSIX permissions should be rather meaningless as the ACLs should take precedence. For instance, all my share points are owned and only writable by root:wheel.