JB,
I failed to add info re Access Control Lists ("ACLs") - how to set, per connecting office user, in my previous post.
I'm trying to make all this easy. Meaning, as much as possible, helping people to NOT have to issue commands TO SET permissions from the Terminal.app window command line. (But, it turns out that there is at least one such command that you will need to use, in order to set permissions for your shared folder.)
Now, locate and start your Terminal.app (it's in the /Applications/Utilities directory). The window that results, may be called any of:
Terminal.app window
Terminal window
Command line interface ("CLI") window
Commnd line window
Etc. (plus a bunch of things not fit for print)
You need to 'cd' to the parent (ie container) directory or volume for the folder that you are sharing.
For example, let's say that you are sharing a folder named "OfficeWork" and it is located within your Mac's home Public directory.
Unix path / POSIX path to the shared folder would be: /Users/jb/Public/OfficeWork
(Tap the Enter key after typing in the commands.)
Your command in the Terminal.app window would be:
cd /Users/jb/Public
Then, type in:
ls -le | grep '\(OfficeWork\|user\|group\)'
You'll at least see some result like / similar to (in this example, a POSIX permissions line):
drwxrwxr-x 7 jb staff 238 May 29 2015 OfficeWork
You might also see a line, or lines, like:
0: user:jb allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
1: group:officegroup allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity,file_inherit,directory_inherit
Now (recalling previous instructions of yesterday, 05/19/2016) go back to System Preferences > Sharing > File Sharing, the Users - Permissions table portion for your folder, OfficeWork, that you are sharing:
| Users |
Permissions
|
| JB (your Mac user account name) |
Read & Write |
| OFFICEGROUP |
Read & Write |
| Everyone |
Read Only |
There should be a "+" (PLUS symbol) button for you to click on below the Users area; click that button.
A list of your other office Mac users will (should!) be included in the pop-up window that is produced.
Select, one-at-a-time, each of the other office Mac users. Then, for each added user, set the Permissions to Read & Write. So you'll get / want something like:
Users
|
Permissions
|
| OtherUser4 |
Read & Write |
| OtherUser3 |
Read & Write |
| OtherUser2 |
Read & Write |
| OtherUser1 |
Read & Write |
| JB (your Mac user account name) |
Read & Write |
| OFFICEGROUP |
Read & Write |
| Everyone |
Read Only |
You may see some double entries there, on your Mac; do not worry about it. What's important, is that the other users show.
The steps that you took, there, created Access Control Entries ("ACEs") effectively creating an Access Control List ("ACL") that you'll see - keep reading . . .
Quit System Preferences. (BTW, I always go to Show All and then I quit System Preferences. Long story, that I'll skip.)
Now, using your Terminal.app window, tap your Return key a couple times - in order to provide a little vertical distance between your previous results and what you'll get now.
Enter the command (again):
cd /Users/jb/Public
Then, type in:
ls -le | grep '\(OfficeWork\|user\|group\)'
The result(s) should be something like this:
| drwxrwxr-x+ 7 jb staff |
238 May 29 2015 OfficeWork |
[or that might be:]
| drwxrwxr-x+ 7 jb officegroup |
238 May 29 2015 OfficeWork |
0: user:jb allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
1: user:officeuser4 allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
2: user:officeuser3 allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
3: user:officeuser2 allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
4: user:officeuser1 allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity
And possibly this line is there, too:
5: group:officegroup allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity,file_inherit,directory_inherit
My examples are probably not precise. But, the point is, that NOW there are ACE's (Access Control Entries) aka an Access Control List ("ACL") for your other office Mac users. The other office users should be able to connect and create files and folders and read and write.
BUT THERE IS PROBABLY STILL A CATCH - for example, YOU (at your office Mac) (or others) might not yet be able to edit some of the files that are other office Mac users' work, within the shared folder on your office Mac.
You'll need to use the Terminal.app window, in order to enter a command:
sudo chmod -R +a "OFFICEGROUP allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextat tr,writeextattr,readsecurity,file_inherit,directory_inherit" /Users/jb/Public/OfficeWork
The steps (today and yesterday) do work (I tested them - but again, I am using Mountain Lion).
Some observers of these instructions, may say, "You could have . . ." or "You didn't need to . . ."
When, my objective in trying to help you, includes trying to use the Apple Mac buttons here and there, as Apple has provided.
If you then say, "Well, Apple came up short." Yeah. But there might be another button? I'm not an expert; I am just trying to do what Apple expects / provides / wants; exhausting their steps, first. So, YOU can say, "I pretty much thoroughly did this and that" when you talk with some Apple genius.
ACL's are considered by the OS, before POSIX permissions. More info re ACLs:
MacTech
http://mactech.com/articles/mactech/Vol.21/21.05/ACLs/index.html
Marcel Bresink
http://www.bresink.com/osx/300644207/Docs-en/pgs/0160-ACL.html
-
