permissions of recyclebin features

    • OMV 2.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • permissions of recyclebin features

      Hi,

      I've set up a windows share for multi user access with defined Acl using the webui.

      I've also ticked the "use a trash/recyclebin" option in the share.

      I've also ticked the "inherit acl" option and the multi user one, to keep my Acl working.

      All the rights i've set were working really nice so far until it comes to this ./recycle bin.

      Typically i've created an admin user owning everything in the share with RWX + a group lets call it "TRASHMEMBERS" owning this recycle bin with RWX, while its only WX for others. (dont want people to access certain files but still want them to be able to delete and send it to the recycle bin)

      What's happening so far is the user who deletes a file that he created, then automatically get the ownership of his file and it become impossible for the groupmembers of "TRASHMEMBERS" to delete it/recover it even though they have every rights on the parent folder (recyclebin).

      Also i tried to desactivate the treelike (keeptree = yes) in smb.conf and setting it with "no" doesnt change anything.

      Btw it seems the /etc/samba/smb.conf file is getting overwritten after any webui change/restart.

      Here's is a look at the smb.conf :

      Source Code

      1. #======================= Global Settings==================
      2. [global]
      3. workgroup = WORKGROUP
      4. server string = %h server
      5. dns proxy = no
      6. log level = 0
      7. syslog = 0
      8. log file = /var/log/samba/log.%m
      9. max log size = 1000
      10. syslog only = yes
      11. panic action = /usr/share/samba/panic-action %d
      12. encrypt passwords = true
      13. passdb backend = tdbsam
      14. obey pam restrictions = yes
      15. unix password sync = no
      16. passwd program = /usr/bin/passwd %u
      17. passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssucces$
      18. pam password change = yes
      19. socket options = TCP_NODELAY IPTOS_LOWDELAY
      20. guest account = nobody
      21. load printers = no
      22. disable spoolss = yes
      23. printing = bsd
      24. printcap name = /dev/null
      25. unix extensions = yes
      26. wide links = no
      27. create mask = 0777
      28. directory mask = 0777
      29. use sendfile = yes
      30. aio read size = 16384
      31. aio write size = 16384
      32. null passwords = no
      33. local master = yes
      34. time server = no
      35. wins support = no
      36. #======================= Share Definitions================
      37. [sms-omv-nas]
      38. path = /media/7bbf91ea-8b4e-48de-825a-ed831c5df81e/partagewindows/
      39. guest ok = no
      40. read only = no
      41. browseable = yes
      42. inherit acls = yes
      43. inherit permissions = yes
      44. ea support = no
      45. store dos attributes = no
      46. vfs objects = recycle
      47. recycle:repository = .recycle/%U
      48. recycle:keeptree = yes
      49. recycle:versions = yes
      50. recycle:touch = yes
      51. recycle:directory_mode = 0777
      52. recycle:subdir_mode = 0700
      53. recycle:exclude =
      54. recycle:exclude_dir =
      55. recycle:maxsize = 0
      56. printable = no
      57. create mask = 0755
      58. force create mode = 0644
      59. directory mask = 0755
      60. force directory mode = 0755
      61. hide dot files = yes
      62. valid users =
      63. invalid users =
      64. read list =
      65. write list =
      Display All
      So lets say i have user "admin" owner of everyfiles, group "TRASHMEMBERS" owning the ./recycle directory, if my user John deletes a file, it's actually going in the ./recycle directory as : owner = John, groupowner = users and that sucks :S

      Any help pls?
    • I do not see anything in the docs that might help here: samba.org/samba/docs/man/manpages/vfs_recycle.8.html
      Suggestions are welcome.
      Absolutely no support through PM!

      I must not fear.
      Fear is the mind-killer.
      Fear is the little-death that brings total obliteration.
      I will face my fear.
      I will permit it to pass over me and through me.
      And when it has gone past I will turn the inner eye to see its path.
      Where the fear has gone there will be nothing.
      Only I will remain.

      Litany against fear by Bene Gesserit
    • I still can't get the vfs:recycle attributes to work.

      However I've changed my mind and set up
      create share = 0773
      directory mask = 0773
      force directory mode = 0773

      in smb.conf for every shares with a recycle.bin, and use o=rwx on the .recycle/ directory allowing anybody to undelete their own mistake without accessing other's folders in the .recycle bin.

      My issue now is that OMV config somewhere seems to erase those parameters to default one (0755 for the 3 above) upon specific actions (like removing/adding a share to SMB/CIFS in GUI). Is there a way to prevent this ? Is there a file to force my settings and be sure this wont be replaced in any way ? Because with 0755 it would allow people to actually see a lot of stuff in the recycle.bin feature and maybe some they dont deserve to.

      Help appreciated. <3
    • You can use the environment variables to inject your personal requirements. See github.com/openmediavault/open…t/mkconf/samba.d/20shares for their names. You must enter them into /etc/default/openmediavault.

      Regenerate the configuration with

      Shell-Script

      1. # omv-mkconf samba
      Absolutely no support through PM!

      I must not fear.
      Fear is the mind-killer.
      Fear is the little-death that brings total obliteration.
      I will face my fear.
      I will permit it to pass over me and through me.
      And when it has gone past I will turn the inner eye to see its path.
      Where the fear has gone there will be nothing.
      Only I will remain.

      Litany against fear by Bene Gesserit