Hello,
I suppose already created 2 shared folders + a user 'john'.
\\omv\HR
\\omv\IT
Question: is it possible to let user "john"
- having ReadOnly on \\omv\HR\Plan
- but he's not allowed to list folder contents of its parent \\omv\HR (looks like the "Traverse folder / execute file" permission on Windows Server if I'm not mistaken)
Thanks for your help and kindly see my configurations below.
In the picture for ACL on the plan folder. Look at read only check for John. Notice the tiny red triangle by the checkmark. Anytime you see this red triangle a setting may have been saved but it is not applied to the configuration. These settings will not work until applied and the red triangle is gone.
Dear tekkbebe,
I'm already noted about the red triangle but not luck after applying again.
Can you have a checking on your side, or do we have some sharing scenarios from wiki/somewhere else?
Thanks!
Give me screenshot of your shared folders and the smb/cifs page where you added shares to samba.
If you just want this user to have access to this folder you might create another shared folder. Then share it with SMB/CIFS. Then use symmlinks from the Plan folder to the new folder for this user. This way he would not be able to browse the folder structure you have setup.
Create new shared 'Plan' should do the trick, but it doesn't make sense from my side as the sharing environment will be messing-up then.
From the user-side, it's allowed to display two shared "HR" and "IT" in this case only.
Please check the below screenshots
bump.... I will try to look at this over the weekend.
I just tested it. It does work for the filesystem, however I have not yet figured out how you tell samba to acknowledge that flag.
Greetings
David
I can't. I tested it via CLI. It does not work with samba, and I can't find out how to tell samba to acknowledge it.
Greetings
David
Got it. But you have to workaround pretty dirty to get this to work.
Let me think about it for a bit more...
Edit: The philosophy of OpenMediaVault is, that all users are in the users group and that all shares are owned by root:users. This makes the use of the traverse flag impossible. To be able to use it we either have to remove of the users group (from a user) or be able to change the owner:group of the shared folders. This means, for now you would need to create a new group and then change the group of the share to this new group. All Members that are allowed to access full HR get into this group. The other members just get the permission to access their specific folders, and chmod has to be changed to 771 for the HR folder.
Greetings
David
Honestly, I did as your suggestions, but really do not know why it does not works ?!
Did I miss something?
The problem is that you need to give Plan-Read read rights via ACL on HR and you need to remove the read/write chmod from the HR folder for the users group - this allows plan-read to move through that folder, but it renders it at the same time unusable for all other users. Therefore you need to have the plan-read user NOT in the users group, so that you don't have to change the chmod for the group, but you can't pull him out of the group via the webinterface.
Greetings
David
I eventually cannot deal with this 
Would you mind telling me the steps should have to do in detail, from a to z if possible pls (or a short video tut will be great)
Much appreciated!
Don't try it... I have to speak to Volker to enable this from the GUI.
Greetings
David
After talking to Volker I wrote down the needed things as best as I could do.
I hope that it helps him to understand and implement it properly.
http://bugtracker.openmediavault.org/view.php?id=1023
Greetings
David
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!
