Sharing a share

Setting up the server so files created on a share are always readable (and writeable) by a group proved to be a bit tricky. Lion clients tend to create files that are only accessible by the user who created them. It works well for private folders, but creates problems for common shares like media archives. If one user saves a photo on the common share another user cannot access it even if they are bot in the same group. So here are the steps to share the share:

  1. assign a common group to the share: sudo chgrp -R media /Volumes/Media
  2. set group suit bit on the directory, so files created in the directory have the required group ownership: sudo chmod g+s /Volumes/Media
  3. set ACL for the media group to allow reading and writing on the share and set the inheritance to files, folders, and descendants. You can it from a command line, I used Sandbox a free tool by Michael Watson.
  4. propagate the ACL permission down the share subtree. Use Sandbox.
  5. enable ACL for samba shares: sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server AclsEnabled -bool YES
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: