Calling all Samba Pros!

[Mitch Anderson]

> # IS THIS THE CORRECT OWNER.GROUP?

These look good to me.

> chown root.data -R /disk/save/data
> chown root.developers -R /disk/save/developers
> chown root.engraving -R /disk/save/engraving
> chown root.office -R /disk/save/office
> chown root.shipping -R /disk/save/shipping
> chown root.studio -R /disk/save/studio
> 
> # ARE THESE THE RIGHT PERMISSIONS?

To keep everyone else out of these directories... yes that also looks
correct to me.
> 
> chmod 0770 /disk/save/data
> chmod 0770 /disk/save/developers
> chmod 0770 /disk/save/engraving
> chmod 0770 /disk/save/office
> chmod 0770 /disk/save/shipping
> chmod 0770 /disk/save/studio
> chmod 0770 /home/profiles
> 
> # SHOULD THESE PERMISSIONS BE DIFFERENT?

Nope, those should be fine...
> 
> chmod 0775 /usr/lib/samba/netlogin
> chmod 0775 /var/spool/samba
> 
> # ADD USERS TO LINUX?
> adduser gabe -G admin,data,office

<snip>
> 
> # Store the profiles in the home directory for easy back-up.
> [profiles]
> 	browseable = No

These look like a problem to me... 
instead you need create mask = 0660  

with 0600 only root and the creator has write/read access to the file...
unless thats what you want. Also change directory mask to 0770 unless
you only want the owner and root again to be able to access...

Also I would add the option "force group <groupname>" this helps to keep
the files always in the group they belong...

> 	create mask = 0600
> 	directory mask = 0700
> 	path = /home/profiles
> 	profile acls = yes
> 	read only = No
> 
> # Let Unix users find there home directories even if not in another share.
> [homes]
> 	browseable = No
> 	comment = Home Directory
> 	create mask = 0600
> 	directory mask = 0700
> 	read only = No
> 
> # Regular Shares:
> [data]
> 	browseable = No
> 	create mask = 0600
> 	directory mask = 0700
> 	force group = data
> 	path = /disk/save/data
> 	read only = No
> 
> [developers]
> 	browseable = Yes
> 	create mask = 0600
> 	directory mask = 0700
> 	force group = data
> 	path = /disk/save/developers
> 	read only = No
> 
> [engraving]
> 	browseable = Yes
> 	create mask = 0600
> 	directory mask = 0700
> 	force group = data
> 	path = /disk/save/engraving
> 	read only = No
> 
> [office]
> 	browseable = Yes
> 	create mask = 0600
> 	directory mask = 0700
> 	force group = office
> 	path = /disk/save/office
> 	read only = No
> 
> [shipping]
> 	browseable = Yes
> 	create mask = 0600
> 	directory mask = 0700
> 	force group = studio
> 	path = /disk/save/shipping
> 	read only = No
> 
> [studio]
> 	browseable = Yes
> 	create mask = 0600
> 	directory mask = 0700
> 	force group = studio
> 	path = /disk/save/studio
> 	read only = No
> 
> # Printer Shares:
> [printers]
> 	browseable = Yes
> 	comment = All Printers
> 	path = /var/spool/samba
> 	printable = Yes
> ########
> 
> _________________________________________________________________
> Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
> http://join.msn.com/?page=features/featuredemail
> 
> .===================================.
> | This has been a P.L.U.G. mailing. |
> |      Don't Fear the Penguin.      |
> `==================================='