On Thu, Aug 24, 2000 at 12:10:42PM +0000, Lars O. Grobe wrote: > Addressed to: Ethan Benson <erbenson@alaska.net> > debian-user@lists.debian.org > > ** Reply to note from Ethan Benson <erbenson@alaska.net> Thu, 24 Aug 2000 01:47:32 -0800 > > Hi! > > The admins want to read / write, because we have services like burning cd's, > printing / plotting etc. The user comes, the admin takes the file from the > user's home, ready. And if a user has deleted his windows-profiles or other > settings, the admin needs write. > > I don't want all users be able to read in other users home. But admins must > be able to read. > > If I would use the incoming-dir, I would also need an outgoing, and all users > would have to understand this concept. Users are not computer freaks here, but > students of architecture, and most don't know what is unix. On the admin side, > some admins work with windows clients, others with apple clients, they don't > want to learn unix permissions. in this case i would just create the users with primary group users and set the home directory permissions to 2770 group staff (or some other group, if you use staff be sure to fix the broken permissions on /usr/local/* and /var/local) you will probably have to play with samba a bit to get it to perserve the permissions properly, i have done it once but don't have access to the smb.conf at the moment. the private group system is really only helpful when the users are knowledgable of unix permissions. unix perms don't translate well into macos and win* anyway (especially given those OSes don't have much of a concept of permissions) all users will have to have a umask of 007 as well, not sure how you do that in netatalk... -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpCaMOF51Cv9.pgp
Description: PGP signature