[PLUG] User and Group Recipes?

Louis Kowolowski louisk at cryptomonkeys.org
Wed Jan 16 17:27:39 UTC 2013


On Jan 15, 2013, at 12:42 PM, Michael Dexter <dexter at ambidexter.com> wrote:

> 
> Hello all,
> 
> I confess that it's been just root and me on my boxes for... ever but I 
> am now configuring more workgroup networks. As with all good 
> documentation, I come across lots of "here's how you configure group 
> permissions" with zero attention to strategies such as common r/o files, 
> shared individual files, private files, per-user drop boxes for other 
> users, mobile groups and the like... then the fun of when Samba does and 
> does not respect specific permissions and then of course ACL's and how 
> NFS might see things.
> 
> The best model for this I have found is "Samba 3 by Example" which 
> describes hypothetical offices but only a handful without newfangled 
> things like Mac TimeMachine backups, shadow copies and the like.
> 
> Clearly one can easily paint themselves into several distributed corners.
> 
Probably depends some what on the specific project you're working on.  For example, are you sticking with plain
groups?  ACLs? RBAC?  the multitude of flavors in MAC?  There are lots of ways to configure "group access".

A quick look at your sample of Samba looks like the focus is mostly on things like group permissions and sticky bits.

My suggestion would probably be to start with a white board and write some things down about how you want
to organize things, then follow up by drawing an example or three on the board to make sure your idea can apply in different ways, all of which fall under your umbrella of "this project".  Once you have your idea and examples solidified,
it should be fairly straight forward to execute the commands.

--
Louis Kowolowski                                louisk at cryptomonkeys.org
Cryptomonkeys:                      http://www.cryptomonkeys.org/~louisk

Making life more interesting for people since 1977




More information about the PLUG mailing list