# Samba, add permissions



## johndk (Dec 12, 2011)

Hello masters 

A question about permissions. I have 3 users, maria, cathy, ben. I create one group [smbusers]  and add maria, cathy and ben to this group. I have a storage with Samba, /files/sales. I add this group smbusers to sales with full permissions and it is working very well.


```
drwxrwxr--  /sales
```

My question is: how to add another user to sales with READ ONLY permission? Or how to add many groups to sales with different permissions?

Thanks.


----------



## soulreaver1 (Dec 14, 2011)

johndk said:
			
		

> Hello masters
> 
> A question about permissions. I have 3 users, maria, cathy, ben. I create one group [smbusers]  and add maria, cathy and ben to this group. I have a storage with Samba, /files/sales. I add this group smbusers to sales with full permissions and it is working very well.
> 
> ...



You can do that using samba permissions system. Read this: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html . Look for "valid users" and "write list".

I would do that this way (smb.conf):

```
write list = @sambausers_full // group with full acces. 
valid users= @sambausers // all users
```

sambausers_full memebers: maria, cathy, ben.
sambausers members: maria, cathy, ben, readonly_user, readonly_user2.

I assume that /sales is owned (chowned) by group sambausers with unix permissions 0770.


----------



## johndk (Dec 19, 2011)

Thanks soulreaver1 for your reply. I do it with valid users and write list.
Very useful is  ACL, Access Control Lists, I load them on my disk storage with tunefs.

I shut down the system to unload the disks with *shutdown now*.

```
#Enter full pathname of shell or RETURN for /bin/sh: 

#unmonting the disks
/sbin/umount /storage

#load the ACL on disk /storage

/sbin/tunefs -a enable /dev/ad0s1f

#with mount command i can see the acls
/dev/ad0s1f on /storage (ufs, local, soft-updates, acls)

# exit
That's it. ACLs are now enabled on /storage.
```
thanks


----------

