diff --git a/docs/yodldocs/smb.conf.5.yo b/docs/yodldocs/smb.conf.5.yo index 6b302fb335f..8aedc667fa3 100644 --- a/docs/yodldocs/smb.conf.5.yo +++ b/docs/yodldocs/smb.conf.5.yo @@ -878,6 +878,8 @@ it() link(bf(hosts deny))(hostsdeny) it() link(bf(include))(include) +it() link(bf(inherit permissions))(inheritpermissions) + it() link(bf(invalid users))(invalidusers) it() link(bf(level2 oplocks))(level2oplocks) @@ -1569,6 +1571,7 @@ See also the link(bf("force create mode"))(forcecreatemode) parameter for forcing particular mode bits to be set on created files. See also the link(bf("directory mode"))(directorymode) parameter for masking mode bits on created directories. +See also the link(bf("inherit permissions"))(inheritpermissions) parameter. bf(Default:) tt( create mask = 0744) @@ -1912,6 +1915,8 @@ See also the link(bf("create mode"))(createmode) parameter for masking mode bits on created files, and the link(bf("directory security mask"))(directorysecuritymask) parameter. +See also the link(bf("inherit permissions"))(inheritpermissions) parameter. + bf(Default:) tt( directory mask = 0755) @@ -2253,6 +2258,8 @@ mask"))(createmask) parameter is applied. See also the parameter link(bf("create mask"))(createmask) for details on masking mode bits on files. +See also the link(bf("inherit permissions"))(inheritpermissions) parameter. + bf(Default:) tt( force create mode = 000) @@ -2277,6 +2284,8 @@ link(bf("directory mask"))(directorymask) is applied. See also the parameter link(bf("directory mask"))(directorymask) for details on masking mode bits on created directories. +See also the link(bf("inherit permissions"))(inheritpermissions) parameter. + bf(Default:) tt( force directory mode = 000) @@ -2690,6 +2699,42 @@ is included literally, as though typed in place. It takes the standard substitutions, except link(bf(%u))(percentu), link(bf(%P))(percentP) and link(bf(%S))(percentS). +label(inheritpermissions) +dit(bf(inherit permissions (S))) + +The permissions on new files and directories are normally governed by +link(bf("create mask"))(createmask), +link(bf("directory mask"))(directorymask), +link(bf("force create mode"))(forcecreatemode) and +link(bf("force directory mode"))(forcedirectorymode) +but the boolean inherit permissions parameter overrides this. + +New directories inherit the mode of the parent directory, +including bits such as setgid. + +New files inherit their read/write bits from the parent directory. +Their execute bits continue to be determined by +link(bf("map archive"))(maparchive), +link(bf("map hidden"))(maphidden) and +link(bf("map system"))(mapsystem) as usual. + +Note that the setuid bit is *never* set via inheritance +(the code explicitly prohibits this). + +This can be particularly useful on large systems with many users, +perhaps several thousand, +to allow a single bf([homes]) share to be used flexibly by each user. + +See also link(bf("create mask"))(createmask), link(bf("directory mask"))(directorymask), +link(bf("force create mode"))(forcecreatemode) and +link(bf("force directory mode"))(forcedirectorymode). + + bf(Default) +tt( inherit permissions = no) + + bf(Example) +tt( inherit permissions = yes) + label(interfaces) dit(bf(interfaces (G))) @@ -2709,7 +2754,7 @@ it() a network interface name (such as eth0). This may include it() an IP address. In this case the netmask is determined from the list of interfaces obtained from the kernel it() an IP/mask pair. -if() a broadcast/mask pair. +it() a broadcast/mask pair. endit() The "mask" parameters can either be a bit length (such as 24 for a C @@ -2902,7 +2947,7 @@ label(level2oplocks) dit(bf(level2 oplocks (S))) This parameter (new in Samba 2.0.5) controls whether Samba supports -level2 (read-only) oplocks on a share. In Samba 2.0.4 this parameter +level2 (read-only) oplocks on a share. In Samba 2.0.5 this parameter defaults to "False" as the code is new, but will default to "True" in a later release. @@ -6364,7 +6409,7 @@ tt( username map = /usr/local/samba/lib/users.map) label(utmp) dit(bf(utmp (G))) -This boolean parameter is only available if Samba has been configured and compiled +This boolean parameter is only available if Samba has been configured and compiled with the option tt(--with-utmp). If set to True then Samba will attempt to add utmp or utmpx records (depending on the UNIX system) whenever a connection is made to a Samba server. Sites may use this to record the