permissions on smbfs mounted drives

[WarMachine]

Any way to let a specific user(s) have different read and write access to these shares?

I'd like to give full (read and write) access to 2 users and root (duh)
Read only access to 1 user
and keep all the other users from reading or writing

having to list the usernames to keep out totally wouldn't be tedious if it is the only option, there's less than 10 users on the system

Thanks for help on any of these

[474]

Linux and related software doesn't reliably support POSIX access control lists yet so I think the answer is, sadly, no - at least, not in the manner I think you're asking. You're limited to the user/group/others permission scheme.

I think the only way you can accomplish this to have the share mounted for each user on your Linux client as part of a login script in ~/.bash_profile and unmounted at the end of a user session, rather than having it mounted at boot. This mount process could take advantage of the "-t smbfs -o uid,gid,fmask,dmask" options so you can set the appropriate permissions for the user for the mount point of the share during their session. In fact you could put the mount command in a separate file (non-writeable by your users) and source it in .bash_profile, this preventing the users from working around the restriction. So you can set fine-grained permissions for each user, plus you can elect not to mount the share in the first place for those users who shouldn't have access. It could even be scripted so that you maintain the permissions in a database or config file or something for easier maintenance. Does that sound reasonable?