Creating a "dropbox" share where all users can save work, but only staff members can read it
Shared areas that are writable by all users are generally a very bad idea. However, the risks can be mitigated if the permissions are set up so that users can only read, write and delete their own files. It is also possible to give staff read and write access to all files and folders in that there.
- Log on as root and go to a command line
- Create the dropbox folder by running the command:
mkdir -p /usr/shares/dropbox
- Give everyone write access to the folder but, crucially, only allows users to delete files they've created. Run the command:
chmod 1777 /usr/shares/dropbox
- In conjunction with the permissions set later, allow staff members read and write access to the whole of the dropbox. Run the command:
chgrp staff /usr/shares/dropbox
- Add the following to
/etc/netmanager/smb.shares.Do this by running the command:
joe /etc/netmanager/smb.sharesand then adding the lines at the end. Save the file by type Ctrl-K followed by X.
[dropbox] comment = User work drop box path = /usr/shares/dropbox browseable = yes create mode = 0660 directory mode = 0770 writable = yes
- The configuration file will be automatically re-read, so the share will be virtually immediately available
- Alter your logon script to map the share as a drive