File/Folder sharing and child files/folders not inheriting parent permissions?

Discussion in 'macOS' started by Mindflux, Nov 16, 2007.

  1. Mindflux macrumors 68000

    Mindflux

    Joined:
    Oct 20, 2007
    Location:
    Austin
    #1
    Say I've got a folder called "Media" shared out, me and 'mediauser' have read/write, and everyone else has no access.

    Now, say that /Media/Movies exists, the permissions for Movies is Me - read/write, everyone else read only.. and mediauser is absent from the list.

    So, not only does Movies not allow mediauser to write to that folder(directory), but it also allows 'everyone' to read it.

    This is an odd issue for me. Yes I can go to the parent container and tell it to apply permissions to everything inside of it, but i'd have to do that every time a new file or directory is made.

    This is ESPECIALLY apparent with samba mounts. Say /Media/Movies/The Big Lebowski.mp4 has permissions of me (read/write), and everyone else (read) but mediauser (who is attached by SMB) has no permissions (Because they are not inherited). You'd think he'd fall into the 'everyone else' category to be able to read/stream that file.. however that is NOT the case.

    If I add 'mediauser' as a readable permission on "The Big Lebowski.mp4", then yes I can read/stream it.

    Why are parent permissions for shared folders not inherited for everything contained within it, both old and new?
     
  2. Mindflux thread starter macrumors 68000

    Mindflux

    Joined:
    Oct 20, 2007
    Location:
    Austin
  3. Mindflux thread starter macrumors 68000

    Mindflux

    Joined:
    Oct 20, 2007
    Location:
    Austin
  4. nordmats macrumors newbie

    Joined:
    Sep 25, 2006
    #4
    Have you found an answer yet? I have the same problem, but I can create folders in the main share but not in the sub folders. On the server my user is in the Access list with full control permissions.
     
  5. Mindflux thread starter macrumors 68000

    Mindflux

    Joined:
    Oct 20, 2007
    Location:
    Austin
    #5
    It has to do with ACL's, which are not modifiable via GUI.
     
  6. nordmats macrumors newbie

    Joined:
    Sep 25, 2006
    #6
    But it worked in Tiger server and I was using ACL there to. Exact same config, I upgraded to Leopard and then it stop working, even on folder I create myself thru samba.
     
  7. Virgil-TB2 macrumors 65816

    Virgil-TB2

    Joined:
    Aug 3, 2007
    #7
    The only thing I have to add (only semi-constructive), is that you have hit on one of the true weak points of OS-X in general. Permissions have always been "problematic" in OS-X and I have yet to work out exactly why and what to do about it myself. For instance there does not seem to be even an agreed upon or useable tool for managing groups in OS-X.

    Personally, I would really like some expert to chime in on this one as I am fairly well versed in OS-X myself and have on occasion asked greater experts than myself at my place of work, similar questions. The only answer I have ever gotten is "Yeah, permissions suck in Finder" or "don't ask" and a roll of the eyes.

    Apparently it's not only a f*ck-up, it's a very complicated f*ck-up. :rolleyes:

    Permissions are notoriously impossible to manage in Finder (the GUI) and probably you shouldn't even try to do it from there. There is also a bug in Leopard (hoping they fix this with 10.5.2), wherein the little "lock" icon in the GetInfo dialogue box does not update. If you click the lock to allow you to change the permissions, when you click it a second time to re-lock it, nothing happens. If you close the GetInfo dialogue and re-open it you will see that the lock is indeed locked, and that it was only the graphic that failed to update. This sometimes leads to people clicking the lock on and off many times and if the number of times is odd instead of even, it leaves the permissions (unknowingly) unlocked.
     
  8. adamswick macrumors newbie

    Joined:
    Jan 29, 2008
    #8
    Recommendation

    I recommend a utility called Path Finder. Unlike OS X Finder, subfolder creation in PF will inherit permissions from the parent.

    I am not sure if you noticed, but if you are an administrator on your machine and you change a folder's owner to "root", you can no longer change anything in the folder unless you have group privileges to that folder. In PF, you will be prompted to enter the administrator's login info, similar to what you would do at the command prompt with the "sudo" command.

    I hope Apple changes this in Finder.
     

Share This Page