OSX file sharing permissions

Discussion in 'macOS' started by Drew80, Jan 11, 2013.

  1. Drew80 macrumors newbie

    Joined:
    Jan 11, 2013
    #1
    Hey everyone,
    I'm still using an old Snow Leopard install on my Mac Mini, and I have a file sharing issue that I've been playing with for hours now. I have a folder on the server that I want to share across my network, but only to certain users (really just myself). I have file permissions for Everyone set to "No Access" and RW access for myself. I have guest access disabled.

    Guests can't see any shared folders, as intended, but my wife can still log into the server and not only see the folder but get full write access. Does Snow Leopard just not respect file permissions?
     
  2. switon macrumors 6502a

    Joined:
    Sep 10, 2012
    #2
    RE: permissions, servers, file sharing...

    Hi Drew80,

    I don't know how "big", in size, is the folder that you are trying to share, but if there are a significant number of files/folders in it then you may have to wait some time before it becomes available. Basically, if you recently changed the permissions to give yourself R/W, then the server has to propagate those permissions to all files/subdirectories in the share before they actually become available to you. Depending upon the size of the share and the number of files, this can potentially take hours.

    ...just a thought...

    Regards,
    Switon
     
  3. Drew80 thread starter macrumors newbie

    Joined:
    Jan 11, 2013
    #3
    It's large in total size, but there aren't many files or folders. The files are just big.

    If it were a propagation issue, I would expect that I might not have access while it's resolving that, but I would never expect my wife to have access when permissions for Everyone are set to 0.
     
  4. switon macrumors 6502a

    Joined:
    Sep 10, 2012
    #4
    RE: does your wife...

    Hi Drew80,

    Does your wife own the files or belong to the same group? Is she sharing using a different protocol, perhaps SMB? How is she mounting the shares?

    ACLs and POSIX permissions are different and slightly complementary and contrasting. Take a look at the actual ACL permissions on a file that your wife has access to with the Terminal command:

    ls -ale <filename>

    where <filename> is the filename of a file that your wife can read and write. Are there "inherit" privileges on the directory/subdirectory?

    Good luck,
    Switon
     
  5. Drew80 thread starter macrumors newbie

    Joined:
    Jan 11, 2013
    #5
    She's accessing the server via the shared section in Finder, so (afaik) that's AFP.

    Even if she belonged to the same group, I have group permissions disabled. The shared folder is set to 700. Just as a sanity check, I did a chmod -R 700 on all subfolders and files within the shared folder. Still full access from my wife's computer.

    WTF :confused:
     
  6. switon macrumors 6502a

    Joined:
    Sep 10, 2012
    #6
    RE: ACLs vs POSIX...

    This is why I suggested that you check the ACLs and not just the POSIX...

    Switon
     
  7. Drew80 thread starter macrumors newbie

    Joined:
    Jan 11, 2013
    #7
    One thing I just found that might be a factor -- this is an external drive.
     
  8. Drew80 thread starter macrumors newbie

    Joined:
    Jan 11, 2013
    #8
    I checked the ACLs on the shared folder and the files within, and there are no rules set up. So no, there's isn't an inherit going on.
     
  9. Drew80 thread starter macrumors newbie

    Joined:
    Jan 11, 2013
    #9
    As another sanity check, I set permissions to 600, and no one could access the folder. It appears that any user hitting a shared folder that is on an external drive accesses that folder as the owner.
     
  10. switon macrumors 6502a

    Joined:
    Sep 10, 2012
    #10
    RE: file sharing and server software...

    Hi,

    I'm not certain just what options you have for file sharing without the server software since I use the server software for my shares. But with the server software you can control things like this, i.e., when a user mounts the share they are considered to be the owner. This can be turned off in the server software too, but I'm not sure it can be turned off in the non-server Mac OS X file sharing.

    Switon
     
  11. ZMacintosh macrumors 65816

    ZMacintosh

    Joined:
    Nov 13, 2008
    #11
    this may sound silly, but is Ignore ownership on this volume checked for the external drive?
     
  12. Drew80 thread starter macrumors newbie

    Joined:
    Jan 11, 2013
    #12
    It actually wasn't originally, but I fixed that early in the thread. Still no luck.

    I'm leaning toward this being a bug in Snow Leopard. I have all permissions set correctly, and the volume is explicitly set to NOT ignore ownership, and anyone is still allowed to view this folder. Don't see another explanation.
     

Share This Page