Should I "ignore permissions"? [solved, samba write list]


I am running syncthing on three pc’s. They all are *buntu 14.04 but one of these machines hosts samba shares. Each user of the office has got his/her own samba shared folder. These users are part of the same group. Each user’s shared folder has “setGuid” in order that each new created file inherits group from parent folder.

So most of the time I don’t have to complain, sync’ are done and each user access files and folders according to rules/rights previously set.

But sometimes I have to change “group” for some files. I know files are given the same owner as the one running syncthing (this user is in the same group as above, so not a problem) but files dealt through syncthing are alson given that same group as the user running syncthing…

…which does not fit my situation : user’s office group sometimes lose access to some files after they’ve been sync’ed. Despite the setGuid bit.

So here is - at least - one question. What would happen if I set “Ignore Permission” ?

There would be no difference compared to now, except files are created with mode 666 (minus umask).

To enforce group on files, set g+s on the containing directory (Syncthing does no user/group juggling of its own).

You already did that. It should work; I don’t know why it doesn’t. Syncthing shouldn’t even be able to override it.

OK, you helped me fix the thing :wink:

Being told Syncthing can not override “group” actually means something else can override it : samba ! For some samba shared folders, the syncthing’s user was not in their write list.

I might have never assumed though that samba overrides the g+s bit. The syncthing’s user exists on system so it can write into samba-shared folders but samba does not know that user so its files are not dealt by samba… which finally deals with the permissions. So files created by that syncthing’s user stay with that syncthing’s user’s group. Errr… does it make sense ? Does g+s only apply to files that have same user as the parent folder ?

No… g+s only applies if parent’s group folder has write permission which leads me to think I should create a group for syncthing’s users if I want some specific “writing” users per samba-shared-folders + “writing” syncthing’s users… Well I go on struggling with samba :wink: