I'm trying to setup a AFP share and get afpd/netatalk to force the permissions on newly created files/directories.
Group inherit is handled by setgid bit on parent/root directory and works just fine, however when I create eg. a new directory in the share, it results in:
drwxrwsr-x. 3 owner shared_group 4096 Nov 10 22:31 test_folder
instead of
drwxrws---. 3 owner shared_group 4096 Nov 10 22:31 test_folder
My volume settings are the following:
file perm = 0660
directory perm = 2770
However this is being OR'ed with client requested permissions (according to the afp.conf manual and my manual source code verification.
We previously used samba which allowed forcing permissions:
create mask = 660
force create mode = 660
security mask = 660
force security mode = 660
directory mask = 2770
force directory mode = 2770
directory security mask = 2770
force directory security mode = 2770
I tried setting umask option to 0000 thinking OR'ed with "file perm" and "directory perm" would get me to "force" .. but it doesn't, still the same result.
Is there a way to force permissions on files and directories in afp/netatalk?
I've quickly realised I failed to understand umask.
setting umask:
umask = 0007
fixed the issue, newly created file/directories now have correct permissions:
drwxrws---. 3 owner shared_group 4096 Nov 10 22:31 test_folder