I have a share point for the shared applications folder. This auto-mounts on clients correctly but when a file is created the permissions are such that the owner can't write to it (locally: root:wheel rw-r–r– On the server: nobody:everyone rw-r–r– group:group1 inherited allow read,write,execute,append,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown). The user is still able to delete the empty file.
I don't know what more info to provide, any help is appreciated! Thanks!
Best Answer
When
/Network/Applications
is mounted on the clients, it will be mounted before a user has logged in, so it will be mounted as a guest. It will stay mounted as a guest even when a user logs in. No matter what permissions you have on the client, the AFP server is mapping it to nobody. Please have a look at my answer to this question:In short, your clients will not reliably be able to create or modify anything in
/Network/Applications
because they will be doing so with no real credentials. You could possibly use NFS instead of AFP, because NFS uses a (less secure) model of trusting the client computer to control file access. However, you would be far better off using Mac OS X Server's concept of Group Folders to allow users to read and write using their own credentials.