Understanding Linux Security and Groups
OK... I am trying to understand the linux file-sharing/security/networking model... it seems like for every file/directory/whatever you can assign/set the rights/privlidges for user/group/everyone. Now... this model seems exceptionally limited to me so I am trying to figure out if I understand it correctly, because I am sure that I do not.
For example, let us say that you had a reasonably sized corporation where you had several groups. For this example, let us say cats, dogs, owners, and food. Then let us say you had several shares, cat bed, dog house, owner house.
Now... food is just the food, it shouldn't have access to any of those shares, cats should have access to the cat bed share only, dogs should have access to the dog house only, but neither of those groups should have access to the owner house, and the owner house should have access to all 3 shares.
How could you even set something like that up? Particularly if there were multiple owners in each?
Now that I have asked that question, which I just want to understand on a more philosophical level (because I really am curious, I am hoping to move away from Windows completely as soon as I can, I do NOT like the direction that M$ is heading...), I have a more specific question...
I have migrated my domain controller from Windows 2000 to Linux and have samba and everything working so I can share files. The problem is, I have several users and each time they write a file, files do not seem to inherit the permissions of the directory they are in by default. It seems that they always seem to have the permissions set so that only the user that creates/whatever the file has the access to move or delete it, but I want all users to have administrative privlidges for now (this is in my house, so it is just me and my wife, the moment a kid comes along we may have to adjust that a bit...)
How can I set the default permissions for files that are created on the network? I mean, I don't want everyone to have privlidges to them, such as any guest users or anything... but we are both in the same group that I created for us so at the least I want that group to have all privlidges, by default, on the shared network drives...
How does one manage this?