Has anyone had the problem of Microsoft Word or Excel file writes taking over ownership of a file?
I have a 720 at OS version of 5.1.2R3 running both the NFS and CIFS protocols. The filer contains only the root volume which has multiple qtrees of UNIX style security.
Scenario:
CIFS user#1 creates a Microsoft Word document which has write access at the UNIX group level. CIFS user#2, who is in the same UNIX group, modifies the file and automatically becomes the UNIX owner of the file.
This works the same for Excel documents but not for text documents using Notepad.
All help is appreciated.
Ken
Has anyone had the problem of Microsoft Word or Excel file writes taking over ownership of a file?
Not personally with these particular applications (I don't routinely work with my DOC and XLS files as anybody but "keith"), but I think I can explain the root cause.
Scenario:
CIFS user#1 creates a Microsoft Word document which has write access at the UNIX group level. CIFS user#2, who is in the same UNIX group, modifies the file and automatically becomes the UNIX owner of the file.
This works the same for Excel documents but not for text documents using Notepad.
Many Windows applications manipulate their underlying working set in peculiar ways. When you use a Windows application to open a file, work on it, and then save it back into the file system, what you see is not often what you get. It is not uncommon for an application do it's business by opening, reading and then closing the original file, creating and actually working with a temporary file, and finally writing everything you've done completely into the temporary file, deleting the original and renaming the temporary to the original name. Other seemingly wacky combinations of behaviour are also possible, but the result is unfortunately often the same as far as the effect on file ownership goes. What you have in the file system after the fact is not an edited version of the original file, but a newly created file that carries the ownership of the last editor.
On an NTFS file system, these types of behaviour are not usually a problem. Ownership of a file or directory under Windows/NTFS is not quite the big deal it is under the UNIX security model, as most of the actual permissions that govern who can do what to a file are defined by the contents of its ACL, not who owns it (although you do normally get permissions aplenty from ownership, unless the ACL has contents to stop that happening). On UNIX file systems the story is different though, and I believe that is what is causing you some distress in your scenario.
Alas there is no good workaround of which I am aware, other than to switch to using NTFS security. The new implementation of our multiprotocol security design for NTFS and MIXED file system styles in Data ONTAP 5.3+ is very flexible. It allows UNIX system access to filers to be entirely governed by the NTFS security model, although if you have a very UNIX-centric background it will involve you learning some new tricks. When you start using Windows security to govern the activity of UNIX users, political issues can sometimes crop up! :-)
Keith
-
Keith Brown -
Ken Zola