On Fri, 5 Mar 2004 14:55:47 -0700, Eric Diamond <eric@xxxxxxxxxxxx> wrote:
Friday, March 05, 2004 11:46 AM, Ryan Duff said...
this is what the share looks like in my samba.conf file
[music] valid user = ryan path = /mnt/music create mode = 0777 directory mode = 777 browseable = yes comment = music writeable = yes
encrypt passwords is set to yes and security is set to share
there is also a homes share
[homes] comment = Home Directories browseable = yes writeable = yes
The shares show up in network neighborhood but when I click on them it tells me I don't have permission to access the share. My windows user and password match my linux user/pass and samba user/pass. Any more suggestions.
Your share definitions look good, but you should change browsable to no in
the homes definition. You should also change the security setting to user.
Then make sure your directory permissions are set correctly.
In user security mode, file and directory access are actually controlled by
linux, not samba. There are ways to use samba to fool the OS and manage
security itself, but I've found that's much more trouble than it's worth.
Home directories should be owned by their respective users. The group should
be the same as the user. Permissions should be 700 or rwx------.
Your other share should also be owned by you and your group with the same permissions.
Public shares should be owned by user nobody, a group of your own choosing
(I usually use users) and you should make sure all smb users are included in
that group. File permissions should be 777 or rwxrwxrwx.
Group shares should have an appropriate user and group. I usually create a
dummy user so I get both the user and the group, but you could just as
easily make the owner nobody and create a special purpose group. Make sure
the appropriate users are group members and then set the permissions to 770
or rwxrwx---.
Managing your access this way also means you don't need valid user lists in
your share definitions. You can also manage the visibility of yor shares.
Users who don't have read and excute permissions on a shared directory won't
see the share.
(They may be able to get to it if they explicity code it's path, but if they
don't have complementary permissions they won't be able to do anything with
it. I'm still experimenting on making shares users don't have access to
truly invisible to them while still allowing selective access. Watch this
space, more on this later...)
Eric Diamond eDiamond Networking & Security 303-246-9555 eric@xxxxxxxxxxxx
I changed the security level to share and now my folder shows up, I'll change browseable to no on the homes share b/c I don't need to see that but I guess I need to check my permissions on my music folder because it still won't let me access that. I think I'm on the right track tho.
I just tried a chown -R ryan music and it told me operation not permitted. I was logged in as root and it says the owner and group are root. any suggestions on that one?
Thanks for the help.