Re: Samba Permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stormblaze wrote:
On Thu, 11 Nov 2004 16:07:06 +0000, Elvis <elvislives@xxxxxxx> wrote:

Stormblaze wrote:



On Thu, 11 Nov 2004 16:12:12 +0100, shrek-m@xxxxxx <shrek-m@xxxxxx> wrote:


Stormblaze wrote:





Ok, Samba is up and running. I can see the share I set up. However, I
can not write to it. What I'd like to have is for the default to be
read only and allow only certain users to write to it. So I set the
read only property to yes then I supplied users for write and admin
previledges. I log into my XP box as administrator and map to the
share but I still can't write to it.

I tried turning the read only setting off and still could not write to
it. Any help? Here's my current smb.conf.

# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2004/11/11 09:35:39

# Global parameters
[global]
    server string = Linux Server
    interfaces = eth1
    security = SHARE
    preferred master = Yes
    ldap ssl = no

[Data]
    path = /Data
    admin users = root, admin, administrator
    write list = root, admin, administrator
    guest ok = Yes



# ll /Data

$ man smb.conf

writable = yes
or
writeable = yes
both should be ok.


Tried that. Those two are synonyms for the read only attribute. I
tried setting the share attribute read only to no. I still couldn't
write to it.



valid users = mary fred


I set guest ok to yes. Shouldn't this allow any users on? I'm doing
this for testing right now. Is it possible that my XP box is
remembering the settings for that share from the first time it logged
in?

What I do is I change the settings. I restart both smbd and nmbd. I
disconnect the drive that is mappened to the share. I re-connect and
try.



check your settings with
# testparm

--
shrek-m

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list




Have you tried chmod 777 /Data ? Or if you are using acls, setfacl -m
u::groupnameallowedtowrite /Data



You know, I was gonna reply and say that I'd already done the
equivalent but when I checked I saw that I hadn't. Apparently chmod
has changed a bit. I remember being able to do a chmod +w and it would
set the write bit for user group and other. It was a shortcut way of
doing chmod ugo+w but apparently now it's only a shortcut for chmod
u+w.

Anyway, I'd done a ls -ld on it and thought I'd set the write bit but
I hadn't. Soon as I set the write bit for group and other  (Read
execute was already done) , disconnected and re-connected now it
works.

But now I have another question. If I open it up to rwx for everyone
then any local user could mess with it. The permissions that it had
were what they needed to be for local users. The directory is owned by
root and part of the root group. root had rwx permission and everyone
else had only read and execute permission:

drwxr-xr-x  4 root root 4096 Nov 11 11:36 /Data

So since we know it's a permission thing how can I keep this directory
read only for everyone including local users and allow only root or
administrator over samba to write to it?
Looks like you need to use ACLs - this is quite easy. First, check if you have support for ACLs (im not 100% but pretty sure its in kernel =>2.6):
mount /whateverdiskitsmountedon -o remount,acl
If this works, you are in business! - edit your /etc/fstab file and put acl in the options.
It does not matter if you have only one partition, mount it with acl. If you used the default ext3 filesystem then you will almost certainly have acl support.


Next you need to give access to various people:
chown youruser /dirforsamba
setfacl -m u:username:rwx /your/dir
setfacl -m u:root:rwx /your/dir

Have a google for setfacl and getfacl - check the man pages as well, its very useful.

If you put `nt acl support = yes` in samba, you can now edit the ACLs through windows sa well (as long as you have write permission)

Hope that helped


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux