Looks like you need to use ACLs - this is quite easy. First, check if you have support for ACLs (im not 100% but pretty sure its in kernel =>2.6):On Thu, 11 Nov 2004 16:07:06 +0000, Elvis <elvislives@xxxxxxx> wrote:
Stormblaze wrote:
On Thu, 11 Nov 2004 16:12:12 +0100, shrek-m@xxxxxx <shrek-m@xxxxxx> wrote:
Stormblaze wrote:
Ok, Samba is up and running. I can see the share I set up. However, I can not write to it. What I'd like to have is for the default to be read only and allow only certain users to write to it. So I set the read only property to yes then I supplied users for write and admin previledges. I log into my XP box as administrator and map to the share but I still can't write to it.
I tried turning the read only setting off and still could not write to it. Any help? Here's my current smb.conf.
# Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2004/11/11 09:35:39
# Global parameters [global] server string = Linux Server interfaces = eth1 security = SHARE preferred master = Yes ldap ssl = no
[Data] path = /Data admin users = root, admin, administrator write list = root, admin, administrator guest ok = Yes
# ll /Data
$ man smb.conf
writable = yes or writeable = yes both should be ok.
Tried that. Those two are synonyms for the read only attribute. I tried setting the share attribute read only to no. I still couldn't write to it.
valid users = mary fred
I set guest ok to yes. Shouldn't this allow any users on? I'm doing this for testing right now. Is it possible that my XP box is remembering the settings for that share from the first time it logged in?
What I do is I change the settings. I restart both smbd and nmbd. I disconnect the drive that is mappened to the share. I re-connect and try.
check your settings with # testparm
-- shrek-m
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
Have you tried chmod 777 /Data ? Or if you are using acls, setfacl -m u::groupnameallowedtowrite /Data
You know, I was gonna reply and say that I'd already done the equivalent but when I checked I saw that I hadn't. Apparently chmod has changed a bit. I remember being able to do a chmod +w and it would set the write bit for user group and other. It was a shortcut way of doing chmod ugo+w but apparently now it's only a shortcut for chmod u+w.
Anyway, I'd done a ls -ld on it and thought I'd set the write bit but I hadn't. Soon as I set the write bit for group and other (Read execute was already done) , disconnected and re-connected now it works.
But now I have another question. If I open it up to rwx for everyone then any local user could mess with it. The permissions that it had were what they needed to be for local users. The directory is owned by root and part of the root group. root had rwx permission and everyone else had only read and execute permission:
drwxr-xr-x 4 root root 4096 Nov 11 11:36 /Data
So since we know it's a permission thing how can I keep this directory read only for everyone including local users and allow only root or administrator over samba to write to it?
mount /whateverdiskitsmountedon -o remount,acl
If this works, you are in business! - edit your /etc/fstab file and put acl in the options.
It does not matter if you have only one partition, mount it with acl. If you used the default ext3 filesystem then you will almost certainly have acl support.
Next you need to give access to various people: chown youruser /dirforsamba setfacl -m u:username:rwx /your/dir setfacl -m u:root:rwx /your/dir
Have a google for setfacl and getfacl - check the man pages as well, its very useful.
If you put `nt acl support = yes` in samba, you can now edit the ACLs through windows sa well (as long as you have write permission)
Hope that helped
