LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-24-2004, 10:35 PM   #1
kenji1903
Member
 
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301

Rep: Reputation: 30
"rwx" and "valid users" - which one has precedence?


Howdy~

Here is the situation, let say i have Dept. A and Dept. B, both are mutually exclusive.
I have 2 share directories (share-A and share-B) for each Dept. and users from grp-A should not have access to share-B and vice versa, but my boss wants access to both of the shares...

Here is what i did, might be a bit silly cos i'm kinda new to Linux
Code:
dwrxwrx---    root    root    ...    share-A
dwrxwrx---    root    root    ...    share-B
In my smb.conf:
Code:
[share-A]
path = /home/share-A
valid users = @grp-A boss@admin
read only = no

[share-B]
path = /home/share-B
valid users = @grp-B boss@admin
read only = no
My boss logs in and he cannot enter any of the shares... thats obvious since others is set to ---, but if i set others to r-x, grp-A can access grp-B~

Is there an more simple workaround?

Thanks in advance~
 
Old 07-24-2004, 11:07 PM   #2
Vincent_Vega
Member
 
Registered: Nov 2003
Location: Jacksonville, FL
Distribution: Slackware & Arch
Posts: 825

Rep: Reputation: 31
for your valid users list you need to be sure all of the group-a and group-b users are setup in their own actual group. Also, be sure to adduser for your boss and also smbpasswd -a boss to set his samba password up.

valid users = @groupa boss
and
valid users = @groupb boss
 
Old 07-25-2004, 01:37 AM   #3
kenji1903
Member
 
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301

Original Poster
Rep: Reputation: 30
I think thats what i did...

What about the share directory's access permission and ownership?

Like i said, my boss cannot enter either directory because he belongs to a different group...
I set both shares to 770... my boss belongs to the admin group, which means *others*, if *others* is 0, does the *valid users* still work?
 
Old 07-25-2004, 01:04 PM   #4
Vincent_Vega
Member
 
Registered: Nov 2003
Location: Jacksonville, FL
Distribution: Slackware & Arch
Posts: 825

Rep: Reputation: 31
Can you just add your boss to a second group (and maybe a third) so that he can access the stuff as a group member? Otherwise the Linux permissions will win I think. Try looking into making 'boss' a member of a couple groups.
 
Old 07-25-2004, 10:13 PM   #5
kenji1903
Member
 
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301

Original Poster
Rep: Reputation: 30
Yup, I think i get what you mean... hmm... your workaround might be safer than mine
I set the shares to 775 and it works but it will get messy a bit when i have more folders...

Anyway, thanks for your idea~!

~WiLL~
 
Old 07-26-2004, 09:49 AM   #6
Vincent_Vega
Member
 
Registered: Nov 2003
Location: Jacksonville, FL
Distribution: Slackware & Arch
Posts: 825

Rep: Reputation: 31
Yeah, I definitely recommend going with my approach just to preserve the security of those files.
 
Old 07-27-2004, 07:25 AM   #7
kenji1903
Member
 
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301

Original Poster
Rep: Reputation: 30
Working~

CHeeRs~!
 
Old 07-27-2004, 09:50 AM   #8
Vincent_Vega
Member
 
Registered: Nov 2003
Location: Jacksonville, FL
Distribution: Slackware & Arch
Posts: 825

Rep: Reputation: 31
Cool! Glad I could help you!
 
Old 07-27-2004, 10:21 AM   #9
kenji1903
Member
 
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301

Original Poster
Rep: Reputation: 30
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
bash script: using "select" to show multi-word options? (like "option 1"/"o zidane_tribal Programming 6 03-21-2013 10:35 AM
what is "sticky bit mode" , "SUID" , "SGID" augustus123 Linux - General 10 08-03-2012 04:40 AM
Telling people to use "Google," to "RTFM," or "Use the search feature" Ausar General 77 03-21-2010 11:26 AM
"Xlib: extension "XFree86-DRI" missing on display ":0.0"." zaps Linux - Games 9 05-14-2007 03:07 PM
"adduser" not adding users to default group "users" PunkPT Slackware 2 09-23-2004 11:50 AM


All times are GMT -5. The time now is 05:28 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration