LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   samba, some users read, others write? (http://www.linuxquestions.org/questions/linux-networking-3/samba-some-users-read-others-write-340326/)

softmoo 07-05-2005 03:47 PM

samba, some users read, others write?
 
Hello,

Here is what I'd like to do with samba:

1.) share /mnt/fwhd/music with read-only access to everyone. Min of hassle
2.) share /mnt/fwhd/* with read-write access to only myself.

Im running debian unstable.

what security mode combination do I need to solve these problems? I have #1 working. But if I set security = user, goal #1 doesnt work. What I need explained is how to accomplish goal #2. How do I share a directory, so that only one person can read/write and no one else can read or write while at the same time allowing easy access to another share?

Here is my config file:

THANKS GUYS!!!!

#start of file
[global]
workgroup = Pimpin
server string = %h server (Samba %v)
; wins support = no
; wins server = w.x.y.z
dns proxy = no
; name resolve order = lmhosts host wins bcast

log file = /var/log/samba/log.%m
max log size = 1000
; syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d

security = share
encrypt passwords = true
obey pam restrictions = yes
guest account = sambaguest
invalid users = root

; unix password sync = no

passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
; pam password change = no

; load printers = yes
; printing = bsd
; printcap name = /etc/printcap
.
; printing = cups
; printcap name = cups

; printer admin = @ntadmin

preserve case = yes
short preserve case = yes


; include = /home/samba/etc/smb.conf.%m

socket options = TCP_NODELAY

; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

; domain master = auto
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash

[homes]
comment = Home Directories
browseable = no
writable = no
create mask = 0700
directory mask = 0700

;[netlogon]
; comment = Network Logon Service
; path = /home/samba/netlogon
; guest ok = yes
; writable = no
; share modes = no

[printers]
comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
create mode = 0700

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no

[music]
comment = Music files
path = /mnt/fwhd/music
browsable = yes
read only = yes
guest ok = yes
public = yes


[uploads]
comment = Writable directory
path = /home/upload
read only = no
writable = yes
public = yes
force user = sambaguest

rylan76 07-06-2005 11:13 AM

Re: samba, some users read, others write?
 
Quote:

Originally posted by softmoo
What I need explained is how to accomplish goal #2. How do I share a directory, so that only one person can read/write and no one else can read or write while at the same time allowing easy access to another share?
Hi

Here is my smb.conf that I use to accomplish your goal #2:

[global]

netbios name = server
workgroup = GOEDEHOOP10
security = user
log file = /var/log/samba.log
log level = 1
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 SO_SNDBUF=16384
wins support = yes
domain logons = no
logon drive = f:
logon home = \\server\%U
os level = 99
preferred master = yes
local master = yes
hosts allow = 196.254.255.10 196.254.255.20 196.254.255.30 196.254.255.40 196.254.255.50 127.0.0.1 196.254.255.60 196.254.255.70 196.254.255.80
encrypt passwords = yes
browseable = yes
lanman auth = yes
lm announce = yes

[only_the_listed_users_have_access_to_this_share]
path = /usr/local/company_share
guest ok = yes
writeable = yes
create mode = 0666
directory mode = 0777
browseable = yes
public = yes
username = yzelle jeremy stefan jean
read list = yzelle jeremy stefan jean
write list = yzelle jeremy stefan jean
valid users = yzelle jeremy stefan jean

[JEAN_DEVEL_YIELD] #Only Jean has access to this share, nobody else
path = /usr/local/apache2/htdocs/php/yield_jean
guest ok = no
writeable = yes
create mode = 0777
directory mode = 0777
browseable = yes
public = yes
username = jean
read list = jean
write list = jean
valid users = jean

To create all the users referred to above, you need to create a normal Linux user using

useradd username

and (guessing here - this worked for me) create a password for that Linux user which EXACTLY matches the Samba password you are going to assign to that user in the next step below:

passwd username

After creating a new user and setting his password, create the -Samba- user entry for this user:

smbpasswd -a username

The user is now created. Setup his password:

smbpassword username
Password:
Confirm Password:

The user is now created in Samba and is ready for use. Restart smbd and nmbd with your new smb.conf. Go to a remote machine and if, for example, it is on XP, go to Network Neighbourhood. You should see the new share listed under the Linux machine. If you click on this share it will ask for a username and password. Type the username you created above, and the password you created using smbpasswd.

Of course, to make a user able to only read from "his" share for example, change the share definition and remove the "read list=" line. This is a guess though, I've never personally nedeed to do this, but it should work.

Only the user who knows "his" username on his share and his password for that share will now be able to access that share.

If the remote system is NOT XP, try this in most Linuces to get access:

1. Create a mount point for the remote, password-protected share:

mkdir /mnt/sambashare

2. Connect to it:
sharename mountpoint
smbmount "//server/stefan_devel_akl" /mnt/polarserver_akl -o
these give full read / write access
username="stefan",password="stefan1",uid=rylan,dmask=0775,fmask=0775

3. And disconnect

smbumount /mnt/sambashare

Hops this helps!

Regards,


All times are GMT -5. The time now is 11:21 AM.