LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-02-2010, 02:37 AM   #1
Trimp
LQ Newbie
 
Registered: Dec 2009
Posts: 7

Rep: Reputation: 0
Question about Samba and best practices for a Linux file server.


I have Samba working. Have been getting into Linux in the last week and a half. I can set it all up, and configure everything without a GUI. However, I am having a couple issues that are annoying me.

1. Do Samba users have to be Linux users? I would assume so because of permissions on folders in Linux, but I am not positive.

2. I log in as root and create 4 directories in /home to act as shares. Music, Movies, Text, Random. The problem is none of the users on the Windows computers can write to the folder unless I do the following; Chmod it to 777(the Windows users fall under the "other" category, the last 7), or chown it over to the group "users", which is the group I put everyone who can access the file server. The problem with this is I can't allow them to read, write and execute unless I allow everyone to by using 777, or make the group users the owner of the file.

How would I go about allowing Root to be the owner of the file, but give the group users read, write and execute permission using the command line? Also, how would I do this with multiple groups?

Changing my smb.conf to allow specific users to write/read/execute does absolutely nothing unless the permission to the folder in Linux is set correctly. In other words, Linux over-writes any permissions I give in Samba to that specific share folder. No matter what I do.

3. My last question is. What are the best practices for groups and users in Linux? Is lumping users who should have similar permissions into their own specific group proper? Or is having each person in their own specific group better? I am not sure if multiple users can be in multiple groups or not, and how I would do that via the CLI if they can.

Thanks again for any help.
 
Old 01-02-2010, 04:08 AM   #2
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Wheezy/Jessie/Sid, Linux Mint DE
Posts: 4,493

Rep: Reputation: 635Reputation: 635Reputation: 635Reputation: 635Reputation: 635Reputation: 635
Quote:
Originally Posted by Trimp View Post
1. Do Samba users have to be Linux users? I would assume so because of permissions on folders in Linux, but I am not positive.
Usually, yes

Quote:
Originally Posted by Trimp View Post
2. I log in as root and create 4 directories in /home to act as shares. Music, Movies, Text, Random. The problem is none of the users on the Windows computers can write to the folder unless I do the following; Chmod it to 777(the Windows users fall under the "other" category, the last 7), or chown it over to the group "users", which is the group I put everyone who can access the file server. The problem with this is I can't allow them to read, write and execute unless I allow everyone to by using 777, or make the group users the owner of the file.

How would I go about allowing Root to be the owner of the file, but give the group users read, write and execute permission using the command line? Also, how would I do this with multiple groups?
It is best to have all those directories owned by a certain group, and make sure all users who want to access these directories are member of thre groups. Ordinary users is OK, but you could also create groups like music_users, text_users, etc. Make the owner:group of those directories root:music_users, root:text_users etc. You have to make users member of all those groups.

Note however that file permissions must be at least -rwxrwx--- for users belonging to those groups to be able to modify files.

Quote:
Originally Posted by Trimp View Post
Changing my smb.conf to allow specific users to write/read/execute does absolutely nothing unless the permission to the folder in Linux is set correctly. In other words, Linux over-writes any permissions I give in Samba to that specific share folder. No matter what I do.
That is correct. Consider Samba a layer which lies over the Linux file system. Windows users can communicate with Samba. However, Samba still has to access the files on the Linux level with the Linux user credentials of that user.

Quote:
Originally Posted by Trimp View Post
3. My last question is. What are the best practices for groups and users in Linux? Is lumping users who should have similar permissions into their own specific group proper? Or is having each person in their own specific group better? I am not sure if multiple users can be in multiple groups or not, and how I would do that via the CLI if they can.
adduser <username> <groupname>
Best is to have all shares accessible by groups and make users member of those groups. When a new user is added or a user leaves you only have to add/remove users from groups, but your security model stays in place.

You'll run in other problems, like a user who is member of users and text_users and music_users. Primary group is users. What happens if this user creates a file in /home/music? The ownership will be <username>:users, while you want all files there root:music_users. For that problem, set the GID bit on the directory.
chmod g+s directoryname
Directory permissions now become drwxrwsr-x. If a user now creates a file here it will copy the owner:group from the directory.
If you see drwxrwSr-x instead of drwxrwsr-x add X rights to the group:
chmod g+X directoryname

In addition, you must tell Samba to set the force_permission to 770. Check the smb.conf to get the name of the parameter correct. I am not 100% sure now.

Last but not least, I am not a GUI person myself, but I found Webmin easy to manage some Samba features. Install Webmin, and access it with your web browser.

jlinkels
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba File Server = XP+LINUX??? ryudo Linux - Server 1 11-27-2006 03:20 PM
Linux File and Print Server with Samba bmc68 Linux - Newbie 1 01-27-2006 12:50 PM
Samba LAN File Server NTFS Question SSTwinrova Linux - Networking 3 12-30-2004 02:24 AM
Question: Linux + Win file sharing with Samba yurlittlepony Linux - Networking 2 08-30-2003 12:39 AM


All times are GMT -5. The time now is 04:11 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration