LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-09-2012, 10:50 AM   #1
ringding
LQ Newbie
 
Registered: Feb 2005
Distribution: RH9, RHEnt.
Posts: 23

Rep: Reputation: 0
Samba questions....related to share access..


Hi all!
Samba security has always confused me so I am need of some expertise.

We used to setup our servers to run as root which I know is a BAD idea. But being of a lower skill set it was just easier. Now I am setting up our servers to run as a user and not root.

I have just setup a RHEL6 server with the samba 3.5.

I want to setup a share that is accessible for administrators only...which basically gives us access to the entire directory structure with R/W privileges similar to root.

I have setup a group called "admins" and added 3 administrators to that group. In the past running the server as root we had no issues with the below config. Now running the server as a user it is not working.

How can I setup samba to give our admins full access like we had before?

Any help would be greatly appreciated!!!

[rootdir]
comment = root
path = /
writeable = yes
valid users = @admins
admin users = @admins
browseable = no

Thanks!
 
Old 03-09-2012, 01:34 PM   #2
sys64738
Member
 
Registered: May 2008
Location: NRW/Germany
Posts: 105

Rep: Reputation: 30
Hi,

as you mentioned yourself its a bad idea to do so. You have a good chance of "being killed by friendly fire".
Think about something like http://winscp.net/ if you want to access your files from windows,
or use Putty to do things by ssh.
The problem is not only an administrator with "low skill" (why is that guy an administrator?) but you are also asking for windows problems/exploits to hop on your RHEL6.
Ask yourself:
What could a low skilled administrator do by cut, copy or paste in wrong folder or file?
BTW even a defective mouse could do that.
What could a Trojan horse or virus do?

If still want to do so look if /etc/samba/smb.conf file has a line like:
Code:
invalid users = root
But again know that it is dangerous to remove or comment that.
A good advice: Do Backups at least daily!

Last edited by sys64738; 03-09-2012 at 01:35 PM. Reason: Typo
 
Old 03-12-2012, 09:23 AM   #3
ringding
LQ Newbie
 
Registered: Feb 2005
Distribution: RH9, RHEnt.
Posts: 23

Original Poster
Rep: Reputation: 0
Hi,
invalid users = root is not in my smb.conf. and we do take daily backups! ;-)

Anything else I can do?
 
Old 03-12-2012, 09:45 AM   #4
sys64738
Member
 
Registered: May 2008
Location: NRW/Germany
Posts: 105

Rep: Reputation: 30
Pray. ;-)
 
Old 03-15-2012, 04:25 PM   #5
ringding
LQ Newbie
 
Registered: Feb 2005
Distribution: RH9, RHEnt.
Posts: 23

Original Poster
Rep: Reputation: 0
I figured it out!

Thanks....I guess.... ;-)
 
Old 03-20-2012, 09:10 AM   #6
sys64738
Member
 
Registered: May 2008
Location: NRW/Germany
Posts: 105

Rep: Reputation: 30
Amen. ;-)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Share Access with Samba? your_shadow03 Linux - Newbie 1 03-25-2009 10:51 AM
samba share cannot access muhammednavas Linux - Software 2 06-14-2007 05:49 AM
Access denied when attempting access samba share warlockvix Linux - Software 1 05-11-2007 03:36 PM
Samba Share access Spadge67 Fedora 3 11-19-2005 07:57 PM
Samba: can't access share thorax Linux - Software 4 02-13-2005 01:39 PM


All times are GMT -5. The time now is 11:00 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration