LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-14-2012, 04:05 AM   #1
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Rep: Reputation: Disabled
samba share with 2 folder giving problem centos 5.7 64bit


dear sirs,

i am encountering with samba strange issue, i try a lot i call log with redhat mor then 10 days passed they could not trouble shoot

i want to share with ur experience.

see i have attached detail file with this email

in fact there r 2 folder
/premia there r 2 user premiaadmin and premia, where premia share by user no delete permision, permiadmin use by IT to read write delete maintenace files
/backup this is backup of /premia in .tar.gz everyday, so it need to take backup on window machine, for this i create a user call backup

so what is the problem
problem is if backup start working from window then /premia does not work

if /premia start working then /backup does not work

i carefully review the full permission authorisation and other stuff

can you overlook and advise me possible, thank appreciate ur support as always

kind regards
khakpa


[root@tmsrvr2 ~]# ls -lath /backup
total 6.0G
-rw-r-xr--+ 1 backup backup 415K Jan 13 18:14 premia_app_tmsa_20120113.log
drwxr-xr-x 3 root root 4.0K Jan 13 17:35 .
-rwxr-xr-x+ 1 backup backup 0 Jan 13 17:35 end.txt
-rw-r-xr--+ 1 backup backup 1.3M Jan 13 17:35 premia_app_tmsa.log
-rw-r-xr--+ 1 backup backup 760M Jan 13 17:35 premia_app_tmsa.tar.gz
-rw-r-xr--+ 1 backup backup 760M Jan 13 17:32 premia_app_tmsa_20120113.tar.gz
-rwxr-xr-x+ 1 backup backup 0 Jan 13 17:30 start.txt
-rw-r-xr--+ 1 backup backup 415K Jan 12 18:13 premia_app_tmsa_20120112.log
-rw-r-xr--+ 1 backup backup 760M Jan 12 17:32 premia_app_tmsa_20120112.tar.gz
-rw-r-xr--+ 1 backup backup 415K Jan 11 18:14 premia_app_tmsa_20120111.log
-rw-r-xr--+ 1 backup backup 760M Jan 11 17:33 premia_app_tmsa_20120111.tar.gz
-rw-r-xr--+ 1 backup backup 415K Jan 10 18:23 premia_app_tmsa_20120110.log
-rw-r-xr--+ 1 backup backup 760M Jan 10 17:34 premia_app_tmsa_20120110.tar.gz
-rwxr-xr-x+ 1 backup backup 415K Jan 9 18:40 premia_app_tmsa_20120109.log
-rwxr-xr-x+ 1 backup backup 760M Jan 9 17:32 premia_app_tmsa_20120109.tar.gz
-rwxr-xr-x+ 1 backup backup 415K Jan 8 18:15 premia_app_tmsa_20120108.log
-rwxr-xr-x+ 1 backup backup 760M Jan 8 17:32 premia_app_tmsa_20120108.tar.gz
-rwxr-xr-x+ 1 backup backup 415K Jan 7 18:17 premia_app_tmsa_20120107.log
-rwxr-xr-x+ 1 backup backup 760M Jan 7 17:34 premia_app_tmsa_20120107.tar.gz
-rwxr-xr-x+ 1 backup backup 415K Jan 6 18:11 premia_app_tmsa_20120106.log
drwxr-xr-x 30 root root 4.0K Jan 1 10:24 ..
drwxr-xr-x+ 2 backup backup 4.0K Jun 25 2011 script


[root@tmsrvr2 ~]# ls -lath /premia
total 512K
drwxr-xr-x 30 root root 4.0K Jan 1 10:24 ..
drwxrwxr-x+ 4 root root 68K Dec 31 09:04 premiabin_tmsa3
drwxrwxrwx+ 14 root root 4.0K Dec 14 12:02 .
drwxrwxr-x+ 2 root root 4.0K Dec 13 15:36 shortcut
drwxr-xr-x+ 2 premiaadmin premiaadmin 4.0K Dec 12 14:14 icons_test
drwxrwxr-x+ 2 root root 4.0K Oct 4 10:35 app_tmsa
drwxrwxr-x+ 4 root root 72K Sep 28 14:01 premiabin_tmsa2
drwxrwxr-x+ 3 root root 40K Sep 10 14:22 finalbin_tmsa3
drwxrwxr-x+ 4 root root 40K Aug 29 13:21 payrollbin_tmsa3
drwxrwxr-x+ 3 root root 36K Jul 13 2011 finalbin_tmsa2
drwxrwxr-x+ 3 root root 60K Jun 22 2011 premiabin_tmsa
drwxrwxr-x+ 3 root root 28K Jun 21 2011 finalbin_tmsa
drwxrwxr-x+ 4 root root 36K Jun 21 2011 payrollbin_tmsa
drwxrwxr-x+ 4 root root 44K Jun 21 2011 payrollbin_tmsa2

[root@tmsrvr2 ~]# getfa
getfacl getfattr
[root@tmsrvr2 ~]# getfacl /backup
getfacl: Removing leading '/' from absolute path names
# file: backup
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

[root@tmsrvr2 ~]# getfacl /premia
getfacl: Removing leading '/' from absolute path names
# file: premia
# owner: root
# group: root
user::rwx
userremia:r-x
userremiaadmin:rwx
group::r-x
mask::rwx
other::rwx
 
Old 01-14-2012, 06:34 AM   #2
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

Hi khak.pa,

Welcome to LQ!!!

Quote:
if /premia start working then /backup does not work
Could you please elaborate on this?

Quote:
/premia there r 2 user premiaadmin and premia, where premia share by user no delete permision, permiadmin use by IT to read write delete maintenace files
As I can see from the output it is owned by root. Will it not be good to change the owner to premiaadmin, changing the permission to 700 and setting up read and execute permission for premia user via acl?

Quote:
/backup this is backup of /premia in .tar.gz everyday, so it need to take backup on window machine, for this i create a user call backup
Again we can setup backup user to be the owner of this directory and the permissions to 700. This user should also have read and execute rights on /premia so that it can access that directory while performing backup.

Another question for your. Do you use LDAP or NIS for authentication?

Could you paste you samba configuration file so that we can have a look at it.
 
1 members found this post helpful.
Old 01-14-2012, 07:05 AM   #3
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Original Poster
Rep: Reputation: Disabled
dear sir here i have post the samba config file smb.conf

[root@server2 ~]# cat /etc/samba/smb.conf
[global]
workgroup = tmsa.com
server string = tmsrvr2
hosts allow = 10.0. 127.

security = user
; encrypt passwords = yes
; smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
smb ports = 139

# Debug logging information
log level = 3
#syslog = 1
log file = /var/log/samba/%m
max log size = 1000
; debug timestamp = yes
username map = /etc/samba/smbusers

[premia]
comment = premia
path = /premia
; browseable = yes
writable = yes
public = yes
readonly = yes
valid users = premia premiaadmin

[backup]
comment = backup
path = /backup
; browseable = yes
writable = yes
public = yes
readonly = yes
valid users = backup
 
Old 01-14-2012, 07:20 AM   #4
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

Please don't call me sir. It is a community you can address us by our handle/username and that will suffice.

Still some of my queries are answered like:

1. If you are using LDAP or NIS?
2. I am still unable to understand what you mean by if /premia start working then /backup does not work?

Quote:
[premia]
comment = premia
path = /premia
; browseable = yes
writable = yes
public = yes
readonly = yes
valid users = premia premiaadmin

[backup]
comment = backup
path = /backup
; browseable = yes
writable = yes
public = yes
readonly = yes
valid users = backup
The output brings up another query. In the smb.conf file I can see that these directories are not browseable. Are you using "net use" command to map these shares?

Another thing that conflicts in the quoted config is you have mentioned writeable=yes and then later you mentioned readonly=yes. You cannot have a directory that is readonly also and writeable also. Remove the readonly part as you are mentioning valid users later in the config so only those users will be able to write.

You said that you use backup user to backup /premia directory then backup user should be in valid users of /premia share.

I am still waiting for the queries to be answered which I mentioned in my previous post and this post.
 
1 members found this post helpful.
Old 01-14-2012, 08:43 AM   #5
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Original Poster
Rep: Reputation: Disabled
dear sir

thank for support in advanced do find below detail

1. If you are using LDAP or NIS?
no i am not using any ldap or nis yet
2. I am still unable to understand what you mean by if /premia start working then /backup does not work?

this has problem
/premia has 2 user samba share by which it supposed to work, 1 is premiaadmin other is premia, premia to be work as read execute write, premiaadmin full permission. currently both work like, we cant add edit delete we can read and execute

2nd
/backup related issue has solved now i can readonly execute where now i can take backup on window machine
 
Old 01-14-2012, 08:56 AM   #6
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

Please call me T3RM1NVT0R. I am no sir.

As I mentioned before:

Code:
[premia]
comment = premia
path = /premia
; browseable = yes
writable = yes
public = yes
readonly = yes
valid users = premia premiaadmin

[backup]
comment = backup
path = /backup
; browseable = yes
writable = yes
public = yes
readonly = yes
valid users = backup
Did you remove the readonly paramater from the section? As you cannot have both as they will contradict. The above section should look like following:

Code:
[premia]
comment = premia
path = /premia
; browseable = yes
writable = yes
public = yes
valid users = premia premiaadmin

[backup]
comment = backup
path = /backup
; browseable = yes
public = yes
readonly = yes
valid users = backup
Because you do not need to write on /backup I have set it up with readonly=yes. As you need to be able to write on /premia by user premiaadmin I have set it up as writable=yes. You can use setfacl to prevent user premia from writing to this directory.

Make sure that you take a backup of any configuration file before editing. It is better to be safe then sorry :-)
 
1 members found this post helpful.
Old 01-14-2012, 09:09 AM   #7
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Original Poster
Rep: Reputation: Disabled
hello T3RM1NVT0R,

i have done the changes so now it start writing, editing files from prema and premiaadmin users

[global]
workgroup = tmsa.com
server string = tmsrvr2
hosts allow = 10.0. 127.

security = user
; encrypt passwords = yes
; smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
smb ports = 139

# Debug logging information
log level = 3
#syslog = 1
log file = /var/log/samba/%m
max log size = 1000
; debug timestamp = yes
username map = /etc/samba/smbusers

[premia]
comment = premia
path = /premia
; browseable = yes
writable = yes
public = yes
valid users = premia premiaadmin

[backup]
comment = backup
path = /backup
; browseable = yes
public = yes
readonly = yes
valid users = backup
 
Old 01-14-2012, 09:11 AM   #8
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Original Poster
Rep: Reputation: Disabled
it shows the current permission like

~]# getfacl /premia
getfacl: Removing leading '/' from absolute path names
# file: premia
# owner: root
# group: root
user::rwx
userremia:r-x
userremiaadmin:rwx
group::r-x
mask::rwx
other::rwx
 
Old 01-14-2012, 09:13 AM   #9
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Original Poster
Rep: Reputation: Disabled
hello

i have done the setfacl as per given below

# setfacl -Rm uremiaadmin:rwx /premia
# setfacl -m uremia:rx /premia/*

but result is now from userid premiaadmin, i connect windows xp vista 7 machine i cant delete it. i am using map drive unc path
like //127.0.0.1/premia map to window drive like say T drive
 
Old 01-14-2012, 09:17 AM   #10
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

If you will check my first post you will find that I have mentioned to make premiaadmin user account to be the owner of /premia and change the permission to 700. Once done you can then setfacl only for premia user. No need to set acl for premiaadmin when the user account is the owner of that directory.
 
1 members found this post helpful.
Old 01-14-2012, 09:22 AM   #11
khak.pa
LQ Newbie
 
Registered: Dec 2011
Posts: 11

Original Poster
Rep: Reputation: Disabled
Great! Hell0

it start working fine surprisingly,

Sir, i am trying hard to learn this linux due to not much knowledge so i face this problem

~]# chmod 700 /premia/*
~]# chown -R premiaadmin.premiaadmin /premia/*
~]# setfacl -m uremia:rx /premia/*
~]# service smb restart
Shutting down SMB services: [ OK ]
Shutting down NMB services: [ OK ]
Starting SMB services: [ OK ]
Starting NMB services: [ OK ]
 
Old 01-14-2012, 09:25 AM   #12
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

Great that you got it working!! It is good to hear that you are interested in linux and learning it. All the best for whatever learning/study that you will do in future.

Please mark this thread as solved.

Enjoy linux!!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] [b] Samba share folder problem togitoon Linux - Newbie 5 07-21-2011 04:08 PM
How I share a folder on Centos to use via Windows clients Centos_user Linux - Networking 6 03-04-2010 10:39 AM
Folder Permission Settings - CentOS 64bit vps nishan Linux - Server 1 09-09-2009 05:16 PM
CentOS 4.7,Samba 3.0.28: Share folder is visible but error on accessing it. lazybee26 Linux - Newbie 4 07-08-2009 08:33 PM
SAMBA Public Share Folder Echo Kilo Linux - Software 3 06-17-2008 02:32 AM


All times are GMT -5. The time now is 07:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration