Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I'm setting up a file server for use on a mostly windows network. It's for a fairly small number of trusted users, so I'd like to just set up one samba user with read only access for them to use. I'm trying to avoid letting them have any other access to the machine whether via local login, ssh, etc.
Does anybody know of some way to either create a user account and deny login access other than to shared folders or create an account that only exists for Samba?
Thanks
Last edited by katoom187; 01-24-2007 at 08:19 AM..
As what i understand from ur question is you may require to set
a SAMBA Server , and you have to share the files which need to be accessed from the other windows machine.
Ans as fas as the security is cocerned you cansecure the access using the samba configruation itself , also you can create a samba account so no other account will be able to access your secret filse
Hope this has given you an idea.... what you really want to do .
The "Samba 3 by Example" book has an example of a document server. That seems to match what you want to do. I think that they used the "Force User" and "Force Group" options in that shares config stanza. You can download the book from the Samba.org website.
Distribution: Mac OS X Leopard 10.5.5, Windows 2003 Server/Vista/XP/2000/NT/98, Ubuntux64, CentOS4.7/5.2
Posts: 2,980
Thanked: 0
on LInux machine:
Code:
#useradd sambausername
smbpasswd -a sambauserusername
(enter password)
(verify password)
mkdir /home/sambashare (or whatever path you want)
chown 770 sambashare
vi /etc/samba/smb.conf
In your smb.conf:
[sharename]
comment = share drive for Windows user
path = /home/sambashare
valid users = sambausername
security = users
browseable = yes
writable = no
allow hosts = 192.168.1.2, 192.168.1.3, 192.168.4, etc...
(exit vi or your editor)
(restart your samba service)
Now onto the Windows machine:
Code:
START->RUN
cmd
net use z: \\ipaddressofsambamachine\sharename /user:sambauser
(enter password)
Now they have a Z: drive and can READ ONLY.
This account, sambauser, will not be able to log into the Linux system at all since is is passwordless, and by default Linux will not login people with passwordless Linux accounts.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
