LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 01-22-2007, 12:33 PM   #1
katoom187
LQ Newbie
 
Registered: Feb 2005
Distribution: Fedora
Posts: 28

Rep: Reputation: 15
Samba User Security Question


Greetings, all.

I'm setting up a file server for use on a mostly windows network. It's for a fairly small number of trusted users, so I'd like to just set up one samba user with read only access for them to use. I'm trying to avoid letting them have any other access to the machine whether via local login, ssh, etc.

Does anybody know of some way to either create a user account and deny login access other than to shared folders or create an account that only exists for Samba?

Thanks

Last edited by katoom187; 01-24-2007 at 08:19 AM.
 
Old 01-25-2007, 07:40 AM   #2
shads2k5
LQ Newbie
 
Registered: Jun 2006
Posts: 23

Rep: Reputation: 15
Hi

Hi ,

As what i understand from ur question is you may require to set
a SAMBA Server , and you have to share the files which need to be accessed from the other windows machine.

Ans as fas as the security is cocerned you cansecure the access using the samba configruation itself , also you can create a samba account so no other account will be able to access your secret filse

Hope this has given you an idea.... what you really want to do .

thanks...
 
Old 01-25-2007, 07:46 AM   #3
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
The "Samba 3 by Example" book has an example of a document server. That seems to match what you want to do. I think that they used the "Force User" and "Force Group" options in that shares config stanza. You can download the book from the Samba.org website.
 
Old 01-25-2007, 12:15 PM   #4
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Rep: Reputation: 45
on LInux machine:

Code:
#useradd sambausername
smbpasswd -a sambauserusername
(enter password)
(verify password)

mkdir /home/sambashare (or whatever path you want)
chown 770 sambashare

vi /etc/samba/smb.conf

In your smb.conf:

[sharename]
comment = share drive for Windows user
path = /home/sambashare
valid users = sambausername
security = users
browseable = yes
writable = no
allow hosts = 192.168.1.2, 192.168.1.3, 192.168.4, etc...

(exit vi or your editor)
(restart your samba service)
Now onto the Windows machine:
Code:
START->RUN
cmd
net use z: \\ipaddressofsambamachine\sharename /user:sambauser
(enter password)
Now they have a Z: drive and can READ ONLY.

This account, sambauser, will not be able to log into the Linux system at all since is is passwordless, and by default Linux will not login people with passwordless Linux accounts.

Last edited by Micro420; 01-25-2007 at 12:22 PM.
 
Old 01-25-2007, 12:41 PM   #5
katoom187
LQ Newbie
 
Registered: Feb 2005
Distribution: Fedora
Posts: 28

Original Poster
Rep: Reputation: 15
Gread advice

Thanks for all of the great advice, guys. I'll do some working with this and let everyone know how it comes out.

Thanks
 
Old 01-25-2007, 02:07 PM   #6
katoom187
LQ Newbie
 
Registered: Feb 2005
Distribution: Fedora
Posts: 28

Original Poster
Rep: Reputation: 15
Worked great Micro, just what I wanted.
 
  


Reply

Tags
samba users, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba User Security Crashed_Again Linux - Software 5 01-20-2006 02:49 PM
Help needed with Fedora/Samba/User-level security essdeeay Linux - General 1 01-12-2006 02:31 AM
samba security: user vs share jiml8 Linux - Security 4 03-01-2005 07:12 AM
Slow User Level Security in Samba drumltd Linux - Networking 0 01-10-2005 05:23 PM
samba with security = user davidsrsb Slackware 5 09-10-2004 10:44 AM


All times are GMT -5. The time now is 11:07 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration