LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Samba shares all home directories (https://www.linuxquestions.org/questions/linux-server-73/samba-shares-all-home-directories-489505/)

arapidsfan 10-04-2006 05:22 PM

Samba shares all home directories
 
At my school I have a problem, We use a samba domain login for everyone.

the home directories are shared, where kids can save files,

You can acess it by //school/username, but you can change that by goiing to //school/username2 and view those files. Which is a major problem how should I fix it.

It is running Red Hat enterprise 2.

Brian1 10-04-2006 05:56 PM

Add the option ' browseable=no ' to the share I think may work.

Brian

arapidsfan 10-04-2006 07:13 PM

No, that is already set. I believe (correct me if I am wrong) makes it so when you browse to //school the directories are not viewable, but you can still type it in.

Brian1 10-04-2006 07:33 PM

Ok, never tried it but I think you need to set the mask for an option under your share.
Example: change to what you need.
create mask = 0640
directory mask = 0750

Brian

arapidsfan 10-04-2006 07:42 PM

Ok, what does that do? and how should I change that, It is the premissions but, I dont see how that changes anything.

arapidsfan 10-05-2006 08:26 AM

[global]
smb passwd file = /etc/samba/smbpasswd
guest account = gueststudent
preserve case = yes
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
logon drive = H:
deadtime = 5
guest ok = yes
domain master = yes
encrypt passwords = yes
public = yes
wins support = yes
dns proxy = yes
netbios name = academy
server string = Samba Server %v %h
logon script = %g.bat
local master = yes
workgroup = lab
logon path = \\%N\Profiles\%u
os level = 64
debug level = 0
security = user
add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u
short preserve case = yes
max log size = 100
domain logons = yes

[homes]
browseable = no
read list = @administrator
writeable = yes
write list = @administrator
only user = yes
comment = My Home Folder
create mode = 0640
directory mode = 0750

[Animals]
comment = US Animals
path = /home/curriculum/AnimalsCD
browseable = yes
public = yes
read only = no
create mask = 0755
directory mask = 0755

I have tried changing the modes in home to no avai tried 0600 and 0700 and 0640 0750.

lior.okman 10-05-2006 05:42 PM

Just change the permissions on the home directories so that they don't allow anybody other than the user to access their contents.

Code:

cd /home
chmod 700 *

The "directory mode" and "create mode" options aren't relevant - they are used when a user creates a new file or directory from a remote client.

However, the actual access to the directory is done using the permissions of the user that was authenticated against samba - that means that if the directory belongs to username1 and username2 wouldn't have been able to "ls" the directory on the command-line, then \\server\username1 won't work for username2 - the server will respond with "permission denied".


All times are GMT -5. The time now is 04:21 AM.