Samba shares all home directories
At my school I have a problem, We use a samba domain login for everyone.
the home directories are shared, where kids can save files, You can acess it by //school/username, but you can change that by goiing to //school/username2 and view those files. Which is a major problem how should I fix it. It is running Red Hat enterprise 2. |
Add the option ' browseable=no ' to the share I think may work.
Brian |
No, that is already set. I believe (correct me if I am wrong) makes it so when you browse to //school the directories are not viewable, but you can still type it in.
|
Ok, never tried it but I think you need to set the mask for an option under your share.
Example: change to what you need. create mask = 0640 directory mask = 0750 Brian |
Ok, what does that do? and how should I change that, It is the premissions but, I dont see how that changes anything.
|
[global]
smb passwd file = /etc/samba/smbpasswd guest account = gueststudent preserve case = yes socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 logon drive = H: deadtime = 5 guest ok = yes domain master = yes encrypt passwords = yes public = yes wins support = yes dns proxy = yes netbios name = academy server string = Samba Server %v %h logon script = %g.bat local master = yes workgroup = lab logon path = \\%N\Profiles\%u os level = 64 debug level = 0 security = user add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u short preserve case = yes max log size = 100 domain logons = yes [homes] browseable = no read list = @administrator writeable = yes write list = @administrator only user = yes comment = My Home Folder create mode = 0640 directory mode = 0750 [Animals] comment = US Animals path = /home/curriculum/AnimalsCD browseable = yes public = yes read only = no create mask = 0755 directory mask = 0755 I have tried changing the modes in home to no avai tried 0600 and 0700 and 0640 0750. |
Just change the permissions on the home directories so that they don't allow anybody other than the user to access their contents.
Code:
cd /home However, the actual access to the directory is done using the permissions of the user that was authenticated against samba - that means that if the directory belongs to username1 and username2 wouldn't have been able to "ls" the directory on the command-line, then \\server\username1 won't work for username2 - the server will respond with "permission denied". |
All times are GMT -5. The time now is 04:21 AM. |