Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
07-24-2004, 10:35 PM
|
#1
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Rep:
|
"rwx" and "valid users" - which one has precedence?
Howdy~
Here is the situation, let say i have Dept. A and Dept. B, both are mutually exclusive.
I have 2 share directories (share-A and share-B) for each Dept. and users from grp-A should not have access to share-B and vice versa, but my boss wants access to both of the shares...
Here is what i did, might be a bit silly cos i'm kinda new to Linux
Code:
dwrxwrx--- root root ... share-A
dwrxwrx--- root root ... share-B
In my smb.conf:
Code:
[share-A]
path = /home/share-A
valid users = @grp-A boss@admin
read only = no
[share-B]
path = /home/share-B
valid users = @grp-B boss@admin
read only = no
My boss logs in and he cannot enter any of the shares... thats obvious since others is set to ---, but if i set others to r-x, grp-A can access grp-B~
Is there an more simple workaround?
Thanks in advance~ 
|
|
|
07-24-2004, 11:07 PM
|
#2
|
Member
Registered: Nov 2003
Location: South Jersey
Distribution: Slackware, Raspbian, Manjaro
Posts: 826
Rep:
|
for your valid users list you need to be sure all of the group-a and group-b users are setup in their own actual group. Also, be sure to adduser for your boss and also smbpasswd -a boss to set his samba password up.
valid users = @groupa boss
and
valid users = @groupb boss
|
|
|
07-25-2004, 01:37 AM
|
#3
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Original Poster
Rep:
|
I think thats what i did...
What about the share directory's access permission and ownership?
Like i said, my boss cannot enter either directory because he belongs to a different group...
I set both shares to 770... my boss belongs to the admin group, which means *others*, if *others* is 0, does the *valid users* still work?
|
|
|
07-25-2004, 01:04 PM
|
#4
|
Member
Registered: Nov 2003
Location: South Jersey
Distribution: Slackware, Raspbian, Manjaro
Posts: 826
Rep:
|
Can you just add your boss to a second group (and maybe a third) so that he can access the stuff as a group member? Otherwise the Linux permissions will win I think. Try looking into making 'boss' a member of a couple groups.
|
|
|
07-25-2004, 10:13 PM
|
#5
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Original Poster
Rep:
|
Yup, I think i get what you mean... hmm... your workaround might be safer than mine 
I set the shares to 775 and it works but it will get messy a bit when i have more folders...
Anyway, thanks for your idea~!
~WiLL~
|
|
|
07-26-2004, 09:49 AM
|
#6
|
Member
Registered: Nov 2003
Location: South Jersey
Distribution: Slackware, Raspbian, Manjaro
Posts: 826
Rep:
|
Yeah, I definitely recommend going with my approach just to preserve the security of those files.
|
|
|
07-27-2004, 07:25 AM
|
#7
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Original Poster
Rep:
|
Working~
CHeeRs~! 
|
|
|
07-27-2004, 09:50 AM
|
#8
|
Member
Registered: Nov 2003
Location: South Jersey
Distribution: Slackware, Raspbian, Manjaro
Posts: 826
Rep:
|
Cool! Glad I could help you!
|
|
|
07-27-2004, 10:21 AM
|
#9
|
Member
Registered: Apr 2004
Location: M'sia, Aus, Chn
Distribution: Redhat Linux 8 & 9, Fedora Core 2, XP
Posts: 301
Original Poster
Rep:
|
|
|
|
All times are GMT -5. The time now is 05:19 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|