Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 07-05-2005, 03:47 PM   #1
LQ Newbie
Registered: Jul 2005
Posts: 1

Rep: Reputation: 0
samba, some users read, others write?


Here is what I'd like to do with samba:

1.) share /mnt/fwhd/music with read-only access to everyone. Min of hassle
2.) share /mnt/fwhd/* with read-write access to only myself.

Im running debian unstable.

what security mode combination do I need to solve these problems? I have #1 working. But if I set security = user, goal #1 doesnt work. What I need explained is how to accomplish goal #2. How do I share a directory, so that only one person can read/write and no one else can read or write while at the same time allowing easy access to another share?

Here is my config file:


#start of file
workgroup = Pimpin
server string = %h server (Samba %v)
; wins support = no
; wins server = w.x.y.z
dns proxy = no
; name resolve order = lmhosts host wins bcast

log file = /var/log/samba/log.%m
max log size = 1000
; syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d

security = share
encrypt passwords = true
obey pam restrictions = yes
guest account = sambaguest
invalid users = root

; unix password sync = no

passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
; pam password change = no

; load printers = yes
; printing = bsd
; printcap name = /etc/printcap
; printing = cups
; printcap name = cups

; printer admin = @ntadmin

preserve case = yes
short preserve case = yes

; include = /home/samba/etc/smb.conf.%m

socket options = TCP_NODELAY

; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

; domain master = auto
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash

comment = Home Directories
browseable = no
writable = no
create mask = 0700
directory mask = 0700

; comment = Network Logon Service
; path = /home/samba/netlogon
; guest ok = yes
; writable = no
; share modes = no

comment = All Printers
browseable = no
path = /tmp
printable = yes
public = no
writable = no
create mode = 0700

comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no

comment = Music files
path = /mnt/fwhd/music
browsable = yes
read only = yes
guest ok = yes
public = yes

comment = Writable directory
path = /home/upload
read only = no
writable = yes
public = yes
force user = sambaguest
Old 07-06-2005, 11:13 AM   #2
Senior Member
Registered: Apr 2004
Location: Potchefstroom, South Africa
Distribution: Fedora 17 - 3.3.4-5.fc17.x86_64
Posts: 1,552

Rep: Reputation: 103Reputation: 103
Re: samba, some users read, others write?

Originally posted by softmoo
What I need explained is how to accomplish goal #2. How do I share a directory, so that only one person can read/write and no one else can read or write while at the same time allowing easy access to another share?

Here is my smb.conf that I use to accomplish your goal #2:


netbios name = server
workgroup = GOEDEHOOP10
security = user
log file = /var/log/samba.log
log level = 1
wins support = yes
domain logons = no
logon drive = f:
logon home = \\server\%U
os level = 99
preferred master = yes
local master = yes
hosts allow =
encrypt passwords = yes
browseable = yes
lanman auth = yes
lm announce = yes

path = /usr/local/company_share
guest ok = yes
writeable = yes
create mode = 0666
directory mode = 0777
browseable = yes
public = yes
username = yzelle jeremy stefan jean
read list = yzelle jeremy stefan jean
write list = yzelle jeremy stefan jean
valid users = yzelle jeremy stefan jean

[JEAN_DEVEL_YIELD] #Only Jean has access to this share, nobody else
path = /usr/local/apache2/htdocs/php/yield_jean
guest ok = no
writeable = yes
create mode = 0777
directory mode = 0777
browseable = yes
public = yes
username = jean
read list = jean
write list = jean
valid users = jean

To create all the users referred to above, you need to create a normal Linux user using

useradd username

and (guessing here - this worked for me) create a password for that Linux user which EXACTLY matches the Samba password you are going to assign to that user in the next step below:

passwd username

After creating a new user and setting his password, create the -Samba- user entry for this user:

smbpasswd -a username

The user is now created. Setup his password:

smbpassword username
Confirm Password:

The user is now created in Samba and is ready for use. Restart smbd and nmbd with your new smb.conf. Go to a remote machine and if, for example, it is on XP, go to Network Neighbourhood. You should see the new share listed under the Linux machine. If you click on this share it will ask for a username and password. Type the username you created above, and the password you created using smbpasswd.

Of course, to make a user able to only read from "his" share for example, change the share definition and remove the "read list=" line. This is a guess though, I've never personally nedeed to do this, but it should work.

Only the user who knows "his" username on his share and his password for that share will now be able to access that share.

If the remote system is NOT XP, try this in most Linuces to get access:

1. Create a mount point for the remote, password-protected share:

mkdir /mnt/sambashare

2. Connect to it:
sharename mountpoint
smbmount "//server/stefan_devel_akl" /mnt/polarserver_akl -o
these give full read / write access

3. And disconnect

smbumount /mnt/sambashare

Hops this helps!



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
fat32 partition, ordinary users read/write quietbyday Linux - General 1 08-01-2005 11:31 PM
share read and write permission to users suguname Mandriva 3 01-18-2005 12:53 AM
A share that users can see, read and write to....without password fatboyal Linux - Newbie 11 01-16-2004 08:56 PM
Making a Windows partition read/write for all users d1v1d38yz3r0 Linux - Newbie 2 12-08-2003 02:10 PM
How to set permissions to read, execute, write for users only chupacabra Linux - General 3 12-18-2002 03:54 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:40 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration