LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Setting permissions on a Share (https://www.linuxquestions.org/questions/linux-newbie-8/setting-permissions-on-a-share-684760/)

vonedaddy 11-19-2008 09:43 PM

Setting permissions on a Share
 
I have a fedora box running in my office. A friend who works in the same building was nice enough to set up a samba share on his PC so I can share all his music, media, etc.
The problem is I have a couple different people using my linux computer and I would hate for one of them to accidentally erase his files, or even use them without his permission.

I was wondering if I can setup permissions on the mount point or something. So only I can access the share.

Now keep in mind I am fairly savy but not really a linux guru by any means.

Here is how he has me mounting it in my /etc/fstab:

//studio/drobo /drobo cifs username=savone,password=********,uid=500,gid=500 0 0

(Password removed for obvious reasons)

When I try to set the permissions on the the /drobo directory I get permission denied, even while root.

So how can I make it so only I (user savone) use these files?

secesh 11-20-2008 02:52 PM

Here's an old snippet I like to reference from something I once did. If your fstab is readable by users, they can get your password. That's why I recommend the credentials file.

Code:

//patsy/psc    /home/psc/smb    smbfs    uid=1000,gid=100,credentials=/root/patsy  0  0
where:
uid 1000 = user 'psc'
gid 100 = group 'users'

now the file /root/patsy contains:
Code:

username = psc
password = mypass

and has permissions 400 for root:root


-- That point you in the right direction?

onebuck 11-20-2008 04:32 PM

Hi,

Or you could setup user accounts on your system along with the before mentioned security suggestions.

vonedaddy 11-21-2008 12:05 AM

Quote:

Originally Posted by secesh (Post 3349021)
Here's an old snippet I like to reference from something I once did. If your fstab is readable by users, they can get your password. That's why I recommend the credentials file.

Code:

//patsy/psc    /home/psc/smb    smbfs    uid=1000,gid=100,credentials=/root/patsy  0  0
where:
uid 1000 = user 'psc'
gid 100 = group 'users'

now the file /root/patsy contains:
Code:

username = psc
password = mypass

and has permissions 400 for root:root


-- That point you in the right direction?


You lost me a little with the uid and user pcs.

Should I use the uid of the user who should have access to the mounted share?

also what group should I be using in place of the gid 100 you have here?

secesh 11-21-2008 07:14 AM

Don't read too much into what I posted. I copied/pasted an example which you should modify to your needs. Yes -- use the UID of the user on the local system who should have access. Change the GID to your personal group (if you have uid 1000, you likely have gid 1000). You can cat /etc/passwd and /etc/group to see this info. Where I listed 'psc' above, you should have 'savone'.

Also, I took a look at "man 8 mount.cifs" and see that you might be interested in file_mode and dir_mode. I have modified your original fstab line to what I think would work (If you setup the credentials file. Otherwise put your user/pass back in)

Code:

//studio/drobo /drobo cifs credentials=/root/drobo,uid=500,gid=500,file_mode=0750,dir_mode=0750 0 0

vonedaddy 11-21-2008 12:10 PM

Quote:

Originally Posted by secesh (Post 3349769)
Don't read too much into what I posted. I copied/pasted an example which you should modify to your needs. Yes -- use the UID of the user on the local system who should have access. Change the GID to your personal group (if you have uid 1000, you likely have gid 1000). You can cat /etc/passwd and /etc/group to see this info. Where I listed 'psc' above, you should have 'savone'.

Also, I took a look at "man 8 mount.cifs" and see that you might be interested in file_mode and dir_mode. I have modified your original fstab line to what I think would work (If you setup the credentials file. Otherwise put your user/pass back in)

Code:

//studio/drobo /drobo cifs credentials=/root/drobo,uid=500,gid=500,file_mode=0750,dir_mode=0750 0 0

THANK YOU so much for your help, I just wanted to make sure you know how appreciative I am.

So this worked out great. I did look at the man page but it seems you have to already KNOW the terminology to be able to understand those man pages. Thanks to your help I learned a great deal and have the permissions I wanted on the share. I really appreciate you sticking with me through it.

secesh 11-21-2008 12:14 PM

Cheers. Glad to know I helped - thanks for the bump.

onebuck 11-21-2008 01:57 PM

Hi,

Quote:

Originally Posted by vonedaddy (Post 3350072)
THANK YOU so much for your help, I just wanted to make sure you know how appreciative I am.

So this worked out great. I did look at the man page but it seems you have to already KNOW the terminology to be able to understand those man pages. Thanks to your help I learned a great deal and have the permissions I wanted on the share. I really appreciate you sticking with me through it.

Look at the next 4 links especially the last two in my sig to assist you in understanding;

vonedaddy 11-21-2008 05:35 PM

Just for the hell of it (if anyone else finds this thread useful to them) I made some changes that worked out great.

I created a new group mp3users which had a gid of 505

I changed the fstab line a bit so I can easily give read access to that share to other users by assigning them the secondary group mp3users.

//studio/drobo /drobo cifs credentials=/root/drobo,uid=500,gid=505,file_mode=0750,dir_mode=0750 0 0

now the share has permissions for rwx for me (uid 500) and read for the group mp3users. Anyone I assign to the group mp3users will have read access to the mp3 but can not delete or write to any of the directories.

Thanks again.


All times are GMT -5. The time now is 04:22 PM.