Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm setting up a file server for use on a mostly windows network. It's for a fairly small number of trusted users, so I'd like to just set up one samba user with read only access for them to use. I'm trying to avoid letting them have any other access to the machine whether via local login, ssh, etc.
Does anybody know of some way to either create a user account and deny login access other than to shared folders or create an account that only exists for Samba?
As what i understand from ur question is you may require to set
a SAMBA Server , and you have to share the files which need to be accessed from the other windows machine.
Ans as fas as the security is cocerned you cansecure the access using the samba configruation itself , also you can create a samba account so no other account will be able to access your secret filse
Hope this has given you an idea.... what you really want to do .
The "Samba 3 by Example" book has an example of a document server. That seems to match what you want to do. I think that they used the "Force User" and "Force Group" options in that shares config stanza. You can download the book from the Samba.org website.
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986
Rep:
on LInux machine:
Code:
#useradd sambausername
smbpasswd -a sambauserusername
(enter password)
(verify password)
mkdir /home/sambashare (or whatever path you want)
chown 770 sambashare
vi /etc/samba/smb.conf
In your smb.conf:
[sharename]
comment = share drive for Windows user
path = /home/sambashare
valid users = sambausername
security = users
browseable = yes
writable = no
allow hosts = 192.168.1.2, 192.168.1.3, 192.168.4, etc...
(exit vi or your editor)
(restart your samba service)
Now onto the Windows machine:
Code:
START->RUN
cmd
net use z: \\ipaddressofsambamachine\sharename /user:sambauser
(enter password)
Now they have a Z: drive and can READ ONLY.
This account, sambauser, will not be able to log into the Linux system at all since is is passwordless, and by default Linux will not login people with passwordless Linux accounts.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.