Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
iam using centos 5.4 and configure samba as fileserver.Actually i had one requirement of a windows user that - dir which is share (/home/user)has 4 dir in it.and he want to give full access to one dir among them.This share is password authenticated and while providing passwd it open full access to all.
My requirement is that- i want to give full permission to one folder only for all other windows users.so they can access only that folder and denied other folder (after providing password to share)
I just want to make sure that I understand the situation here:
A directory, which is a user's home directory, has 4 subdirectories.
The user in question wants *all* password-authenticated windows users to be able to access only one subdirectory, but they will have full-access to that subdirectory.
The user, however, wants to have full-access to all 4 subdirectories when he is authenticated and connected.
Is this correct? If so, I would think that 2 share definitions in smb.conf should do it for you... For an example, let's say the user is 'john', then in the share definition section, you would add something like:
Code:
[johns_home]
path = /home/john
comment = John's home dir
browseable = no
writable = yes
valid users = john
guest ok = no
[johns_docs]
path = /home/john/docs
comment = John's docs
browseable = yes
writable = yes
thanks ....
1.i already tried this structure but their is one problem
what u mention in second dir [johns_doc] will show only "johns" dir while accessing share from windows but it doesnot mention who belongs to this dir.Thats why i dropped this share.
2. My post is might not cleared fully.let me tell u once again.
Iam taking about Fileserver- samba server .in which windows user(client) access share folder of linux shared dir from their own pc.all windows user(client) have account in server.and their home dir are shared to save data from windows pc.
one user had 2 sub dir in shared dir.in which one dir is for all to share data and second is not for sharing with all.
now permission should be like that share dir have full access to all and remaining should be denied while try to access.only owner can access all dir.
i dont know about setfcl and i tried with chmod and applied .its working also.but the parent dir is open now . i want to do this login permission in parent dir means parent share dir.
ex-/home/parent
this is share folder in linux.and have sub directory .chmod is applied to sub folder and working fine and i required login permission in parent dir.that is not working ..
It would be really helpful if you take one post to explain yourself properly. It would be better if you use examples because it is only getting confusing with your requirements.
But for setfacl
put all the windows users in one group and if you want to give full permission to a particular directory
Code:
#setfacl -m g:windows:rwx /path to folder
and if still I am missing something then kindly use some example to show what you want to do.
here deepak is windows user and linux user also but he works in windows not linux.like this there are 30 user.and all user home dir of linux is shared to save data from windows in linux.
now assume that deepak dir is parent dir and have 2 sub-dir in it.
/home/deepak/
dir1 dir2
deepak want to share dir2 full permission to other windows user form " Run-//ip address of linux server" .
but he also want to restrict dir1 from other windows user while opening share folder.
i done it with chmod but my samba file have been configure with security = share
so when ever win user access other share it will ask for permission.
i think now it will be clear....hope so.
Quote:
Originally Posted by deep27ak
But for setfacl
put all the windows users in one group and if you want to give full permission to a particular directory
Code:
#setfacl -m g:windows:rwx /path to folder
.
i didnot get this command like windows written here.what does it mean?
Well I hope I have understood. Please let me know if this is what you want.
Using this all your windows users will be able to access deepak's home directory including test1 but not test2.
Code:
#cd /home/deepak
#ls
test1 test2
Code:
#chmod 700 test2
and make sure the owner of test2 is deepak and no other user have any permission on this directory
Code:
drwxr-xr-x 2 deepak deepak 4096 Aug 25 11:04 test1
drwx------ 2 deepak deepak 4096 Aug 25 11:04 test2
i did this.......
i make one more share dir inside parent shared dir...and given permission as i needed.this solve my requirement.but by the client side it is closed but i am not satisfied and still trying to find another option for this requirement..
well thanks deepak for being with me to solve this requirement....one thing i want to ask what does this code do..
create mode = 0777
directory mode = 0777
That sets a mask for the creation of files within the share for all who connect to the share. That mask forces the files created in the share to give everybody who connects to the share read, write and execute permissions for the files.
Code:
directory mode = 0777
And this one does it for the directories.
From the man page for smb.conf:
Quote:
Originally Posted by man smb.conf
...<snip>...
create mode
This parameter is a synonym for create mask.
create mask (S)
When a file is created, the necessary permissions are calculated according to the mapping from DOS modes to UNIX permissions, and the resulting UNIX mode is then bit-wise ŽANDŽed with this parameter.
This parameter may be thought of as a bit-wise MASK for the UNIX modes of a file. Any bit not set here will be removed from the modes set on a file when it is created.
The default value of this parameter removes the group and other write and execute bits from the UNIX modes.
Following this Samba will bit-wise ŽORŽ the UNIX mode created from this parameter with the value of the force create mode parameter which is set to 000 by default.
This parameter does not affect directory masks. See the parameter directory mask for details.
Note that this parameter does not apply to permissions set by Windows NT/2000 ACL editors. If the administrator wishes to enforce a mask on access control lists also, they need to set the security mask.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.