Samba is Only Accepting Share Connections from root
I have a strange thing happening. Samba seems to be only accepting connections to shares from the root user. Some shares certainly work without root priviliges, but don't work properly. Other shares say that the path can't be found, even though samba clearly defines them.
|
You will need to supply more information. Post the global portion of your smb.conf file and the parts for the services that don't work. Which directories are being shared and how are they set up? Does each windows user have a corresponding Linux users and did you run the smbpasswd program to add the and record their passwords?
|
Quote:
|
I thought I'd need more information, but I didn't want to give too much all at once, so here's the information you requested.
|
Global Section of /etc/samba/smb.conf:
Code:
|
The shares that I've got are:
Code:
[homes] |
The services that work are:
Code:
[homes] Code:
[public] |
The shares section goes like this:
Code:
#============================ Share Definitions ============================== |
Each Linux user has a coresponding Windows user. Here's the general user documentation I created.
Here's the identical code for the documentation for Windows and Linux, since there's no way to attatch a file that I see. If you want to view it with Windows, then put the Windows code in a BATCH file. If you want to view it on Linux, put the Linux code in a file. These probably require Windows XP. and I know they require the BASH shell for Linux. Call either file's base name usrtypes. The Windows extension should be .bat, and the Linux version should have no extension. The Linux version should be owned by user root and group root. It should be chmod 750, I believe, going from memory. The Windows version can be pretty flexible about where you put it, if it's in the PATH. The Linux version should be in /usr/bin for best results, unless your Linux is different. Don't forget to delete them when you're done, unless you need to leave executable "junk" around. * NOTE: It said there was too much text to post at first, so I've split it up into a few posts instead. |
Windows code:
Code:
@ECHO OFF |
Linux code:
Code:
#!/bin/sh |
That explains the privilege levels in a nutshell. Now, yes, each Windows user has a Linux user at this point. I was frustrated with manually entering and re-entering users and putting them in exactly the right privilige levels. I'm having to re-enter, because I'm using partimage to create "test patterns" of my Linux server as I go along, until I figure out how to get it just "perfect" where it's going to run and be reliable without much of my help all the time. Then I'll do the same starting with my client machine.
I got so frustrated, that I'd decided I'd try to save up money so I could by a network printer instead of trying to continue with the otherwise good USB printer. But that was before December, when I did make major progress towards getting it to work again. I figured out in my head (just an approximate starting point though) how to automatically add users and groups to a machine. It even theoretically worked with at least 2 different OSs: Windows, and Linux (Samba included too). That turned out to be one thing I was wrong about how to do in the samba server, previously (with the new version I'm using). When creating the samba server, my intent is to create a PDC, but not all of it's functions are to be used with all the computers all the time. Unless my understanding of how it's behavior would be is wrong, then I could use all the features of a PDC. My understanding is that a PDC would mean that all computers in the domain had users and groups the same and stored in one place. But it'd also make it so that (especially laptops) are useless outside of this house. They'd not be able to function properly without being able to "find" the domain controller. Computers are typically owned by individuals, so this'd be an issue. Plus some computers run Windows XP Home, some run Windows XP Proffessional, and some run Windows XP Media Center Edition. I'm now starting to encourage others to use a version of Windows XP, and not Windows XP Home. If I can do the same configuration, I'll also help with Windows 9x too, but except for some planned special situations (servers), I'm not going to discourage it. I'm also encouraging people not to install Vista yet, or to do so with no help yet. Linux clients are temporarily no longer supported, save servers until I can close the newly found security holes from installing them. So, since this should make full domains not a good idea, I've created users that exactly match as much as possible (some Windows groups do nothing on XP, and visa versa for Linux and/or samba), in respect to priviliges they've got. To deal with this, I've created 3 sets of scripts. One for Windows XP, one for Linux, and one for Samba. All 3 work almost identically, but the deep insides must be different because of the inconsistencies with how Linux and Windows and Samba expect their commands to be given. I'd run the scripts for Linux for each Linux machine. I'd also do so with Windows XP. Last, I'd do so with samba. For places that can safely use the PDC, I'd run as few scripts as possible for it to work. I'd use the groups from the PDC as much as I safely can to reduce requirements for computer hardware/virtual hardware. Each computer, would carry the users and groups around with them so that the computer would work anywhere. |
Here's the basic Linux scripts for adding and removing samba users and groups. My current distributions do not provide smbadduser to add users. I previously relied on this, so finding no downloadable version for my version of samba, I started by creating my own version. I later revised it so that I could map users to another Linux user than Windows user if I wanted to. This is rarely needed or used, but I decided not to delete Administrator from Windows, so Administrator and root on Windows both had to map to the root user on Linux and Samba.
For adding users to the username map (asmbuser): Code:
#! /bin/sh Code:
#! /bin/sh Code:
#! /bin/sh Code:
#! /bin/sh Code:
#!/bin/sh Code:
#!/bin/sh For miscellanious groupmap options (smbgroup): Code:
#!/bin/sh |
I also created a Linux script to add the directories that aren't there yet. I created the script along with the other user creation tools. I used prior DOS/Windows/Linux code knowlege to create this script, and I decided to allow it to automatically run when I initialize the Samba groups, so that not running it wouldn't cause errors. It's run at what should be the proper time. Here's the code for adding and removing the standard directories.
smbaddsdirs: Code:
#! /bin/sh Code:
#! /bin/sh |
All these Linux scripts should be put in /usr/bin. They should all be owned by user root and group root. Also they require the same chmod 750 mode. This closes security holes and bugs if you run them as normal users. When they are ever needed to be run by normal users, it requires sudo. Sudo has to be set up for it to run as root for the most part, but my sudo file is another story most likely.
|
All times are GMT -5. The time now is 09:16 PM. |