RE: Setting permissions in a public folder

RE: Setting permissions in a public folder

[Michael Anaya]

> Hi all, a simple question I think...
>
> I've started getting a basic idea of what I need to do to set up file
> permissions and groups, ie. editing /etc/samba/smb.conf, service smb
> restart, etc. I know when adding a user, I need to add it not only through
> the front-end but also through the UNIX side via smbpasswd and the like.
>
> Now, I've run across a problem. I have set up a public folder 'backup'.
> Within each, I have created a folder for each user to put whatever files
> they want to backup - I want to lock access to THAT USER only. I currently
> have it set up where the file owner is 'root' and the file group as that
> owner (ie. 'joe'). Mode is 770.
>
> I'm denied access to everyone's folders, including my own! What am I
> missing?
>
> Thanks,
> Eve


 I do something similar in our office. I created individual shares for each
user and used host allow mapped to their IP to only allow that particular
machine access to the share, and turn browseable set to no, so the share
doesn't show up in a windows network.


michael anaya


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Setting permissions in a public folder

[Eve Atley]

Hi all, a simple question I think...

I've started getting a basic idea of what I need to do to set up file
permissions and groups, ie. editing /etc/samba/smb.conf, service smb
restart, etc. I know when adding a user, I need to add it not only through
the front-end but also through the UNIX side via smbpasswd and the like.

Now, I've run across a problem. I have set up a public folder 'backup'.
Within each, I have created a folder for each user to put whatever files
they want to backup - I want to lock access to THAT USER only. I currently
have it set up where the file owner is 'root' and the file group as that
owner (ie. 'joe'). Mode is 770.

I'm denied access to everyone's folders, including my own! What am I
missing?

Thanks,
Eve


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Setting permissions in a public folder

[Eve Atley]

Michael et. al,

Regarding yesterday's problem I am having with restricting user folders to
each user under a public folder, I am still having questions about setting
this one up. These are NOT the user folders automatically created in the
HOME directory.

The config in my smb.conf file for the directory in question:
[backup]
        comment = Backup Folder
        path = /home/shared/backup
        read only = No
        guest only = Yes
        guest ok = Yes
        force group = +backup
        hosts allow = 192.168.10.

I'm looking for the correct config. Without the hosts allow (haven't tried
it with), I am able to connect correctly via a Unix command line, but not
through the Windows share, so it appears to be a Samba problem.

- Eve

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Setting permissions in a public folder

[Dominic L Hilsbos]

Ok, as I understand it you have a (set) of folders:

/home/shared/backup/<user-name>/, where <user-name> is the (Linux?) user 
name of the person you want to be able to connect to these, correct?  
These folders (even though /home/shared/backup/ is owned and write able 
only to root) are owned and read/write able by their own users, correct?
If that is the case your smb.conf entry 'should' look like this, I think 
:-):

[backup]
                  comment = Backup Folder
                  path = /home/shared/backup/%u/   # %u expands to 
<user-name> (the Linux user that samba generated from
                                                                       
            # the login information it was given)
                  browsable = no                                     # 
this makes it so the share isn't listed with the SMB browse servers
                  read only = no                                       
# this allows people to write to this share (note: only a user that has 
Linux
                                                                        
           # permissions to write to the directory will actually be 
able to)

I don't 'think' you need the host allow option, or maybe set it as such:

                  host allow = ALL

which will allow the users to connect to the share from any machine, as 
long as they authenticate correctly.

You certainly DO NOT want the guest ok, or guest only, options, that's 
basically saying: allow ONLY the guest account (however that is setup) 
to access this share (BTW, samba will use it's status as a root running 
program to over-ride the read/write permissions a share to allow this).

I haven't tried this kind of thing, and I'd recommend testing it before 
deploying it.

For more information I would recommend (the quite complete) "Using 
Samba," especially Chapter 6, which, incidentally, is available as part 
of the source tarball.  Download the newest version of the sources for 
www.samba.org, untar it, then go into the docs/htmldocs/ussing_samba/ 
directory and start reading :).

Eve Atley wrote:

>Michael et. al,
>
>Regarding yesterday's problem I am having with restricting user folders to
>each user under a public folder, I am still having questions about setting
>this one up. These are NOT the user folders automatically created in the
>HOME directory.
>
>The config in my smb.conf file for the directory in question:
>[backup]
>        comment = Backup Folder
>        path = /home/shared/backup
>        read only = No
>        guest only = Yes
>        guest ok = Yes
>        force group = +backup
>        hosts allow = 192.168.10.
>
>I'm looking for the correct config. Without the hosts allow (haven't tried
>it with), I am able to connect correctly via a Unix command line, but not
>through the Windows share, so it appears to be a Samba problem.
>
>- Eve

-- 

Dominic L Hilsbos

"Peace can not be kept by force.  It can only be achieved through understanding"
Albert Einstein

Linux registered user: 283861		http://counter.li.org/
LFS 5.0 ID:12136			http://linuxfromscratch.org/cgi-bin/lfscounter.cgi
Linux-Mandrake 9.2
Windows XP




-- 

Dominic L Hilsbos

"Peace can not be kept by force.  It can only be achieved through understanding"
Albert Einstein

Linux registered user: 283861		http://counter.li.org/
LFS 5.0 ID:12136			http://linuxfromscratch.org/cgi-bin/lfscounter.cgi
Linux-Mandrake 9.2
Windows XP


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs