[Samba] "/" shows up as home directory for "nobody" - available to any user
Christian Barth
barth at cck.uni-kl.de
Thu Apr 25 09:06:03 GMT 2002
> Strange thing:
> After being logged on to samba-PDC (2.2.3a, LDAP) I see besides the user's
> home directory a home directory for user "nobody" - containing the root file
> system of my samba server.
> The relevant parts in smb.conf looks like this:
>
> guest account = pcguest (if not set it defaults to "nobody" - this should
> turn it off)
>
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
>
>
> The entry in /etc/passwd for "nobody" is:
> nobody:x:99:99:Nobody:/:/sbin/nologin
>
> There is no entry for "nobody" in the LDAP database, not is there anywhere
> an account for "guest".
>
>
> Looks like this entry is the key - the "/" for the home dir.
> Since I really don't want everybody to have read access to everything on my
> hard drive, can anyone point me to how I can fix this?
> I guess, I could change nobody's home dir to something else - but what would
> that break?
> I'd rather find out why samba shares it out to begin with - is there a way
> to turn it off?
Add:
valid users = %S
# [homes] erzeugt shares der Art [<username>]
# Zu jeder share kann jeder user verbinden, auch zu den
# Systemaccounts !!
# obiger Eintrag verhindert das.
To the [homes] section in smb.conf. You may leave out the comment :-)
With this "valid users" only an authenticated nobody can access it's
home through samba. And with your /etc/passwd there will never be an
authenticated nobody.
Christian
_(_)_ wWWWw _
@@@@ (_)@(_) vVVVv _ @@@@ (___) _(_)_
@@()@@ wWWWw (_)\ (___) _(_)_ @@()@@ Y (_)@(_)
@@@@ (___) `|/ Y (_)@(_) @@@@ \|/ (_)\
/ Y \| \|/ /(_) \| |/ |
\ | \ |/ | / \ | / \|/ |/ \| \|/
jgs|// \\|/// \\\|//\\\|/// \|/// \\\|// \\|// \\\|//
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
More information about the samba
mailing list