[Samba] Re: samba sam problem [version 2.2.3a on RH 8]
Dan Bar
Daniel.Bar at seznam.cz
Sat Nov 1 07:56:47 GMT 2003
Erlend Sannerud wrote:
> Hi folks
>
> I'm new to this list, fresh into linux and samba. Simply love it :-)
>
> I have a customer that have about 10 XP pro machines connected to a
> linux samba server. Since there are a quite few documents that only two
> of the users are going to see, I use groups and different shares.
>
> This setup have been working for a while. Today everyone got access to
> everything - not good. Actualy very very very bad. I have tried to
> reboot the smbd service, reboot the whole server and I even tried to
> delete users and groups, and make new ones. No go.
>
1. it's time to go for upgrade - I suggest 2.2.8a if you do not want to
go to 3.0.
2. when configuring access permissions, its better if you do it not just
rely on smb.conf parameters (as valid users, read list ...), but on
filesystem level perms too. Filesystem level perms might be a second
level block - in case Samba (e.g. because of bug or misconfig) fails.
See - when user wants to access a certain share, Samba daemon (running
uner root privileges) forks a process running with priviliges of that
user. (only in case you do not use "force user/group" parameter for
share). If you set filesystem perms properly, he cannot simly go to
wrong dirs/files.
Dan
P.S. in case rwx access rights params are limiting to you, then go for
ACL -> I suggest XFS filesystem (patch and recompile kernel)+ recompile
Samba with "--with-acl-support" switch.
More information about the samba
mailing list