[Samba] UNIX paths vs UNC names in [profile]

Tue Nov 18 08:51:31 GMT 2003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Message: 48
> Date: Mon, 17 Nov 2003 11:42:18 -0500
> From: Jeff Gardiner <gardiner at imaging.robarts.ca>
> Subject: [Samba] UNIX paths vs UNC names in [profile]
> To: samba at lists.samba.org
> Message-ID: <200311171142.18962.gardiner at imaging.robarts.ca>
> Content-Type: text/plain;  charset="us-ascii"
>
> Alright, I can be a bit thick sometimes, but by RTFM or other
documentation
> I've solved a problem.
>
> ISSUE
>
> I had been having problems with profiles, I use using the following
profile:
> <edited>
>
> [global]
> preferred master = yes
> domain master = yes
> local master = yes
> security = user
> domain logons = yes
> logon path = \\%N\%u\profiles
> logon drive = H:
> logon home = \\%L\%U
> logon script = startup.bat
>
>  [netlogon]
>
> path = /var/lib/samba/netlogon
> read only = yes
> write list = ntadmin
>
> [profiles]
>
> path = \\%N\%U\profile
> read only = no
> create mask = 0600
> directory mask = 0700
>
> Then, and after much frustration, I came across John, Terpstra's email:
> http://www.mail-archive.com/samba@lists.samba.org/msg26709.html
>
> John clearly says "Samba share specs read UNIX paths - not Windows UNC
names."
> (Thanks John)
>
> Ok that was the issue then - yet it seemed to work.
>
> QUESTION
> My question therefore is this - I have multiple /home/subdomain
directories,
> like
> /home/disk1
> /home/disk2
> /home/backupdisk3b  ... etc
>
> How do I store the profile in the users home dir.  My rationale is
that as all
> of my OSX users, and Unix/Linux users have to adhere to a quota - I'd
rather
> force my windows users to adhere to the same quota by storing their
profile
> in /home/disk?/user/profile and I could do that using \\%L\%U\profile.

You should not place profiles in another share that may contains files
you don't want others to access (since Windows keeps connections open to
the profiles share after the previous user has logged off, and so it may
still be connected when the next user logs in).

> Now
> one solution is to apply the quote to say /var/lib/samba/profile/%U
but I'd
> rather keep the profile in or off of the home dir anyway.
>
> resolving /home/disk?/user/profil using Unix path names is difficult
because I
> have so many disks with home dirs.

Why not do something like:
[profiles]

path = /var/lib/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -L $PROFILE ];\
                then mkdir -pm700 ~%u/.profile; chown %u.%g
~%u/.profile; ln -s ~%u/.profile $PROFILE;fi

Then, you keep the profiles share as is, but the profiles live in the
user's home, but you avoid any other issues.

BTW, the reason for /var/lib/samba/profiles (at least on Mandrake - this
config looks suspiciously like the Mandrake default config ;-)) is to
ensure that samba has a place to write by default, since we can't make
any assumptions about /home etc (specifically being writable by root in
the case of root-squashed NFS etc). However, there's no problem changing it.

On our production network, we actually use 'logon path =
/home/users/profiles/%u', and /home/users is a large (LVM on hardware
RAID5) partition which also contains the users home directories (thus
quotas are in effect on the profiles).

Regards,
Buchan

- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/ud2TrJK6UGDSBKcRArSnAJ9jQuOre6m50LpCmWiLLvSnYnglGgCfXuDH
6TybOPaYwgNIO9rmduL2xUY=
=kef3
-----END PGP SIGNATURE-----