[Samba] Problems with Access Control for Shares on Samba 2
kurt weiss
maillists at kwnet.at
Sat Jan 29 07:34:00 GMT 2005
hi again :-)
u can use the unix rights to do that:
===========================================================================
if e.g. all users are members of group "win"
hobbit directory must have rights 2770 and has owner root.win
share:
[hobbit]
comment = only the owner can write
path = /ALPHA-DATA/hobbit5
create mode = 0640
force create mode = 0640
directory mode = 2770
force directory mode = 2770
so all users (of group win) has read access and the owner can write.
the "2" bit in directory mode ensures, that newly created directories
and files has the correct group (win)
===========================================================================
if u want to access all other users, it will be something like this:
[hobbit]
comment = only the owner can write
path = /ALPHA-DATA/hobbit5
create mode = 0644
force create mode = 0644
directory mode = 0777
force directory mode = 0777
===========================================================================
i prefer the first version (it's more secure)
i hope thats the answer u expected...
--
mit freundlichen grüssen
========================================================
ing. kurt weiss, A-6425 Haiming, Gartenweg 3
Tel.: +43 699 1 272 9926 / Fax: +43 699 4 272 9926
E-Mail: info at kwnet.at
Web: http://www.kwnet.at/ || http://www.oberlandinfo.at/
www.kwnet.at ...one step to the future
edv internet programmierung informationstechnologie
mfh servicepoint west http://www.mfh.at/
========================================================
empfehlungen:===========================================
suche nach wissen: http://de.wikipedia.org
legale, gute gratissoftware: http://www.sourceforge.net
http://www.heise.de/software
suche im internet: http://www.google.at
========================================================
remote schrieb:
> Hi all !
>
> I have a question regarding the access control in Samba 2. I want to make shares available to the Windows Network for which only the owner of the share has write access. Other users however should be able to read and browse these shares.
> My smb.conf :
>
> global]
> workgroup = leat
> guest account = nobody
> keep alive = 30
> os level = 2
> kernel oplocks = false
> security = user
>
> [hobbit5]
> comment = hobbit5
> path = /ALPHA-DATA/hobbit5
> browseable = yes
> read only = no
> guest = ok
> valid user = hobbit5
> ; force user = hobbit5
>
> As far as I understand Samba, with this configuration any Samba user should be able to browse and read the hobbit5 - share, while only hobbit5 himself can write and delete within this share.
> However, what happens is that any Samba user can see the share in the Network Neighborhood, but except for hobbit5, none can enter it. Windows tells me that either the path is not correct or I don´t have the network privileges to do this.
>
> What do I do wrong ?
>
> Thanks,
>
> Jörg
More information about the samba
mailing list