[Samba] Re: Authentication Question; WAS: installing Samba as non-root user

Adam Tauno Williams adamtaunowilliams at gmail.com
Wed Sep 26 11:13:02 GMT 2007

> Considering I am running this daemon as a non-root user, I am not sure how
> this works, or if it's even possible.  I had another user map her home
> directory by tunneling to my server, and it worked, however she did not have
> write access to her home directory.  I have added her as a Samba user, using
> smbpasswd.
> Again, it's not clear to me how the authentication is actually happening,

Samba authentication and behavior are VERY well documented - RTFM.

> even if I were to be running the daemon as root.  Since you can add a Samba
> user with smbpasswd with a password other than their Linux or Unix password,
> how is it truly authenticating the user?

Not "can add a Samba user with smbpasswd", *must* "add a Samba user with
smbpasswd".  That password is used for authenticating users,  and unless
you are using some kind of mapping there must be a correspondingly named
user available from NSS.  All this is explained in the manual.   

>   In the case of running the daemon
> as root, are all actions done by root on behalf of the actual user?  But it
> appears, per the smb.conf man page, that upon every Samba connection, a new
> daemon is spawned for the user of the client that established that
> connection.  It would then seem that all share accesses are being made by
> the actual user, as it should be, rather than through root.

A non-root Samba probably can't change it's own privileges or effective
user id.  This is one of the many reasons your configuration will not
work.  Samba must run as root or your going to have to jump through
endless machinations.

Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

More information about the samba mailing list