[Samba] force group does not work
Leander S.
info at netocean.de
Sun Feb 9 03:56:54 MST 2014
Hi
Thanks for your input, but this isn't really a workarround ;/
At the end of the day, I want to give each share it's own
valid users = @Groupname
force user = Username(=Groupname)
force group = Groupname
This makes permission management way easier, since users could just be
added or removed from the Groupname in order to get permission on the
share.
Also I don't need a cronjob, which sooner or later kills my HDDs, doing
a periodic chmod -R and chown -R over all files. (This is anyway not a
profeesional solution in my opinion)
My question is more likely: What am I missing in my config to make my
setup work? Am I using the wrong syntax at some place, or what? This is
quite frustrating ;)
Am 08.02.14 19:43, schrieb steve:
> On Sat, 2014-02-08 at 10:35 +0100, Leander S. wrote:
>> Hi
>>
>> I set up a samba 4.1.4 server on the latest FreeBSD RELEASE 10.
>> Unfortunately it doesn't seem to consider the option force group. After
>> hours ofresearch I couldn't figure out what I'm still missing. unix
>> extensions is set to no. Setting the debug level up to 10 also didn't
>> help ;(
>> Is this a bug or is there simply a mistake in my setup?
>>
>> When
>> *valid users = @Groupname*
>> is set, then I don't have access to the share at all anymore.
>>
>> As funny as it sounds, but
>> *force user* **= *MyUsername*
>> is working as expected.
>>
>>
>> id -Gn MyUsername
>> MyUsername Groupname
>>
>> getent group Groupname
>> Groupname:*:2004:MyUsername,Groupname
>>
>>
>> # ============= Global ============= #
>>
>> [global]
>>
>> # Basic server settings
>> workgroup = DOMAIN
>> realm = DOMAIN.LOCAL
>> netbios name = FILESERVER
>> server role = standalone server
>>
>> # Password backend
>> passdb backend = samba_dsdb
>>
>> # DNS
>> dns forwarder = 10.0.0.1
>>
>> # Logging
>> log level = 2
>> max log size = 5000
>>
>> # Charset
>> unix charset = UTF-8
>> dos charset = cp1252
>>
>> # NTLMv2 aktivieren
>> ntlm auth = No
>> lanman auth = No
>> client ntlmv2 auth = Yes
>>
>> # Printing
>> load printers = No
>> printing = BSD
>> printcap name = /dev/null
>>
>> # Default masks
>> unix extensions = No
> lose these for now:
>> create mask = 0770
>> force create mode = 0770
>> directory mask = 0770
>> force directory mode = 0770
>>
>> # Miscellaneous
>> veto oplock files = /*.doc/*.xls/*.ppt/*.mdb/*.docx/*.xlsx/*.ppt
>>
>>
>> # ============= Shares ============= #
>>
>> [MyShare]
>> comment = NAS
>> path = /mnt/MyShare
>> guest ok = No
>> read only = No
>> valid users = @Groupname
>> forece user = MyUsername
>> force group = Groupname
>>
>>
>>
>>
>>
>>
>>
>> Any help would be greatly appreciated ;)
>>
>> Best Regards
>> L.
>>
>>
> change this:
> force user = MyUsername
> and go for something like:
> chgrp Groupname /mnt/MyShare
> chmod g +s /mnt/MyShare
> maybe?
> Steve
>
>
More information about the samba
mailing list