[Samba] Is a password required for the Linux account?

[Chris Weiss]

On Fri, May 4, 2018 at 8:31 AM Winfried via samba <samba at lists.samba.org>
wrote:

> Hello,
>
> I'm using Samba 4.5.12 on Debian 9.4, and would like to learn how to use
> the
> "valid users" option to limit read-write access to authorized users, which
> seems to require…
> 1. creating a Linux account in /etc/passwd,
> 2. creating a matching Samba account,
> 3. syncing both passwords using smbpasswd, where Samba sets its password,
> and then calls the Linux passwd utility to set the same password in
> /etc/shadow
>
> By default, Nginx creates a www-data user, which I'd like to use so I can
> edit its htdocs files directly from a Windows host:
> [code]
> # cat /etc/passwd
> …
> www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
> [/code]
>
> Am I correct in understanding that a password is _required_ for the Unix
> account, because when trying to access a Samba share from Windows, it goes
> like this : Windows → Samba → Unix, where Samba will pass on the username +
> password to Linux when accessing the filesystem?
>
> Thank you.
>

technically it does not need a passwd, and you don't need to do password
sync.  i should work just fine.

it would be better to use group permission on the files and use your normal
user to edit.  www-data should only have write permissions to your logging
and upload areas anyway.  the web server should never be able to overwrite
your site code.  it would be even better to use SSH, still with group
permissions and your normal user.  most editors can edit over ssh "live"
these days, with the right plugin.