[Samba] Mapping user by ip address

Robert Marcano robert at marcanoonline.com
Fri Oct 5 16:23:16 UTC 2018


On 10/5/18 12:17 PM, HugLeo via samba wrote:
> Like that? Just two shares with the same path? Will be acceptable/stable?
> I just need to inform for each user the correct shared name.
> 
> [share1]
>     hosts deny = ALL EXCEPT 192.168.0.
>     path = /share
>     public = yes
>     guest ok = yes
>     only guest = yes
>     writable = yes
>     printable = no
>     create mask = 0775
>     directory mask = 0775
> 
> [share2]
>     hosts deny = ALL EXCEPT 192.168.0.10
>     path = /share
>     public = yes
>     guest ok = yes
>     only guest = yes
>     writable = yes
>     printable = no
>     create mask = 0775
>     directory mask = 0775
>     browseable = no
>     force group = private
>     force user = private

No, your second share should be only for "path = /share/private" and not 
public accesible. If you point both to the same share, the user that 
uses share2 will start creating files with the private group, even on 
the public directories of the share (because force group = private), 
making those new files and directories not accesible for the other users.

> 
> 
> On Fri, Oct 5, 2018 at 12:47 PM Robert Marcano via samba <
> samba at lists.samba.org> wrote:
> 
>> On 10/5/18 11:11 AM, HugLeo via samba wrote:
>>> Hello, I have a shared folder that everybody will have access without
>>> user/password.
>>>
>>> [thsprovider]
>>>      path = /share
>>>      public = yes
>>>      guest ok = yes
>>>      only guest = yes
>>>      writable = yes
>>>      printable = no
>>>      create mask = 0775
>>>      directory mask = 0775
>>>
>>>
>>> However Inside /share folder I have a folder named private that can be
>>> accessed just for a ip address.
>>>
>>> I have created the folder /share/private.
>>> chown private:private /share/private
>>>
>>> In this way I negate everybody access. Now how to map ip address
>>> 192.168.0.10 to the private user?
>>>
>>> I need to continue accessing the /share root folder but If I try to
>>> access/modify just ip address 192.168.0.10 will have access.
>>>
>>> Something like:
>>>
>>> [thsprovider]
>>>      path = /share
>>>      force user = everybody
>>>      force group = everybody
>>>      path2 = /share/private
>>>      force user = private
>>>      force group = private
>>
>> No with only one share, but if you can tell the users that will have
>> access to /share/private to use another share for it, you can add a new
>> one with
>>
>>    [private]
>>    ...
>>    hosts allow = <ip>
>>    force group = private
>>    valid users = <users or groups>
>> ...
>>
>>>
>>> Is that even possible?
>>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>




More information about the samba mailing list