[Samba] FreeBSD / Samba / usr/local/apache24
bret_stern at machinemanagement.com
Sat Jan 4 22:13:11 UTC 2020
On 1/4/2020 12:28 PM, Rowland penny via samba wrote:
> On 04/01/2020 19:51, bret_stern via samba wrote:
>> Good day,
>> I have hosted several domain websites under my apache24 web server on
>> FreeBSD 10.1 for several years. I had Samba configured to allow
>> updating files from my window 7/XP machines.
>> My freeBSD 10.1 server still allows me to copy files into the freebsd
>> apache24 folders: /usr/local/www/apache24..and below.
>> Notes: I can ssh into both servers with FreeBSD user accounts
>> using my username/password. But cannot copy files into the
>> /usr/local/www/apache24...or below folders (read only during ssh
>> So it appears Samba is overriding the file system permissions.
>> Trying to move to FreeBSD 12.1
>> On FreeBSD 10.1, my smb.conf file has the following share used:
>> security = share
>> On FreeBSD 12.1, my smb4.conf file has the following change
>> security = user
>> The following share directive is in both original smb.conf and new
>> browseable = yes
>> read only = no
>> public = yes
>> writable = yes
>> On the new FreeBSD server with samba48 installed, I can view the folders
>> in /usr/local/www/apache24..and below. But cannot write to them.
>> Even though this may be an unorthodox manner to update my websites, I
>> run a pretty tight ship here, so, if I can do what was previously able
>> to do under freeBSD 10.1 and Samba 3.625...it would be preferred.
>> Would like any ideas to determine what is allowing me to write files
>> to the old server web site files, or preventing me from writing files on
>> the new server.
>> Sorry for the long story,
> Sorry, but it isn't long enough ;-)
> Can you post your entire smb.conf.
> There have been quite a lot of changes between 3.6.x and 4.8.x
Never posted here before, hope bottom posting ok. Been getting along
without really investigating the samba setup, so now I'm learning.
FYI.. created user: smbpasswd -a bret and .. smbpasswd -e bret
THANKS FOR LOOKING!!
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#======================= Global Settings
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
workgroup = workgroup
# server string is the equivalent of the NT Description field
server string = Samba Server
# Sharing Model
security = user
# Server role. Defines in which mode Samba will operate. Possible
# values are "standalone server", "member server", "classic primary
# domain controller", "classic backup domain controller", "active
# directory domain controller".
# Most people will want "standalone sever" or "member server".
# Running as "active directory domain controller" will require first
# running "samba-tool domain provision" to wipe databases and create a
# new domain.
server role = standalone server
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to two C class networks and
# the "loopback" interface. For more examples of the syntax see
# the smb.conf man page
; hosts allow = 192.168.1. 192.168.2. 127.
# Uncomment this if you want a guest account, you must add this to
# otherwise the user "nobody" is used
; guest account = pcguest
# this tells Samba to use a separate log file for each machine
# that connects
log file = /usr/local/samba/var/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 50
# Specifies the Kerberos or Active Directory realm the host is part of
; realm = MY_REALM
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
passdb backend = tdbsam
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting.
# Note: Consider carefully the location in the configuration file of
# this line. The included file is read at that point.
; include = /usr/local/samba/lib/smb.conf.%m
# Configure Samba to use multiple interfaces
# If you have multiple network interfaces then you must list them
# here. See the man page for details.
; interfaces = 192.168.12.2/24 192.168.13.2/24
# Where to store roving profiles (only for Win95 and WinNT)
# %L substitutes for this servers netbios name, %U is username
# You must uncomment the [Profiles] share below
; logon path = \\%L\Profiles\%U
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable it's WINS
; wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# WINS Proxy - Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
; wins proxy = yes
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups. The default is NO.
dns proxy = no
# These scripts are used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
; add user script = /usr/sbin/useradd %u
; add group script = /usr/sbin/groupadd %g
; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d
/dev/null -s /bin/false %u
; delete user script = /usr/sbin/userdel %u
; delete user from group script = /usr/sbin/deluser %u %g
; delete group script = /usr/sbin/groupdel %g
#============================ Share Definitions
comment = Home Directories
browseable = no
writable = yes
#Added for web server content Bret 2020
browseable = yes
read only = no
public = yes
writable = yes
More information about the samba