Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Im currently working with Slackware and Samba and now Im stuck with some settings.
Im using my Slackware-PC as a server and using Windows XP computers to connect to it. I got three accounts on the Slackware PC and using theese as accounts when logging on to the server.
Two of the users are in the same group, while the other one is alone in one group.
Now my problem is this:
I wanna make it possible for the two users in the same group to change / edit / delete etc a folder and the files in it. The last and lonly account should only be able to read the files in that folder.
I've been trying to fix this with commands in the smb.conf like write list, create mask, directory mask, read list etc and also changing the status on the files / folders in Slackware with the chmod command. But I cant fix it, since I always get the error message that I dont have the permissions to do it.
So, any hints or ideas would be greatly appreciated!
And yes, Im a beginner
If you need anything better explained or anything else, just ask
What version of Samba are you using? Have you set up samba users as well as linux users using smbpasswd? You don't say whether the errors are from the windows client or linux?
In Samba 3.x I use
Quote:
inherit acls = Yes
in the various share definitions. That way I can define the permissions for the linux users and Samba will follow that for the Samba clients. Have a read of the excellent Samba documentation to find out the differences between linux permissions and Windows permissions - some can not be translated exactly so Samba has to behave in a certain way that may not be what you expect or require in Windows.
What version of Samba are you using? Have you set up samba users as well as linux users using smbpasswd? You don't say whether the errors are from the windows client or linux?
In Samba 3.x I use in the various share definitions. That way I can define the permissions for the linux users and Samba will follow that for the Samba clients. Have a read of the excellent Samba documentation to find out the differences between linux permissions and Windows permissions - some can not be translated exactly so Samba has to behave in a certain way that may not be what you expect or require in Windows.
Im using Samba 2.2.8 and at the moment, I don't think there is any chance to change it. At least not at this point.
The problem is that when I try to create a new folder or file(with the XP PC) in the selected folder it just says that Im not allowed to.
I have the three accounts created on the Slackware machine and of course in Samba, they can log on to the server and all that. But its just a problem with the filecreating / reading / moving and so on. I've changed the statuses on the files with the chmod command, but I dont know if Samba reads it differently. I guess Samba and the filemodes cooperate , or am I wrong? I've put the mode 777 on the folder and the files in it, still I get the errors. Anything missing in the Samba .conf? Like directory mask, create mask etc.
Im posting the current samba configuration here:
Code:
#Global Parameters
server string = Test Server
workgroup = home
netbios name = samba
encrypt passwords = yes
[homes]
read only = home
browsable = no
[test]
path = /Test/testo
browsable = no
valid users = ac1, ac2, ac3
write list = @admingrp
read list = @ac1, ac2, ac3
admingrp is ac1 and ac2, ac3 got another group where the account is alone. The point is that admingrp should be able to add and remove / edit files and ac3(and his group) should only be able to read the files.
Hope you got some more info, just ask if you need anything else.
Long while since I used Samba 2.x but your share stuff looks ok. Had a look at man smb.conf (for Samba 3) and the only thing it said there about read and write lists was that they don't work if security = share (in global section). Your global section is silent on this. I'd suggest putting security = user in the global section and see if that helps.
Failing that then the only reliable way to debug this stuff is to start with a basic share, get that working and then add the additional read/write stuff one at a time and see what effect it has. Sorry I can't be much more help.
Long while since I used Samba 2.x but your share stuff looks ok. Had a look at man smb.conf (for Samba 3) and the only thing it said there about read and write lists was that they don't work if security = share (in global section). Your global section is silent on this. I'd suggest putting security = user in the global section and see if that helps.
Failing that then the only reliable way to debug this stuff is to start with a basic share, get that working and then add the additional read/write stuff one at a time and see what effect it has. Sorry I can't be much more help.
Im trying a new approach on this problem. First of all, Im setting all the options to the folder and files through Slackware. This works perfect, Its like I want it to be, the users got limited rights etc. How do I 'transform' this to Samba and a Windows client? Any commands in samba? Most of the files on the Slackware PC got the status 774 (applied with chmod).
My current Samba conf:
Code:
#Global Parameters
server string = test
workgroup = HOME
netbios name = samba
encrypt passwords = yes
security = user
[homes}
browsable = no
[head]
path = /HEAD/
browsable = yes
valid users = ac1, ac2, ac3
[share]
path = /HEAD/share
browsable = no
valid users = ac1, ac2, ac3
Now, I do need to configure the create mask and folder parameters? Add more options in Slackware (777, 7773 etc)?
So basically, I want my Slackware configuration for theese maps to be converted to Samba and giving the same rights on a Windows XP
SP2 client logging on to the Slackware server, as on the Slackware PC.
Although my system is Samba 3, I tried out the 'valid users' directive to see what happens. Put directory permissions on share to allow read write access for 'users' group - anyone could view/create etc. Added 'valid user' restriction and only that person could even view the share. When logged on as a different user trying to browse to the share popped up a password box which no matter what I entered I couldn't get past.
Now although this restricts access to specific users I'm not sure whether it's the best way to do it.
I don't use the valid user stuff to restrict access. What I have are separate data areas for each user (/data/user1 /data/user2 etc) and a shared area that all users can see. I use the '%u' parameter to map the relevant data area to the user dynamically ie any user will see a share called 'data' but it is in fact only his own data area:
Quote:
[data]
comment = Network data area
inherit acls = Yes
path = /data/%u
read only = No
[shared]
comment = Shared network data
path = /shared
inherit acls = Yes
read only = No
Have a look at the samba.org HOWTO or Samba by Example - there's heaps of excellent stuff there that explains how Windows browsing works and also how Windows directory/file permissions differ from *nix.
Although my system is Samba 3, I tried out the 'valid users' directive to see what happens. Put directory permissions on share to allow read write access for 'users' group - anyone could view/create etc. Added 'valid user' restriction and only that person could even view the share. When logged on as a different user trying to browse to the share popped up a password box which no matter what I entered I couldn't get past.
Now although this restricts access to specific users I'm not sure whether it's the best way to do it.
I don't use the valid user stuff to restrict access. What I have are separate data areas for each user (/data/user1 /data/user2 etc) and a shared area that all users can see. I use the '%u' parameter to map the relevant data area to the user dynamically ie any user will see a share called 'data' but it is in fact only his own data area:
Have a look at the samba.org HOWTO or Samba by Example - there's heaps of excellent stuff there that explains how Windows browsing works and also how Windows directory/file permissions differ from *nix.
Hey, and thanks again for your help.
Today my Slackware crashed and I had to reinstall everything. So, Im going to use the smb-sample now and see if it makes a difference. I will return if I got more questions.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.