How to use samba implementing some files can visible and some files can not visible
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to use samba implementing some files can visible and some files can not visible
A files server on linux. I use the samba. security = ADS.
Many Windows PC access the server. There is a directory have 10 files.6 files some users, like guest, have no privilege to read it. how to hide the 6 file for some users?
If can not hide files for somebody, Forbid "Copy" is also ok.
Is it only guest users that you don't want to read files. Do you want them to be forbidden from reading all the files in the share or only those 6 files. If it is only 6 files of many that certain users are not allowed to read, then I think you want to use nt acl's in windows or posix acls in Linux (setfacl) and use the option "nt acl support = yes".
It may be easier to put these files somewhere else like in their own directory and control access to the directory.
Is it only guest users that you don't want to read files. Do you want them to be forbidden from reading all the files in the share or only those 6 files. If it is only 6 files of many that certain users are not allowed to read, then I think you want to use nt acl's in windows or posix acls in Linux (setfacl) and use the option "nt acl support = yes".
It may be easier to put these files somewhere else like in their own directory and control access to the directory.
I'm very sorry to not explain clearly. I have used the ACL in Linux. If I set this 6 files someuses not allowed to read, users also can see it or copy it.
I want to forbid all user can not copy this 6 files except some user that have privilege. So I try to hide them, but not successful.
Create a group for the users allow to read the files, and make this group the owner. For the "security = domain" model, I think that you need to map this group to a Windows group. Scan through your servers smb.conf file. If there is an "add group script" and you use Windows NT domain administration tools, then you can use those tools to create a new group and do the mapping.
I don't think that you can make a file invisible for certain users, but you can restrict access.
You probably want to look and see if you have a samba-doc package. It contains 3 books including the Samba 3 Howto & Reference Guide. Look at the chapters starting with Chapter 12.
It may be possible that with your current configuration, you can log into the network with a network admin username/password and use the windows tools to create a new group, add users to the group, restrict access to the files to members of this group or to users using Windows ACLs.
I think you would save yourself a lot of work if this 6 files were located in a separate share and you used a samba access control list to control who has access to the share. For example, you could list the users in the "valid users =" parameter for that service.
I use "security = user" instead of domain, so I could have easily missed something that may be easier. Good Luck!
Very thank you for you reply. I could not forbid users access this 6 files, because there is a program must use this 6 file.
For example, the program is a MSN, it need 6 DLL files. A guest account can use MSN. so the guest account must has privilege to access this 6 DLL files.
But, I don't want the guest account copy the 6 DLL files to locate PC. Is the samba can forbid copy, but allow access ? Or, have other method solve this problem.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.