Hi all,
I'm fighting with samba on a new CentOS 5.1 install.
The goal here is to have unix/linux usernames/passwords used for the
samba shares (which i'll setup using webmin, as I find it easy that
way). At present, the home share and one for the company's public share
are in place.
I can see the server, browsing from WinXP to \\172.16.0.106, but
permissions seem amiss. I should be able to read/write to a given share
but it seems to be ro.
Any pointers or advice would be greatly appreciated.
My simple smb.conf file is here:
[global]
netbios name = BACKUP
socket options = TCP_NODELAY
force directory mode = 777
unix password sync = yes
workgroup = WORKGROUP
force create mode = 777
os level = 20
encrypt passwords = yes
security = share
public = yes
passdb backend = smbpasswd
directory mode = 777
[homes]
writeable = yes
public = yes
path = /home
[company data]
comment = company data
writeable = yes
create mode = 775
path = /home/share1
Thanks in advance,
-Ray
Ray Leventhal wrote:> Hi all, > > I'm fighting with samba on a new CentOS 5.1 install. > > The goal here is to have unix/linux usernames/passwords used for the > samba shares (which i'll setup using webmin, as I find it easy that > way). At present, the home share and one for the company's public > share are in place.# useradd ..... someuser # passwd someuser new: .... again: ... # smbpasswd -a someuser new: .... again: .... the smbpasswd step is neccessary, because SMB/CIFS protocol uses a different hash than /etc/passwd & /etc/shadow, so samba keeps its own smbpasswd file.
on 3-26-2008 6:55 AM Ray Leventhal spake the following:> Hi all, > > I'm fighting with samba on a new CentOS 5.1 install. > > The goal here is to have unix/linux usernames/passwords used for the > samba shares (which i'll setup using webmin, as I find it easy that > way). At present, the home share and one for the company's public share > are in place. > > I can see the server, browsing from WinXP to \\172.16.0.106, but > permissions seem amiss. I should be able to read/write to a given share > but it seems to be ro. > > Any pointers or advice would be greatly appreciated. > > My simple smb.conf file is here: > > [global] > netbios name = BACKUP > socket options = TCP_NODELAY > force directory mode = 777 > unix password sync = yes > workgroup = WORKGROUP > force create mode = 777 > os level = 20 > encrypt passwords = yes > security = share > public = yes > passdb backend = smbpasswd > directory mode = 777 > > > [homes] > writeable = yes > public = yes > path = /home > > [company data] > comment = company data > writeable = yes > create mode = 775 > path = /home/share1 > > > Thanks in advance, > -RayIf you are going to use smb passwords anyway, why set security to "share? You should set security to "user" and make sure you keep unix users and samba users synced. For public shares you can set a shared user and group, and make shared directories keep those perms. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 250 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080326/707cd4a9/attachment-0001.sig>
On Wed, 2008-03-26 at 10:16 -0700, Scott Silva wrote:> on 3-26-2008 6:55 AM Ray Leventhal spake the following: > > Hi all, > > > > I'm fighting with samba on a new CentOS 5.1 install. > > > > The goal here is to have unix/linux usernames/passwords used for the > > samba shares (which i'll setup using webmin, as I find it easy that > > way). At present, the home share and one for the company's public share > > are in place. > > > > I can see the server, browsing from WinXP to \\172.16.0.106, but > > permissions seem amiss. I should be able to read/write to a given share > > but it seems to be ro. > > > > Any pointers or advice would be greatly appreciated. > > > > My simple smb.conf file is here: > > > > [global] > > netbios name = BACKUP > > socket options = TCP_NODELAY > > force directory mode = 777 > > unix password sync = yes > > workgroup = WORKGROUP > > force create mode = 777 > > os level = 20 > > encrypt passwords = yes > > security = share > > public = yes > > passdb backend = smbpasswd > > directory mode = 777 > > > > > > [homes] > > writeable = yes > > public = yes > > path = /home > > > > [company data] > > comment = company data > > writeable = yes > > create mode = 775 > > path = /home/share1 > > > > > > Thanks in advance, > > -Ray > If you are going to use smb passwords anyway, why set security to "share? > You should set security to "user" and make sure you keep unix users and samba > users synced. For public shares you can set a shared user and group, and make > shared directories keep those perms.Not to highjack the thread but on to samba security (user and share mode) as I am having a problem with it. Can you link me to some sort of samba docs that fully explain user and share mode. Also why user mode will not work with some forms of authentication. See Link: http://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=13357&forum=39> > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos-- ~/john OpenPGP Sig:BA91F079
Scott Silva wrote:> >> I'm fighting with samba on a new CentOS 5.1 install. >> >> The goal here is to have unix/linux usernames/passwords used for the >> samba shares (which i'll setup using webmin, as I find it easy that >> way). At present, the home share and one for the company's public >> share are in place. >> >> I can see the server, browsing from WinXP to \\172.16.0.106, but >> permissions seem amiss. I should be able to read/write to a given >> share but it seems to be ro. >> >> Any pointers or advice would be greatly appreciated. >> >> My simple smb.conf file is here: >> >> [global] >> netbios name = BACKUP >> socket options = TCP_NODELAY >> force directory mode = 777 >> unix password sync = yes >> workgroup = WORKGROUP >> force create mode = 777 >> os level = 20 >> encrypt passwords = yes >> security = share >> public = yes >> passdb backend = smbpasswd >> directory mode = 777 >> >> >> [homes] >> writeable = yes >> public = yes >> path = /home >> >> [company data] >> comment = company data >> writeable = yes >> create mode = 775 >> path = /home/share1 >> >> >> Thanks in advance, >> -Ray > If you are going to use smb passwords anyway, why set security to "share? > You should set security to "user" and make sure you keep unix users and > samba users synced. For public shares you can set a shared user and > group, and make shared directories keep those perms.The problem is that all these shares are set as 'public' so you'll connect as a guest user - which I don't see defined - and unless the unix file system is writable by the guest you'll only have read access. With user level security you can't connect to different shares as different users, so if you remove the 'public' from the home section (as you probably should) and let people connect as themselves, they will have to also connect as themselves to the public shares. -- Les Mikesell lesmikesell at gmail.com
Scott Silva wrote:> on 3-26-2008 6:55 AM Ray Leventhal spake the following: >> Hi all, >> >> I'm fighting with samba on a new CentOS 5.1 install. >> >> The goal here is to have unix/linux usernames/passwords used for the >> samba shares (which i'll setup using webmin, as I find it easy that >> way). At present, the home share and one for the company's public >> share are in place. >> >> I can see the server, browsing from WinXP to \\172.16.0.106, but >> permissions seem amiss. I should be able to read/write to a given >> share but it seems to be ro. >> >> Any pointers or advice would be greatly appreciated.<snip>>> >> >> Thanks in advance, >> -Ray > If you are going to use smb passwords anyway, why set security to "share? > You should set security to "user" and make sure you keep unix users > and samba users synced. For public shares you can set a shared user > and group, and make shared directories keep those perms.Thank you, Scott. I'd actually done that a little while ago but hadn't returned to the list since then. Your point is well taken and also well documented (at least when I got to that part :) Kind regards, -Ray