I have a RHL box running Samba 1.19.8p10 (or whatever the latest one is). I would like to share the /home/httpd directory read-only to everyone on the network and read/write to a few specific people. I cannot get the passwords for these people, and I want this to be as transparent as possible (read: as "invisible" as possible). I don't want to have to add every user to the group, but I'm willing to add the users who need read-write access. Help would be appreciated. I've been playing with the usermap, read list, write list, and a few other parameters. BTW, is there a way for Samba to use the NT groups instead of the Unix groups for checking write permissions? -- Ben Kosse bkosse@thecreek.com PC Support Analyst Coldwater Creek Inc. (208) 265-7114
> I have a RHL box running Samba 1.19.8p10 (or whatever the latest one is). I > would like to share the /home/httpd directory read-only to everyone on the > network and read/write to a few specific people. I cannot get the passwords > for these people, and I want this to be as transparent as possible (read: as > "invisible" as possible). I don't want to have to add every user to the > group, but I'm willing to add the users who need read-write access.This is the solution. Put everybody who should have write access in a group lets say called usrwrite. Then make the dir which is shared (Path = ... in the smb.conf) chmod 2775 <dir> chown root.usrwrite <dir> Set the same permissions on every dir under <dir>/ - new dirs will get them automatically (thanks to the sgid- bit set with the 2 in 2775) Set all files to 664 (not 2664), same owner&group as dirs. Again, new files get the right perms automatically. You don?t need "write list" or any of the options related to this - the only exception is maybe "user list" of you want to restrict the users allowed to connect.> Help would be appreciated.Here it is (was...?)> I've been playing with the usermap, read list, write list, and a few other > parameters.Maybe it?s possible with those parameters too - I never used them> BTW, is there a way for Samba to use the NT groups instead of the Unix > groups for checking write permissions?I don?t think so.. but maybe someone did some patches... Hope this helps, Florian Pflug
> > I have a RHL box running Samba 1.19.8p10 (or whatever the > latest one is). I > > would like to share the /home/httpd directory read-only to > everyone on the > > network and read/write to a few specific people. I cannot > get the passwords > > for these people, and I want this to be as transparent as > possible (read: as > > "invisible" as possible). I don't want to have to add every > user to the > > group, but I'm willing to add the users who need read-write access. > This is the solution. Put everybody who should have write > access in a group > lets say called usrwrite. > Then make the dir which is shared (Path = ... in the smb.conf) > chmod 2775 <dir> > chown root.usrwrite <dir> > Set the same permissions on every dir under <dir>/ - new dirs > will get them > automatically (thanks to the sgid- bit set with the 2 in 2775)Yes, yes, I know this, but unfortunately it doesn't work. You see, I had already set up permisions like this so as to be able to update the files via FTP. The problem is that the Linux server doesn't have the same password list as the NT servers. I set security = server so as to use NT as the password server (the password server is the PDC). The problem is that either everyone can write to the directory or no one can .> You don?t need "write list" or any of the options related to > this - the only exception is maybe "user list" of you want > to restrict the users allowed to connect.I'm sure this would work wonders if the users actually logged into the Linux box, but sadly, they don't. -- Ben Kosse bkosse@thecreek.com PC Support Analyst Coldwater Creek Inc. (208) 265-7114