With regard to NT, you can use file/directory permissions to limit access to specific directories below a sharepoint. The connecting user would still be able to see the list of directories, but they could not access directories that they did not have permission to. Quite different and possibly confusing to someone coming from Unix to NT. I don't know - I learned NT first! John J. LeMay Jr. Phone (732) 785-2525 NJMC, LLC. Fax (732) 974-1945 http://www.njmc.com Text Paging 1382836@skytel.com On Wed, 28 Jul 1999, Charles Homan wrote:> Greetings: > > I couldn't find this one in the archive: > > What we want to do here is make it so a non-owning user can map a drive, but > not see anything below the top level. However, if they know the exact > pathname to a file, they should be able to open it. In Unix, we do this > with file permissions like: > > drwx--x--x foo > > drwx--x--x foo/bar > > -rwxr--r-- foo/bar/foobar > > So the owner can do anything with either of the directories or the file > foobar, but anyone else can only directly open the file foobar (if they know > it is there) by doing something like "cat foo/bar/foobar". They can from > the directory above foo see, and cd to, "foo", but if they do an "ls" they > won't see anything. > > However, when I shared up this directory structure with samba, I am not > allowed to do something like "type foo\bar\foobar" - it gives a "permission > denied" error. > > Am I missing something? Is this behavior possible to replicate in NT? If > so, how do I get samba to do it? > > Thanks! > /charles > > Charles Homan > Sr. Systems & Network Administrator > Opus Telecom LLC > > >
Greetings: I couldn't find this one in the archive: What we want to do here is make it so a non-owning user can map a drive, but not see anything below the top level. However, if they know the exact pathname to a file, they should be able to open it. In Unix, we do this with file permissions like: drwx--x--x foo drwx--x--x foo/bar -rwxr--r-- foo/bar/foobar So the owner can do anything with either of the directories or the file foobar, but anyone else can only directly open the file foobar (if they know it is there) by doing something like "cat foo/bar/foobar". They can from the directory above foo see, and cd to, "foo", but if they do an "ls" they won't see anything. However, when I shared up this directory structure with samba, I am not allowed to do something like "type foo\bar\foobar" - it gives a "permission denied" error. Am I missing something? Is this behavior possible to replicate in NT? If so, how do I get samba to do it? Thanks! /charles Charles Homan Sr. Systems & Network Administrator Opus Telecom LLC
>With regard to NT, you can use file/directory permissions to limit access >to specific directories below a sharepoint. The connecting user would >still be able to see the list of directories, but they could not access >directories that they did not have permission to. Quite different and >possibly confusing to someone coming from Unix to NT. I don't know - I >learned NT first!Hmm, what I'm trying to do is a little more complicated than just "this is the furthest down the tree you can go". I want to hide the file names from simple browsing, but still have the ability to read the files if I already know the names. Kind of like the hidden attribute, but without the ability for a non-owner to ever see the file names. Can NT do that? My research seems to show that it cannot, and that to be able to read a file in NT, you must be able to see its name. Disappointing. :( Can anyone confirm or deny that that is the case? Thanks again! /charles Charles Homan Sr. Systems & Network Administrator Opus Telecom LLC
hi all, i've got a linux (2.4.28) running samba (2.2.3a). it serves to people in my lab (all windows, win98 and win2k) and people outside of my lab (all windows, win98, winme and win2k). inside the lab all computers log into the network as the user 'doclab'. outside of the lab people log into the network as their unique userid. the problem arises when the user 'doclab/ creates a file inside one of the user's home directories (e.g. /home/jjvenkit that's me). we want the 'doclab' user to be able to do this (ip address is restricted to machines inside the lab) AND we want the ownership of that file to remain with the owner of the home directory (e.g. jjvenkit). that's the problem--when 'doclab' creates a file the user is incorrect on it and therefore the people outside of the lab can't modify file in their own home directory. currently this is how things are set-up: [users] path = /home comment = My Documents aka Home Directories writable = yes public = no create mask = 0660 force create mode = 0660 directory mask = 6770 force directory mode = 6770 valid users = doclab hosts allow = localhost 129.97.80.123 129.97.80.249 129.97.80.179 129.97.80.68 129.97.80.173 129.97.80.98 129.97.80.248 129.97.80.56 129.97.9.183 129.97.9.100 129.97.80.135 129.97.80.169 on the filesystem: /home root.root 0775 /home/%u %u.doclab 6770 where the group doclab has only the userdoc lab in it. does anybody have any suggestions on what i can try? thanks very much, jason.
Greetings all,
I have a Samba 2.2.8a implimentation which has been acting up for some
users which I believe I have traced back to the unix file permissions. All
users belong to a group (webadmin) which has rw permissions to said files,
however for some reason, they are still receiving an access denied response
when trying to do any writes. This is definitly not an authentication
problem as the user can make writes if he/she owns the file directly. Any
ideas?
Thanks,
David