Ryan Yetter
2002-Jan-22 15:07 UTC
Changing File Permissions to allow multiple users file access
I have a question regarding using Samba for file sharing with Win2k clients. I have a client whom I would like to set up a Linux server for using Samba for filesharing, but there is one thing I haven't figured out how to do that I could've sworn I had done before on my own server in the past. My client has several users whom share files on a regular basis. Like Person A will have access to Person B's files and Person C will have access to Person B's files, but Person B won't have access to either Person A or Person C's files nor will Person A have access to Person C's files or vice versa. Now, with an NT server, you just go into the directory or the file right-click on it, choose properties and then Security. Now I can do this with the samba share too, but it won't let me add users whom can access the file from the domain. I have their home directory on the linux server mapped to the H: drive on the workstation through Samba and their My Documents folder has been moved to H:\My Documents. Everything seems to work fine other than this one issue with trying to allow only certain users to have access to files. I'm using Win2k SP2 and Samba 2.2.1a and my smb.conf file is as follows: [global] bind interfaces only = true interfaces = 192.168.10.50 netbios name = samba-head workgroup = machines security = domain domain logons = yes encrypt passwords = yes os level = 64 domain master = yes preferred master = yes local master = yes add user script = /usr/sbin/useradd -d /home/%u -g machines -s /bin/false -M %u printer admin = @machines printcap name = /etc/printcap load printers = yes logon path = \\%N\profiles\%u logon drive = N: logon home = \\samba-head\%u logon script = logon.bat [netlogon] path = /usr/local/netlogon writeable = no write list = ntadmin [profiles] path = /machines/profiles writeable = yes create mask = 0600 directory mask = 0700 [sample-share] path = /tmp [homes] comment = Home Directories browseable = no writeable = yes # This one is useful for people to share files [tmp] comment = Temporary file space path = /tmp public = yes [part2] comment = Downloaded Program Files path = /2 public = yes [allhomes] comment = Home Directories path = /home public = yes read only = no writeable = yes [src] comment = Source Directory path = /usr/src public = yes read only = no writeable = yes browseable = yes [dj722c] path = /usr/local/samba-head/printers printer name = dj722c writable = yes public = yes printable = yes guest ok = yes print command = lpr -r -h -P %p %s Any help would be appreciated. -Ryan N. Yetter
Kohei Yoshida
2002-Jan-22 15:43 UTC
Changing File Permissions to allow multiple users file access
On Tue, 2002-01-22 at 17:58, Ryan Yetter wrote:> I have a question regarding using Samba for file sharing with Win2k > clients. I have a client whom I would like to set up a Linux server for > using Samba for filesharing, but there is one thing I haven't figured > out how to do that I could've sworn I had done before on my own server > in the past. My client has several users whom share files on a regular > basis. Like Person A will have access to Person B's files and Person C > will have access to Person B's files, but Person B won't have access to > either Person A or Person C's files nor will Person A have access to > Person C's files or vice versa. Now, with an NT server, you just go > into the directory or the file right-click on it, choose properties and > then Security. Now I can do this with the samba share too, but it won't > let me add users whom can access the file from the domain. I have their > home directory on the linux server mapped to the H: drive on the > workstation through Samba and their My Documents folder has been moved > to H:\My Documents. Everything seems to work fine other than this one > issue with trying to allow only certain users to have access to files.This is a normal behavior since each file or directory on Linux is only associated with one user and one group. But you can add POSIX ACL support to your Linux server to allow setting permissions for multiple users a la Windows NT/2000. There is a POSIX ACL implementation for ext2/ext3, which can be downloaded from http://acl.bestbits.at. XFS also comes with its own implementation of POSIX ACL, but I don't know if Samba supports it. I believe it does, but I'm just not 100% positive. Hope this helps. Kohei