David Greenhall
2007-Jan-25 09:18 UTC
[Samba] Am I going about this all the wrong way?[Scanned]
Here are the permissions for the relevant folders / links Folder1: drwxrws--- 17 root Domadmin 4096 Jan 24 15:57 ./ |-------[Softwarefolder] drwxrwsrwx 17 root Domusers 4096 Jan 24 10:25 ./ [AccountsFolder] drwxrwx--- 3 root Accounts 4096 Jan 25 06:38 ./ |---------------[SymbolicLink1] - Linked to folder1/softwarefolder lrwxrwxrwx 1 root root 20 Jan 25 06:38 XEB -> /var/samba/Progs/Softwarefolder/ [SalesFolder] drwxrwx--- 3 root Sales 4096 Jan 25 06:38 ./ |---------------[SymbolicLink1] - Linked to folder1/softwarefolder lrwxrwxrwx 1 root root 20 Jan 25 06:38 XEB -> /var/samba/Progs/Softwarefolder/ -----Original Message----- From: Rune T?nnesen [mailto:rune@tonnesen.org] Sent: 24 January 2007 17:17 To: David Greenhall Subject: [NOT IN WHITELIST] Re: [Samba] Am I going about this all the wrong way?[Scanned] Do you have the correct unix permissions on the shared group folders e.g. 0770 Venlig Hilsen (Best Regards) stud. med. Rune T?nnesen David Greenhall skrev:> Sorry for the title, but couldnt think how to word it. > > Basically we have a piece of software that all departments in our > company uses, placed on the samba server but runs from windows. Because different departments use other items on the server which will differ depending on who needs them this is what i have done: > > [AccountsFolder] |---------------[SymbolicLink1] - Linked to > folder1/softwarefolder > > [folder1] - Contains the software for all > |-------[Softwarefolder] > > [SalesFolder] |---------------[SymbolicLink2] - Linked to > folder1/softwarefolder > > The Folder1 is owned by domain admins > AccountsFolder owned by Accounts > and Salesfolder owned by Sales. > > [smb.conf] > > [Accounts] > browseable = no > inherit permissions = Yes > delete readonly = Yes > writeable = yes > valid users = @Accounts > path = /var/samba/Accounts > force group = Accounts > > [Sales] > browseable = no > inherit permissions = Yes > delete readonly = Yes > writeable = yes > valid users = @Sales > path = /var/samba/Sales > force group = Sales > > However, when i check the connections using webmin, there are users in > accounts who have connections open from sales and visa versa. This I was hoping someone could enlighten me on. I cannot figure out how they can gain access to a share that they have no permissions to open. When I browse from their machines to try and open the other shares its as you would expect [Access Denied] > > So basically im wondering if i am going about this all the wrong way, > and maybe someone could hint at a better way. > > Thanks > Dave > > ___________________ > Systems Administrator > Praybourne Limited > > Tel: +44 (0) 870 2420004 > Fax: +44 (0) 1527 68780 > >