So, 18 days and 375 posts later..... no answer to my question?
Looks like I just want impossible: simple share with no limits, but with local
user permissions for remote users. And NO I do not wish to use user level
security, as users that have to use those shares hardly can cope with more
basic stuff, than it is login to someone else's share via
username&password.
Anyhow, in my previous post I have presented my non working (only on samba
3.2.3) smb.conf and I need help in getting it to work (again on samba 3.2.3 or
later). I hope that conf is self explanatory, but if it is not, please ask me
and I will clarify.
Thanks.
On Monday 27 October 2008 22:59:00 Dragan Lukic wrote:> Hello all,
>
> As I was instructed on #samba IRC channel, I will start new discussion
> here, about samba and a way it works.
>
> I might call myself an experienced Linux user, and self thought admin, so
> things in Linux are not so new to me, but lacking proper (certified)
> education, I still tend to roam around issues with trial&error method.
>
> Regarding samba, it is translated in my attempt to make things go my way,
> rather than (someone might call it) right way.
>
> Since I work as sysadmin, surrounded with mostly computer illiterate users,
> my primary goal is to make things effortless to them... (brainless is
> better word...), and since it is mixed environment (windows&linux), and
of
> course all they ever saw before is windows.... you can understand a nature
> of limitations that are in front of me.
>
> It took me some time (again trial and error) to compile set of rules for
> smb.conf that makes things exactly as I want. Efficient and nice.
> This smb.conf is working for me for more than a year now, and is still
> working at workplace, but I hit a brick wall trying to use it at home.
>
> At work, idea is like so:
> Linux user has it's home dir
> inside there is Documents dir
> inside that I will make shared dir
> it will be published via Samba
> it will available for read and write to all
> this includes local user via Samba and via local access
> for ownership issues, all files will be forced to create under local user
> and group mask
> not to forget, it is only workgroup, not domain or any other level of
> network organisation
>
> All these rules are matched with following smb.conf (real entries will be
> changed with foo/bar)
>
> [global]
> workgroup = FOO
> server string = FOO Server
> security = share
> hosts allow = 192.168.125. 127.0.
> log file = /var/log/samba/%m.log
> max log size = 50
> local master = no
> os level = 33
> dns proxy = no
>
> # ==================== Share Definitions ==================> [Share]
> path = /home/foobar/Documents/Share/
> public = yes
> force user = foobar
> force group = foobar
> create mask = 0755
> force create mode = 0755
> directory mask = 0755
> force directory mode = 0755
> writable = yes
> printable = no
>
> Of course directory /home/foobar/Documents/Share/ exists, and is set up
> with 755 for user foobar and group foobar (as well as all inside contents).
>
> Doing so, whoever puts something inside this dir via samba, creates that
> file/folder with foobar:foobar ownership and 755 set of permissions. Which
> is exactly what I wanted. Of course, no username&password dialogue is
> needed, so my main goal of things being effortless for users is also met.
>
> So, this works in network of mostly Windows XP-s, Mandriva 2008, and few
> Mandriva 2008.1 machines (including router/mail server). So samba versions
> in use are 3.0.25b and 3.0.28a (maybe some updated, but not important for
> issue).
>
> It was also working at home, where I have desktop (that plays also router)
> and laptop connected via wlan to desktop. Recently newest Mandriva was
> released, so I decided to give it a go. After struggling with bunch of
> other issues, time came to quickly enable samba share so I can move files
> from laptop to desktop (where new Mandriva 2009 is installed). Easy job...
> oh how wrong was I...
>
> Installed samba client and server packages.... made a backup of stock
> smb.conf and copied "old" smb.conf file. Called smb://home in
Dolphin and
> was surprised... no workgroups found!! Well after some period of time (and
> several smb restarts) finally I got smb://home to show share...
> Now to enter it... errr NO
> Again few restarts and lot of time later... OK... I see contents of
> smb://home and can enter... good... let's see what is inside...
> Nothing
> Or to be exact, message is: The file or folder smb://hostname/Share does
> not exist
>
> Of course it exists, all was done and set up exactly as at work... and set
> up that way it was working PRIOR latest samba installed... and at this time
> it is: samba-server-3.2.3-3mdv2009.0 (with other dependent files)
>
> So now... I was advised to use security level set to user, and to allow
> guest user... and I did that... After lot of trials (this time refreshed
> via smbcontrol smbd reload-config) it finally got me where I want to be,
> with exclusion of all files written via samba are now owned by
> nobody:nogroup so it needs to be chowned to local user to be useful.
>
> I am not happy with this solution and I do not use it.
>
> Getting here took me ~3 days of reading (in fast forward mode) several
> official samba pages, numerous forums, asking around irc channels etc...
>
> I was unpleasantly surprised with official samba examples that are not
> working, like this one here:
> http://us1.samba.org/samba/docs/man/Samba-HOWTO-
> Collection/FastStart.html#anon-rw
>
> Followed it by the letter (except names) and in return got same error as
> above.
>
> Also another quite frustrating thing... TIME.. time for new set of rules
> from smb.conf to take effect.... that eat most of last ~3 days...
> waiting... and since I was inpatient.... maybe somewhere along there was a
> smb.conf that worked as I expected it to work... but in waiting.... or
> better said lack of .. I made another change and tried it....... and
> again... .. ..
>
> So, at the end.... I just give up..... unless I am presented with solution
> that will do exactly what I want (do mind I have it working on prior samba
> version) I just do not want to waste any more time and energy in chasing
> some ... dont even know what..
>
> Thank you for reading this... If I can provide any more interesting info,
> (such as logs) please tell me. There is way to much text in this post
> already...
>
> DraxNS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: This is a digitally signed message part.
Url :
http://lists.samba.org/archive/samba/attachments/20081113/fd8a489e/attachment.bin