CentOS 5 Server :: Samba Share - Subfolders Users Access
Mar 4, 2010
I installed Samba on CentOS, create a principal share called "public" . I want to populate this share with subfolders, and to grant access rights to specific folders for specific users. The content of "public" will be visible for all Samba users, but they will have read/write access only to the specified subfolders based on my security policy. I need the best way for doing this kind of stuff...
I am using samba t share my files.I am sharing /media/MEDIA folder. it is a ntfs partition mounted with ntfs-3g with write/read access from linux.I can see and browse my shares and also create files in the root of this partition, ie /media/MEDIA, but in its subfolders i do not have write permissions.
another interesting thing is that i have permission to create directory and delete files everywhere and in any folder, subfolder but when trying to create files i get not enough free disk space error.by the way i dont know if this config file is correct, i find as template in internet.
I'm trying to set up a test system for Windows 7. I've been having trouble getting it to map drives on the domain where I work, so I wanted to set up a test system with a similar setup so I can play around with settings without mucking up our network. Only problem is I can't get it configured to even work with XP, which does work on our domain.
When I type \server in the Run box I get the explorer window showing all of the test shares I've set up. But when I try to access them, it says the network path could not be found. Here is my smb.conf file:
[global] workgroup = MAJOR netbios name = VPN realm = MAJOR.COM
I can't be the first one with this problem. What am I missing?
I have setup Samba servers in the past, just none under SELinux. The last one I configured was a couple years ago, so I wouldn't doubt I'm a bit rusty.
---- Environment summary: Clean server install of CentOS 5.4 includes SELinux - lets call this 'server' - updated samba to 3.0.33-3.15.el5_4.1
Client1 - Windows XP sp4 - WINS configuration uses 'server' noted above Client2 - Windows Vista - WINS configuration uses 'server' noted above
---- What works / what doesn't ------ Clients can see the server (XP and vista) in network neighborhood. The following does not work from windows (xp or vista) net view net view \server net view \server-ip net view \servershare
This does work on the server smbclient -L \server smbclient -L \server --user validuser smbclient -L \client1 --user validuser
---- What I have configured and tried (config/output below) -------- firewall ports for samba are open SELinux enforcing or permissive file context is set on share samba booleans are set
***firewall -A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m tcp -p udp --dport 139 -j ACCEPT
***SELinux mode/booleans # sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: enforcing Policy version: 21 Policy from config file: targeted
# getsebool -a | grep smb allow_smbd_anon_write --> off smbd_disable_trans --> on
# getsebool -a | grep samba samba_domain_controller --> on samba_enable_home_dirs --> on samba_export_all_ro --> off samba_export_all_rw --> off samba_share_fusefs --> off samba_share_nfs --> off use_samba_home_dirs --> on virt_use_samba --> off
I have configure few folders access by 3 users, In common folder only users that create that document can do changes. The rest of the users can only read the file but can not do changes. Ownership of the folder is admin, group is sambashare which already have the access create and delete files. All the 3 users already in sambashare main group, and they only can edit the file that they copy or create to the common folder .........
I have currently have opensuse 11.2 installed. I am trying to setup samba shares which you can only access as certain user. Currently looks like the only way I can access these share is use root username/password!
I want to which GUI I need to use to setup this up properly. And of course what setting to exactly to use.
how to configure samba share that users from ip pool (for example 192.168.1.200-210) have accest without login and rest users form ip pool (192.168.1.2-199 and 192.168.1.211-254) have to past autorization.
I've been reading for a while about samba but I haven't found a solution to my problem yet.I'd like to know if, the configuration I have in mind, is possible at all ("security = user" is what I'm using now).I want a directory to be: 1) read only for guests and some UNIX users; 2) write for some other UNIX users.
The advantage of this configuration would be that every single user in my LAN (with or without a UNIX account) would be able to read the content of the shared directory Music and I (UNIX user andrea) could manage the folder directly trough samba preserving the correct owner/group and permissions on the new files/folder created.
Notes about my configuration above: 1) as it is now every user gets authenticated by samba as nobody so even I (andrea) cannot write in it; 2) commenting out the line "guest ok = yes" I can authenticate as "andrea" and write in it but guest access is not possible any longer.
cannot restrict share access to a single user. I've played with the security and valid users options in the smb.conf and I can get it to mount if I remove the valid users option, but this does not provide the access restriction I need. I also left it open and tried making the folder permissions rwx for backupadmin only and that didn't work. I'm using a credentials file which I include below, but I've tried manually entering them in the command too.
[root@aaphst02 /]# mount -t cifs //aapsan01/aapxen01 /mnt/aapxen01 --verbose -o credentials=/root/smbcreds mount.cifs kernel mount options: unc=//aapsan01aapxen01,ip=10.0.1.34,user=backupadmin,ver=1,rw,credentials=/root/smbcreds,pass=********
This is my first post. I am not all that new to Linux. I have done lots of reading on the OS but always felt a little timid when it came to trying out stuff.Here is my problem I have a stand alone samba server I am trying to setup to share all my digital photos and other doc. I can see the share from other machines. On the windows machines you can see the users home directory and the share itself in an folder icon. Whenever I try to access the share it asks for a passwd. I enter the passwd and the share folder is visible when I click on the folder I get and error message.
I'm running Ubuntu 9.1 server on an PII Compaq. Read an article "Samba: How to share files for your LAN without user/password" [URL] and some others and can see and pull up files, can't change or delete. Here is my smb.conf:
# Sample configuration file for the Samba suite for Debian GNU/Linux. # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options most of which # are not shown in this example
# Some options that are often worth tuning have been included as # commented-out examples in this file. # - When such options are commented with ";", the proposed setting # differs from the default Samba behaviour # - When commented with "#", the proposed setting is the default # behaviour of Samba but the option is considered important # enough to be mentioned here .....
I'm pulling my hair out trying to figure out what is wrong with my Samba share. I have set up a directory /samba to serve up some movies, music, etc, on an Ubuntu 10.04 Server box. For now, I have given that directory 777 permissions, along with the subfolders:
Code: drwxrwxrwx 4 michal michal 4096 2010-06-22 18:02 Apps drwxrwxrwx 3 michal michal 4096 2010-06-22 19:02 Music drwxrwxrwx 3 michal michal 4096 2010-08-14 19:27 Pics drwxrwxrwx 5 michal michal 4096 2010-06-22 19:48 Video This is how my smb.conf file looks like for this particular share:
Code: [share1] comment = share1 browsable = yes path = /samba write list = michal Furthermore, I went ahead and mapped the Samba user to my Linux user account in /etc/samba/smbusers:
Code: michal = "michal" When I try to login from a Windows machine using michal as the username, I can see the folders, but I am unable to create new files on the share. Considering that the file system permissions are liberal on the share directory, I have no clue as to why I'm still getting denied write permission.
I have installed Samba and the Guest only share i've created works, I can connect and view, edit, create, delete files fine... However...I can NOT see or create subfolders.Google searches and playing around for six odd hours and no success...
----------smb.conf-------------- # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed
On our web server I want to have a WebDAV folder and I would like customers to be able to log in with MySQL authentication from our customers database (this I have set up with no problems and it works fine). HOWEVER, I want each customer to have their own subfolder and, having logged in with access to the main WebDAV folder, I want each customer ONLY to be able to access their own subfolder(s). I don't mind them seeing other subfolders exist but obviously I don't want them to have access to other customers subfolders.
OK, of course I could achieve this by adding new WebDAV locations to the httpd.conf for every customer but with a large number of customers httpd.conf will become very large and messy. I have tried applying further restrictions by putting an .httaccess file in each subfolder but that doesn't work - indeed the presence of a .htaccess file oddly prevents users from seeing any other files in the subfolder but has no effect on the access.
I don't think it has anything to do with the config file.More to do with SElinux. I need to know how to configure SElinux so I can see my samba share when SELinuxis on. When I setenforce 0 I can seen all the files and folders set it to setenforce 1 cannot see anything.Here is the output when I ran [root@fileserver /]# getsebool -a | grep smballow_smbd_anon_write --> onsmbd_disable_trans --> onThese two options were off I tried turning them on.This is another one of the commands I tried running. I did change a few options but I am not sure which I do need to change. I am running a stand alone server so I don't need the DC option.
[root@fileserver /]# getsebool -a | grep samba samba_domain_controller --> off samba_enable_home_dirs --> off
I'm trying to set up a VPN connection between our CentOS 5.3 server at work and my bosses XP computer at home. At this point, we are kinda locked into Quickbooks. I'm testing the connection from my XP boot at home to see if it works. I can log into our servicemanuals easily enough from XP at home however, the windows takes forever to update. I have the Samba server only listening on port 445 because is seems to work more efficiently at work. I connect to the Samba shares via linux from home and everything works well but, when I try to do anything with the shares from Windows client at home, it's very slow!
I'm thinking that it must have something either to do with the Windows OpenVPN client or the client.conf file. Is there anything I should look at in the .conf file for answers?
I'm trying to set up quota limit in samba-3.0.33-3.15.el5_4.1 in CentOS 5.5, by means of the module vfs objects. In the samba howto  I found a very brief explanation, but it isn't working for me. The basic idea is to setup a user called 'quota2g' (uid 499) and setup the [homes] share, as it comes by default, to enforce the quota on each user share.quota2g:x:499:499:User quota 2GB:/home/quota2g:/bin/bash
I have been having off and on issues with my samba file shares. I am sharing a NTFS formated hard drive where the mount point is in my home directory, as well as a printer connected via USB. I am to the point where printing works (using it as an ipp print share, samba is configured for it, but I don't know if it works or not), and I can access the shared folder from Windows, but I can't access the shared folder from any Ubuntu machine. I get the error:
I have setup a Centos5.5 VMWare guest with Samba and Winbind for Active Directory integration, using GUI tools. Authentication works flawlessly, with automatic home directory creation. What I want to achieve now is using local UNIX groups to controll access to shared folders, to avoid bothering AD administrators with groups management. This is my smb.conf global section:
'finance' is a local UNIX group where I added user 'COGITANSalberto' (I also tried with 'alberto') as a secondary group (primary group is 'domain users' and it cannot be changed). I am sure the user is added, because it is listed in 'getent group'. If I specify user COGITANSalberto in valid users it works, i.e. only that use can access the share, the others get a NT_STATUS_ACCESS_DENIED error. But if I use +finance, access is denied to everybody, and this is the log:
[2010/09/11 14:12:37, 10] smbd/share_access.c:user_ok_token(211) User COGITANSalberto not in 'valid users' [2010/09/11 14:12:37, 2] smbd/service.c:make_connection_snum(617) user 'COGITANSalberto' (from session setup) not permitted to access this share (finance)
It seems like winbind cannot recognize finance as a local group. For the same reason, I guess, 'force group = finance' does not work either (files are created with 'domain users' group ownership). My /etc/nsswitch.conf:
I'm planning to use a virtual CentOS box for web development (to use the same software as on the real server). I configured Samba to have root guest access to /var/www/ but it doesn't let me in /var. Chmod 777 doesn't help. Nethertheless, I have full access to /sbin and /etc.
How can I set permissions for users within the share? Example: I have a share called Programming and some user can create folders within it most others can not, can read the documents. How do I set permissions?
want to made 2 users in samba by which windows machine we access share, say user1 has read,execute permission, user2 has read write delete update full permission. we have done user1 configuration as premia user. we need your guideline for user2
we change the smb.conf file # less /etc/samba/smb.conf [global]
when client goes to bind to NFS share on remote server - they are getting access denied when using the mount command; [SERVER] - CentOS 5.3 /etc/exports /mnt/data 192.168.5.199(rw) - implying the client I want to have access
Im trying to config my intranet to be accessible from inside the network (lan) without need of password and ask for a passwd for those who are viewing from Wan ....
Today my intranet can only be accessed from Lan, external access give me an Unauthorized message, I took look around, try #irc and still can get the appropriated help, I hope that someone here could help me on that...
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
I've installed Ubuntu Server 7.10 Gutsy and Webmin 1.500 on it. The thing that I want to do is: I want to share a folder an sub folders for windows users ( guest user) I should modify those folders from my ubuntu desktop 9.10 karmic they are all same folders. Is it possible? if yes how can i make it. you can tell from webmin or samba configuration file.