Software :: Samba Suggestions On Group Permissions

Jan 14, 2009

I have a user community of about 2000 users and a samba server running on AIX that currently hosts a read-only share for the whole company.

[Released]
path = /mypath
guest ok = Yes

But now I have been requested to make this share available as read-only for some users and completely inaccessible to everyone else. The number of users who will have access is probably a few hundred and I expect users to be added/removed on a daily basis. Some of the users have unix logins, while others do not. Because of this, I hesitate to mess with user mapping because I would have to manage this every day, unless I do something with a script.

Can someone suggest a scheme I can use to deny everyone except for certain users without having to use user mapping?Someone here in my office suggested we use hosts allow or deny, since the users who will still have access are located on the same subnet. However, there is a distinct possibility that a small number of people on a few other subnets will need access. Is there a way I can specify hosts allow but still allow specific users from other subnets?Forgive me if this question has been asked before. I'm sure it must have been, but I am having trouble doing a search of the archives that will give me advice about this particular problem.

View 2 Replies


ADVERTISEMENT

Server :: Samba And Group Permissions

Sep 11, 2010

This is a interesting confusing problem.Ok I have group with 3 users.I have a folder in /home with owner as root, and group that has read/write permissions.However if a user opens up a file and saves it via samba, the owner changes to the user, and the group members only have read permissions on the file.

View 4 Replies View Related

Ubuntu :: Samba Share With Group Permissions?

Nov 18, 2010

I am trying to set up a Samba share on one of my machines where I am the owner and a special group manages permissions for read-only access ( me:specialgroup ). If I log into the share as me, there is no problem (I have read/write privs as per usual). However, I am not able to log into the share using any of the group members (there is only one currently). That user is not able to access the share (failed to mount).

The folder (which is the share) is owned by me:specialgroup and the permissions have been forced down the folder. Samba is set to Share this folder with no guest or others write access.

View 9 Replies View Related

Ubuntu Servers :: Setup Samba Share And Group Permissions?

Feb 15, 2011

I have a couple of user accounts where each member belongs to a group i have created: Each user access the share using their own user account credentials.
How can I configure Samba in a way so that each modification done on the share gets the owner of the user and my group instead of the user and the users own group? I would also like the access rights to be 770 to each modification.

In other words, today each modification by "userA" get the owner "userA.userA" and I would like it to be "userA.MyGroup" with "rwxrwx---" permissions.

View 3 Replies View Related

Server :: Ubuntu Workstations Connects To Samba Pdc But Gets No Group Permissions?

Dec 30, 2010

The current situation:there is a samba PDC with ~50 XP workstations, all working fine for the last two years.The goal:Cycle older hardware back into production by installing ubuntu on them. These workstations must authenticate against the domain, and must automatically mount a public, a user, and a department share that contains folders with various group permissions.The added challenge:Since the office where this lan is located is closed for the next week or so, the ubuntu workstation I am testing with is connecting via a site-to-site VPN. This is soon to be mandated as a requirement anyway, so if not done now it will have to be done later anyway. I mention this since it *may* be something that could be interfering with the success of my mission, however, given what does work, I do not think this is my culprit.

What does work:Thanks to winbind, I can log into the ubuntu workstation via gdm with my domain credentials, and thanks to pam_mount my shares do mount correctly. I take this to mean my pam conf files are correct, along with nsswitch.conf.wbinfo -p, -a, -t, and -u work on the workstation. getent passwd returns DOMusers.listwbinfo -p, -t, -Y, -S, -G, -n, -s, etc, all work on the PDC. getent passwd returns a list from /etc/passwd and getent group returns a list from /etc/group.A remotely controlled windows workstation on the lan works as expected.

It appears that winbind is not able to parse the group permissions at all, not for the user, nor for the folders.The hope:is that someone can say that this problem of group permissions not being recognized has a typical cause (though several hours/days of google searching has revealed no such thing). However, I can provide a great deal of supporting information, as I have gone through documentation and testing extensively (though not extensively enough, apparently). For my own sanity, I put most things I tried into a text document so I could review it and look for errors in judgment, that doc ended up being some 1500 lines long, and doesn't include conf files. Rather than flooding this post, if someone is up for reviewing it, I can definitely make it and further supporting info available...

View 3 Replies View Related

Ubuntu :: Unable To Change User/group Permissions On Samba Shares?

Jul 3, 2011

this is my first real problem that I can't solve my self.I've a test samba share called "Share" and I've created three users:

-mones
-fsu
-fsu2

[code]....

View 2 Replies View Related

General :: Secondary Group Users Need To Change File Permissions Of Primary Group Files?

Oct 19, 2009

i want secondary users can able to change the files permissions of primary group?user MAC is having www as a primary and httpd as secondary group. But he want to change the file permissions (chmod) httpd group files. Is it possible or not? I think its not possible. If it`s possible then let me know how?

View 3 Replies View Related

Software :: Member Of Group Root / But Root Group Permissions Don't Apply?

Apr 20, 2010

A bit of an oddity that I've recently run into with my storage folder in my system; it's a newly installed drive that I've set to mount at /storage. When I first tried to use it, programs that I used that attempted to write to it tossed Access Denied errors at me in their own way. Checking the permissions (at the Terminal, ls -l / | grep storage) showed that /storage was set to 'rwxrwxr--'--Owner and Group were given full read/write/execute, but Others could only read. However, my logon to my system is a member of group root. Why, then, with the above bits set, would I not be able to write to it? Changing Others permissions to rwx (and presumably rw would have worked out for me since I don't leave anything executable there) allowed me to write to it, but I don't understand why that would have been necessary. So far as I'm aware, the prior drive that was in my system--mounted at the same location--did not need this treatment.

View 7 Replies View Related

Red Hat / Fedora :: Setting Group Permissions?

Feb 27, 2010

i am trying to finish up a lab in that i have i have some accounts created under groups called "mgmt" and "pl". I am trying to figure out how i can get the guys in "mgmt" to be able to modify files in a directory called "mgmt-final" but the guys in the group "pl" will only be allowed to read those files.

View 5 Replies View Related

Slackware :: Change Group Permissions

May 12, 2009

Originally Posted by slackuser67 In my case it was a permission thing. Logging in as root, sound worked, logging in as user didn't. I followed the adding myself to the audio group and that didn't do it either. But, adding myself to the video group did the trick. You wouldn't think that would work with getting video but no sound, but it did in my case. I'm having all the same problems, but I'm using DSL-N, and I can't figure out how to check or change the group permissions.

View 2 Replies View Related

General :: Group Permissions For Ftp Users?

Jun 19, 2011

I need to assign permissions for ftp users. For that I need to create groups with different permissions like upload, download, rename, delete, rename and delete. And the users added to the group need to have that group permissions by default.

View 5 Replies View Related

General :: User And Group Permissions

Jul 10, 2010

I am doing rhce course but i am very confused to answer these user and group permissions.the questions are like this...the owner of the /data must be user tom.primary group of /data must be the group sysadmins.the members of the group test must be able to write and create files in the /data.the members of the group web have no access to these directory.the user jack not belong to any of these gropus must have to edit files created in /data.the user tim can only list the contents.

the questions are always like these..i am okay with sgid and sticky bit.but i dnt know where to set default acl and other permissions.

View 3 Replies View Related

Server :: Group Permissions With In Folder

May 30, 2010

I am running into a Brick wall with this. And thought that the knowledge and expertise here would be a good place to seek help.I have CentOS 5.4 server running Samba on a WinBloZ network. I have the groups all setup and that aspect works fine. But here lies the issues.In a shared directory with group permissions set if someone on the group with permission to this directory creates a file they are the only person that can edit / modify that file. That file need to be editable by the entire group. But the only way thus far I can achieve this is to manually chmod the files in the directory. I know there is a way to fix this, but I have not found it. Can someone please explain how to make this work for me.

View 1 Replies View Related

General :: Group Permissions Getting Overwritten By Owner?

Apr 9, 2010

A colleague of mine has a Linux box (running Debian I believe) with an SVN repository on it. The repository directory and files 'owner' is my colleauge. We are both members of a group called 'users'. He manages several projects both Linux and Windows apps, while I have one Windows app. For the Windows apps, we both use TortoiseSVN via an SSH link to commit/update. Performing the command 'ls -l' shows the repository files and folders on the Linux box to have the following permissions:

-rwxrwx--- john users

However, when my colleauge commits to the repository, the permissions change to:

-rwxrwx--- john john

This then means I get 'Permission denied' when trying to access the repository myself as it appears that the group permissions have been overwritten with only 'owner' permissions. To fix this, a 'chown -R' command is applied to the files/folders to set the permissions back to owner/group, but each time he writes to the repository, the issue repeats.

View 1 Replies View Related

Ubuntu :: User Group Permissions Mess Up

Apr 14, 2011

My main account 'dave' runs as admin etc This was the output of 'groups dave': dave adm dialout cdrom plugdev lpadmin sambashare admin I was trying to add dave to the user group 'media-www' and i ran this command: 'usermod -G media-www dave' Then after another 'groups dave':
dave : dave media-www It seems to have removed all the other groups! How do I restore this?

View 4 Replies View Related

Ubuntu :: Give An Application Group Permissions?

Jul 30, 2011

How can I give an application group permissions?There is a bug in the latest version of Ubuntu's Dovecot, where it is not apart of mail group, so it does not have write permission to the /var/mail directory by default. So I have to give it mail group permissions.

View 1 Replies View Related

General :: Group Permissions For Subfolders Only (CentOS)

Apr 19, 2010

Is there a way to allow other members of my group to access subfolders under my home directory, but not my home directory itself?I'm using CentOS 5.4

View 3 Replies View Related

General :: Group Permissions On File Or Share

Oct 17, 2009

I'm studying Linux and just started reading about permissions and ownership. My question is how would you have multiple users or groups given access to a certain directory? When doing an ls -l I see the owner, group and others that have permissions that have access to the file or directory. But what if I need multiple different groups access to a particular file or directory all with different permissions?

View 2 Replies View Related

General :: Trying To Find How To Edit Group Permissions

Nov 11, 2010

Im trying to change a group to have read write and execute permissions on everything in the system through command prompt, some people told me to edit the /etc/group file but i don't have a file that exists there under that name, but the group does already exist, i just don't know where its located. Anyone have a clue where i can check or what to do ?

View 2 Replies View Related

Security :: Group Permissions Or Symlinks Best Practice

Aug 21, 2009

I was about to post a new thread and saw that there are several answers out here already and I have done the new group permission one on my server -- actually on my test server I just added "my user" to the group "root" to gain rw access to /var/www/htdocs/.Someone suggested that the proper way might be to do symlinks to the directory in a real production environment and I wanted to find out if that is the *best* way to go or whether to actually make a group "www_admin" (pick your favorite flavor of this) and add my users to that group?

I guess I am looking for the "best practice" in a real corporate production environment that is most secure.

View 3 Replies View Related

Server :: Group Share Directory Permissions

Jul 8, 2010

On our fileserver, we primary use samba to share files to our users, but a few users have to use ssh/sftp to access the file server. In samba we have the shares setup so that permissions are forced to be the correct group owner and group read/write. The problem is those few who access via ssh/sftp. There files do not have the correct permissions. These people are not the most computer savvy, I'm dealing with biologist here. Is there some way to fix this or will I just have to setup a cron job to go through and set permissions periodically?

View 1 Replies View Related

Fedora :: Changing Ownership Group Permissions Failing?

Jan 16, 2010

just trying to learn linux here and have some comfusing moments.it is my understanding that if you own directories and files you maychange the group, ownership, and permissions on all of these as you desire.however, in my case I cannot make any changes in my setup on group, ownershipor permissions on any of my files or directories.get error message <operation not permitted>. I know as root you ar supposed tobe able to do anything you desire, however in my case I can go in as root andtry the same commands with the same results. it is as if I am locked out ofsystem as far as any changes are concerned.on my jump drive I have:

total 83832
drwxr-xr-x 26 jevans root 16384 1969-12-31 19:00 .
drwxrwxr-x 9 jevans jevans 4096 2010-01-15 12:51 ..

[code]...

View 14 Replies View Related

General :: Understanding Ubuntu User / Group Permissions

May 20, 2010

I'm beginning to deal with more than one user on my system (it's a VPS serving some sites) and I need to make sure I understand how group permissions work. I have an account named "admin" .. it's basically the primary account that is used for serving most of the sites that I control myself. Now, I added a second account named "Ville" as one of my users wants to be able to administer that site. So, I can do this the easy way and just chown their domains folder under the ville user, they have permission to do whatever they need be and so forth. However, let's say I want to also give the admin user access to the files (modifying and all) .. how can I put both users into the same group and give them both permission?

I've tried doing:
sudo usermod -a -G admin ville
To add the ville into the admin group, but ville still cannot edit files by admin. Permissions for the primary directory for the ville user are read/write for both owner and group, and the current group for the files is admin:admin ..
But ville still can't write into the directory. So, what should I be doing here to get this right and secure at the same time?

View 1 Replies View Related

General :: Find All PHP Files With Group Write Permissions?

Jun 23, 2010

I've been trying to get the -perm option of find to give me all PHP files that are group writable. Should this work?

find -name "*.php" -perm g-w

View 1 Replies View Related

General :: Directory Group - Unavailable To Access No Permissions

Jul 18, 2011

I have a directory that needs to be owned by nginx user and I need to access it via other users in order to add/edit/delete files in it. So I created a group called www and added both then chgrp -R on the directory. However I am still getting a "unavailable to access no permissions" sort of error in my SSH/SCP/what ever you want to call Mac's Transmit.
ls -a output
drwxr----- 3 nginx www 4096 Jul 17 23:56 nginx

View 1 Replies View Related

General :: Permissions - Temporarily Remove My Association With A Group?

Jan 21, 2010

I need to test linux group permissions on a repository. In one shell, how can I temporarily remove one of my group associations? e.g.If my groups are defined as:

% groups
foo bar baz

How can I make it so it only returns foo bar without baz?

View 2 Replies View Related

Ubuntu :: In Karmic NFS Secondary Group Permissions Do Not Work

Jan 4, 2010

I have a Fedora 7 PC acting as the NFS server. I have two users as follows on other Ubuntu (various flavors) based client PCs:

Code:
id ks
uid=1000(ks) gid=1000(ks)

[Code]....

View 4 Replies View Related

Ubuntu Servers :: Group Permissions Aren't Working

Sep 9, 2010

i created a directory in my webserver as well as a group "webdevs" which I want to give write permissions to, and include my user so that i can edit.i used [addgroup webdevs] then [adduser MYUSER webdevs].then [sudo chown root:webdevs MYDIR]then [sudo chmod 774 MYDIR]when I try to cd to MYDIR under MYUSER, I get permission denied.

View 3 Replies View Related

Ubuntu Multimedia :: DVD Won't Play -- Permissions/owner/group?

Oct 28, 2010

Did a fresh install of Maverick, all is well but if I insert a video DVD, it won't play. But if I open Movie Player, etc. as root, I can play the individual chapters - that is I need to manually choose which chapter to play, it won't start at the beginning and play to the end. Have installed libdvdcss3, restricted extras, etc. I am a member of the "video" group.Data & music CD's work fine in the drive; data DVD's are fine also. Just no DVD playing with me as the user; nor does the DVD appear in my Places menu, etc

View 2 Replies View Related

Ubuntu :: Apache & Group Permissions - 403 Forbidden Error

Nov 12, 2010

this costed me a whole day of trying and retrying. I set up a small home server with apache, php, and mysql.

System infos:
Linux 2.6.31-22-generic-pae
Ubuntu 9.10 Karmic Server edition
Apache/2.2.12 (Ubuntu)

Until now, it served happily a couple of sites, with no problems. But now, I wanted to set up my ftp server to point to the same directory as one of the sites, for me to be able to upload and manage files via ftp. As a server I normally use proftpd. With my usual config, proftpd runs with its own user and simulates the user ftpuser:ftpgroup when creating files. So I just changed all the files to be owned by this user and group. Permissions set to 770.

Everything works fine, and I'm able to access the data via ftp. BUT, when I try to browse my site the usual way (i.e. point firefox to its address) a 403 forbidden error is issued. Of course, you will say: you didn't allow access to apache. Well, I remembered that right away, and added the user www-data to the ftpgroup user. Now I espect apache to be able to read and serve the files.

Still same problem. 403. The apache error log is full with "permission denied" errors. After many attempts, I logged in as the user www-data, and tested access to the files. This way I'm able to cd into the directory, and read-write the files with nano. As a test, I tryed the other way around. Setting www-data:www-data as the owner of the files, and adding the ftpuser to the www-data group. This way apache works, but proftpd does not. Most probably it has something to do with a misunderstanding of groups permissions or the way this two deamons access the files.

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved