dns server configuration and samba problem

[pisek]

Hi all,

I have a problem with configuration of dns server and samba using centos/redhat.

So, i have to do dns server, in domain - redes.dis.ulpgc.es and its IP is 172.16.1.1.
I have 3 subnets/clients : red2.dis.ulpgc.es (172.16.1.2), red3.dis.ulpgc.es (172.16.1.3),red4.dis.ulpgc.es (172.16.1.4).
My higher server is ww.redes.dis.ulpgc.es. If someone inputs any other address than one of those(red2,red3,red4), i am asking this dns server -> ww.redes.dis.ulpgc.es

Now the samba part:
I have to create a folder shared for a group "alumnos" with the privilidges of writing and reading BUT only the owner/creator can modify or delete it.

Thanks in advance.

[Lazydog]

Not sure I understand your DNS issue could you explain it a bit more?

[pisek]

about this DNS server - So, if the request is for red2,red3 or red4 - we are returning just its address , in other case we are asking this higher server redes.dis.ulpgc.es (172.16.1.1) and returning the address that this server returned us.

for example -> my host is asking ->"what is the ip of red2.dis.ulpgc.es? ok , here you are" next: "what is the ip of google.com? "-wait i have to ask 172.16.1.1....... it is 34.34.34.34 (respond from higher server)"

[killabee]

For the DNS issue...
Sounds like red2, red3, and red4 are setup to forward queries to the "higher" server (ww.redes.dis.ulpgc.es) if they are not able to provide an answer from cache or do not have an authoritative answer. In most organizations, it's actually normal to have DNS servers forward their queries to a higher tier DNS server that then sends the query out to the root DNS servers, rather than having all the internal DNS servers query the root servers directly. The purpose of this is just better data flow. Not sure if this is an issue or if you don't want it configured this way.

I actually just installed BIND today so I'm relatively new to its configuration, but let me know if you can't find anywhere in the configuration about forwarding queries or the like.



For the Samba issue...
What exactly is your question? How to create a share with the stated permissions?

[pisek]

My idea was like this:

Code:

[global]
workgroup = grupo99
netbios name = Samba
encrypt passwords = yes

[EntregaPractica]
path = /data/EntregaPractica
create mode = 0700
directory mode = 0700
public = no
writable = yes
;this is group of people which can read and write but ony the author should have the right to change/delete/change name of the files...
read list = @alumnos
write list = @alumnos

I was also playing with the permisions for the folder /data/EntregaPractica . When i have changed them to 0440 - owner can read, to 0660 only owner can read but everyone from group alumnos can changename/delete all the files...

[Lazydog]

So what is the problem here with DNS?

[scathefire]

perhaps you should not use writable = yes then. this implies that the share is writable. just remove that line and try it out. by leaving in the write list, then only user(s) or group(s) defined there will have write access. but if someone has write permissions they can delete files too. in that case i believe ACLs would be needed.

also remember that samba permissions do not take precedence over Linux filesystem permissions. For example if a directory is not writable it won't be writable even if you set it to be in samba.