Find the answer to your Linux question:
Results 1 to 6 of 6
Hello friends, I am trying to setup a samba on CentOS 5.6 properly, in order to offer fileserver access to my LAN network users, and my current setup has the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2011
    Posts
    9

    Question Help: need to make authenticated, multi-user shared folder in samba!


    Hello friends,

    I am trying to setup a samba on CentOS 5.6 properly,
    in order to offer fileserver access to my LAN network users,
    and my current setup has the HDD that will host the files
    mounted as /home/disk1, under which I have created 3 users
    with home path on this disk.

    Code:
    # cat /etc/passwd :
    
    user2:x:501:501::/home/disk1/user2:/bin/bash
    user1:x:502:502::/home/disk1/user1:/bin/bash
    user3:x:503:503::/home/disk1/user3:/bin/bash
    In addition, I need to make one folder at which all 3 users
    will have full write/read access, so I have added the users
    on a group, named "lusers"

    Code:
    # cat /etc/group :
    
    user2:x:501:
    user1:x:502:
    user3:x:503:
    lusers:x:504:user1,user3,user2
    So, I have set permissions for each user to own his folder,
    and the 4th folder "shared" to be owned by one of the users
    and the group (chown user1:lusers shared)

    Code:
    # cd /home/disk1 && ls -la :
    
    drwxr-xr-x 7 root     root      4096  Sep 15 20:48 .
    drwxr-xr-x 5 root     root      4096  Sep 15 20:27 ..
    drwx------ 2 user1    user1     4096  Sep 15 20:47 user1
    drwx------ 5 user2    user2     4096  Sep 15 21:33 user2
    drwx------ 2 root     root      16384 Sep 14 01:42 lost+found
    drwx------ 2 user3    user3     4096  Sep 15 21:02 user3
    drwxr-xr-x 2 user1    lusers    4096  Sep 15 20:51 shared


    Finally, here is my config file of Samba:

    Code:
    # cat /etc/samba/smb.conf :
    
    [global]
    workgroup = WORKGROUP
    server string = File Server
    
    [user1]
    comment = user1
    path = /home/disk1/user1
    valid users = user1
    public = no
    writable = yes
    printable = no
    create mask = 0765
    
    [user2]
    comment = user2
    path = /home/disk1/user2
    valid users = user2
    public = no
    writable = yes
    printable = no
    create mask = 0765
    
    [user3]
    comment = user3
    path = /home/disk1/user3
    valid users = user3
    public = no
    writable = yes
    printable = no
    create mask = 0765
    
    [shared]
    comment = shared
    path = /home/disk1/shared
    valid users = user1 user3 user2
    public = no
    writable = yes
    printable = no
    create mask = 0777

    Notice I have set "create mask" 777 permissions and valid users
    all the 3 users for the [shared] folder on this samba share.


    ---------


    It works perfect for the 3 users and they can each one manage
    properly their own folder and read/write to it, without having
    access to other users (as intented) and they all have also
    access to read/view the shared folder (/home/disk1/shared),
    but only user1 can write on it, while the folder is also owned by
    the group the rest users belong to and they also are on valid users...


    What do I do wrong ?

    How can I make "shared" folder to be also writable for all 3 users ?



    Thanks on advance for any advice!

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    set the permissions of the shared dir such that it is group-writable, e.g.:
    Code:
    chmod 0775 /home/disk1/shared

  3. #3
    Just Joined!
    Join Date
    Sep 2011
    Posts
    9
    Quote Originally Posted by atreyu View Post
    set the permissions of the shared dir such that it is group-writable, e.g.:
    Code:
    chmod 0775 /home/disk1/shared
    Still the same, I changed to 0775 and still says I need permission...

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Sep 2011
    Posts
    9
    Found a solution to this by replacing:

    valid users = user1 user3 user2

    line under [shared] config in samba config file, with:

    write list = user1 user2 user3

    and it works great.


    Let me know if this is the best solution or if I need to fix any permissions if this might have security issues

  6. #5
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Good find on the samba fix, but i'm curious - would that samba fix have worked if the file permissions were not also 0775 on the shared dir? I would think not, but...

  7. #6
    Just Joined!
    Join Date
    Sep 2011
    Posts
    9
    I tested and it works fine with ANY permissions...

    It seems samba totally disregards FS permissions with this "write list" directive...

    Not sure how secure this sounds, but that's a fact...


    Anyone can share his input if my setup is secure or there's a better way to do these all ?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •