Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 18
Hi i have a samba server with one external hdd attached. Currently their is only one user/account and password which when logged in can access everything. In total their are ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2014
    Posts
    13

    samba add user and folder restriction


    Hi i have a samba server with one external hdd attached. Currently their is only one user/account and password which when logged in can access everything.

    In total their are 14 folders on the hdd and files and sub folders within them.

    I want to create another account/user with a different login and password but one logged in they can only see and fully access only three of the folders. Leaving me the admin accessing everything on my original account.

    Is this possible if so how or what config should i use. I have spent days reading how to add users,permissions e.t.c and cant seem to get an understanding of what i need to do.

    Thanks

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    hi,

    let's assume your external drive is /dev/sdb, it has one partition (sdb1), and you've mounted it to /data.

    now let's say your three dirs to be controlled are under /data/public/

    the rest of your files are under the directory /data/private.

    put two shares in your samba config file /etc/samba/smb.conf, e.g.:

    Code:
    [private]
            comment = private
            path = /data/private
            browseable = yes
            writable = yes
            valid users = admin
            guest ok = no
            printable = no
    [public]
            comment = public
            path = /data/public
            browseable = yes
            writable = yes
            valid users = joeblow admin
            guest ok = no
    restart the samba server (e.g. service smb restart or whatever)

    create those two users on the system:
    Code:
    useradd -g users joeblow
    useradd -g users admin
    add the samba accounts:
    Code:
    smbpasswd -a joeblow
    smbpasswd -a admin
    that should be it. if it doesn't work, check the samba logs in /var/log.


    ******

    btw, this is for REMOTE access of the hard drive, not local access, right?

  3. #3
    Just Joined!
    Join Date
    Jun 2014
    Posts
    13
    Thanks for your reply bit of both me being admin access samba through remote e.g. smart android phone/tablet and also windows 8 and have access to everything. Everyone else just remote. But on the external HDD their are 14 folders I only want them to access 3 of them. After creating the second account (everyone else) can it be programmed so that when they login they only see those 3 folder and none of the others? Thanks again

  4. #4
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Quote Originally Posted by morgiee View Post
    But on the external HDD their are 14 folders I only want them to access 3 of them. After creating the second account (everyone else) can it be programmed so that when they login they only see those 3 folder and none of the others?
    well, maybe some samba pro can chime in, but i don't know how to do that, unless you just put all those 3 folders under one dir, then share that one dir (as in my "public" example above).

    that, or create shares for each folder, but that is more cumbersome on the user.

  5. #5
    Just Joined!
    Join Date
    Jun 2014
    Posts
    13
    Quote Originally Posted by atreyu View Post
    well, maybe some samba pro can chime in, but i don't know how to do that, unless you just put all those 3 folders under one dir, then share that one dir (as in my "public" example above).

    that, or create shares for each folder, but that is more cumbersome on the user.
    This is my current setup if it helps thanks
    Attached Images Attached Images

  6. #6
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    what about using the file system permissions to further lock down the subdirectories? or even better, use ACLs. see this guide on implementing ACLs on Samba.

  7. #7
    Just Joined!
    Join Date
    Jun 2014
    Posts
    13
    Thanks for your reply read through the tutorial but every command i execute from the tutorial in a lxterminal non of them work it either cant find the files or the commands cant be executed because im not a root. any other suggestions?

    Thanks

  8. #8
    Just Joined!
    Join Date
    Jun 2014
    Posts
    13
    If it explains my situation better im wanting to accomplish the following example:

    i have a rasberry pi running as a nas server with a external hdd attached as the file share.

    Currently i have one account that has full admin access rights but i want to make a second account access certain items on the hdd. This is an example of what i want to achieve:

    folders on hdd:

    Music
    videos
    photos
    documents
    computer backup

    As an admin i want read, write and execute access to these folders and the subfolders or files within them. However the second account being everyone else in the family when they login they will only see and access the following folders:

    music
    videos
    photos

    they would have read and execute permissions only for these folders and the sub folders or files within them.

    How can i adapt my existing .smbconf to allow this to happen


    Thanks again

  9. #9
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Quote Originally Posted by morgiee View Post
    read through the tutorial but every command i execute from the tutorial in a lxterminal non of them work it either cant find the files or the commands cant be executed because im not a root.
    copy and paste here the exact the commands you are typing in the terminal, and copy the output generated by the commands. it is likely you just need to su to root first (or use sudo - depends on your system).

  10. #10
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Quote Originally Posted by morgiee View Post
    If it explains my situation better im wanting to accomplish the following example:

    i have a rasberry pi running as a nas server with a external hdd attached as the file share.

    Currently i have one account that has full admin access rights but i want to make a second account access certain items on the hdd. This is an example of what i want to achieve:

    folders on hdd:

    Music
    videos
    photos
    documents
    computer backup

    As an admin i want read, write and execute access to these folders and the subfolders or files within them. However the second account being everyone else in the family when they login they will only see and access the following folders:

    music
    videos
    photos

    they would have read and execute permissions only for these folders and the sub folders or files within them.

    How can i adapt my existing .smbconf to allow this to happen
    okay, those details help very much, but i still think you'd want to use a combination of Samba configuration (to specify the use name and share name) and ACLs (to control the permissions on a per directory basis). but first: what filesystem is your external hard drive using? if you're not sure, check with:

    Code:
    df -T

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •