Re: Need some advice on configuring SAMBA shares
On Sunday 13 January 2002 05:53 am, Stefan Srdic wrote:
> My question is, how can a modify the permissions of /home/guest so that any
> file created under that directory would be owned by user guest and group
> users (or something else like that).
>
> Stef
hi there,
i've got a great example smb.conf file for you that is attached. I created it
for a non-profit organization that I was helping out last year. It worked
great.
you'll want to pay close attention to the umask settings on the create mode
and directory mask, as well as the valid users and and force group
settings.... this is what you're asking about.
btw... pay attention to the bind interfaces line(s). this allows you to bind
samba to a specified interface.. like your LAN.
I don't think that guest access is that great of an idea, but you are the
sysadmin and you know whats best for your setup ; )
I strongly recommend reading the samba docs... they really do help a great
deal.
good luck
k l u r t
;
; /etc/smb.conf
;
;
[global]
printing = bsd
printcap name = /etc/printcap
load printers = yes
guest account = nobody
invalid users = root
;Require a Unix account
security = user
;bind interfaces allowed
interfaces = eth1 192.168.1.0/255.255.255.0
bind interfaces only = True
workgroup = XXXXXX
netbios name = FILESERV
server string = Linux server (Samba %v)
syslog = 0;
;socket options to speed up Samba under Linux
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
;passwords are encrypted by default. This way the latest winblows 95 and NT
; clients can connect to the Samba server with no problems. -supposedly!!
encrypt passwords = yes
;WINS server option
wins support = no
;naming service and order to resolve
name resolve order = lmhosts host wins bcast
;this will prevent nmbd to search for NetBIOS name through DNS
dns proxy = no
;name mangling options
preserve case = yes
short preserve case = yes
;sync Unix password with the SMB password when the encrypted SMB password in
; /etc/samba/smbpasswd file is changed
unix password sync = false
;for Unix password sync. to work on a Debian GNU/Linux system, the following
; parameters must be set
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
max log size = 1000
;[homes]
; comment = Home Directory
; writeable = yes
; browsable = no
; readonly = no
; create mode = 0660
; directory mask = 0770
;[Docs]
; comment = Documentation, HOW-TOs, Guides, Manuals
; path = /home/staff/Docs
; public = yes
; writeable = yes
; printable = no
; create mode = 0660
; writelist = @users
; force group = +users
; directory mask = 0770
;
;
;these will be the fileserver shares
[Act2000]
comment = Act2000 Database directory
path = /fileserver/Act2000
writeable = yes
browseable = no
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[Admin]
comment = Administrator share
path = /fileserver/Admin
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = tvadmin
force group = +tvadmin
directory mask = 0770
[Advertising]
comment = Advertising share
path = /fileserver/Advertising
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[Applications]
comment = Applications, software and drivers
path = /fileserver/Apps
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = tvadmin
force group = +tvadmin
directory mask = 0770
[Circulation]
comment = Circulation share
path = /fileserver/Circulation
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[Development]
comment = Development share
path = /fileserver/Development
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[Editorial]
comment = Editorial share
path = /fileserver/Editorial
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[Finance]
comment = Finance share
path = /fileserver/Finance
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[HR]
comment = Human Resources share
path = /fileserver/HR
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = tvadmin
force group = +tvadmin
directory mask = 0770
[Marketing]
comment = Marketing share
path = /fileserver/Marketing
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[OutReach]
comment = OutReach share
path = /fileserver/OutReach
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[Publishing]
comment = Publishing share
path = /fileserver/Publishing
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[T.E.B]
comment = Teen Editorial Board share
path = /fileserver/T.E.B
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff teen tvadmin
force group = +users
directory mask = 0770
[BackIssues]
comment = Back Issues Archive
path = /fileserver/BackIssues
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
[TeenProgram]
comment = Teen Program share
path = /fileserver/TeenProgram
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff teen tvadmin
force group = +users
directory mask = 0770
[Design]
comment = Design share
path = /fileserver/Design
writeable = yes
browseable = yes
printable = no
create mode = 0660
valid users = staff tvadmin
force group = +staff
directory mask = 0770
;the end
Reply to: