Folder permissions and Samba - question

Mikkel L. Ellertson mikkel at infinity-ltd.com
Sun Aug 31 17:10:50 UTC 2008


Bob Latham wrote:
> 
> I tried 'smbpasswd -a SG1' but after taking the second copy of the
> password, it said it had failed to change it. Stumped again! I looked back
> in my notes and found that in the past I had used a program to create the
> smb pass word file from the main user pass word file. My understanding in
> my old notes was that the data was never auto copied to the SMB password
> file and had to be done by hand after every user was created. I don't know
> if that is or was true. I wish someone would clarify for me.
> 
Dumb question, is there a Linux user SG1? (not sg1 - they are not
the same.)

> So I decided to copy across the passwords with the command I used some
> time ago ...
> 
> cat /etc/passwd | mksmbpasswd.sh > /usr/bin/smbpasswd
>     
I can see problems with doing this, as you will create entries for
all the system accounts as well. Also, I think that the command was
something like:

cat /etc/passwd | mksmbpasswd.sh >> /etc/samba/smbpasswd

because I don't think the output of mksmbpasswd is in the correct
for for smbpasswd. (I could be wrong.)

> Now trying to use 'smbpasswd -a SG1' gave a permissions error - wonderful.
> 
> A little investigation showed that 'smbpasswd' had no execute permission
> and so I added that and tried again. Now when you try it the terminal
> starts listing user names and group names with "Command not Found" on each
> line. Honestly, this is all so hard to do something that should be so
> simple and yet again I've hit a brick wall with no solution unless
> someone tells me.
> 
This is strange, as the install from the RPM should have
/usr/bin/smbpasswd set with the correct permissions.

> Here's how I have it set up...
> 
> 
>             |           |                | SG1 (drwxrwxrwx SG1 staffuser)
>  NetShares  |   Staff   | Student_Shares | SG2 (drwxrwxrwx SG2 staffuser)
>             |           |                | SG3 (drwxrwxrwx SG3 staffuser)
>  drwxr-xrwx  drwxr-xr-x     drwxr-xrwx
>   root         staff          staff
>   root        staffuser      staffuser       
> 
With the permissions on Staff and Student_Shares, if you are a
member of the staffuser group, but not user staff, you can not write
to it. (I know it seams strange, but that is the way permissions work.

Also, if SG1 is for user SG1, then I would change the permissions to
drwx-------- or drwxdrwx--- so that other users can not access it.
> 
> The shares from smb.conf
> 
> [manage]
> 	path = /NetShares/Staff
> 	writeable = yes
> 	browsable = yes
> 
> [sg1]
> 	path = /NetShares/Staff/Student_Shares/SG1
> 	writeable = yes
> 	browsable = yes
> 
> [sg2]
> 	path = /NetShares/Staff/Student_Shares/SG2
> 	writeable = yes
> 	browsable = yes
> 
> 
> Thanks for your help I do appreciate it.
> 
I am sorry it took so long to get back to you...

> I've tried to set this simple sharing tree up and running again and again
> this year, spending days and days on it and every time I give up and leave
> it for a few weeks and come back and have another go. I always hit another
> wall and fail again. I could do the whole thing in half an hour on a
> windows server. I wonder if I should give up altogether.
> 
> 
Are you actually trying to use user names like SG1, with capital
letters? If so, you are going to run into problems. Because Windows
user names are not case sensitive, they are probably being changed
to sg1. At least that is what I remember - someone correct me if I
am wrong.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20080831/bfa488de/attachment-0001.bin 


More information about the users mailing list