PDA

View Full Version : [ubuntu] File permissions and samba



Mauler5858
August 11th, 2008, 07:08 PM
I have my home server that i set up as a Samba PDC. My shares i have on the machine, and my profiles folder werent working. I had granted permission in samba for users to have access to the shares. However my folders were root owned and had access denied to all but root. Just for getting it up and working, i gave those folders chmod 777 permissions, and they work fine. What kind of chmod definition should i use on that in order to not let it be wide open, but at the same only allow access to authenticated samba users?

bobnutfield
August 11th, 2008, 07:14 PM
You can set up samba to require a password from authorized users. This is done is user-level security in your samba config file.

bodhi.zazen
August 11th, 2008, 07:48 PM
I have my home server that i set up as a Samba PDC. My shares i have on the machine, and my profiles folder werent working. I had granted permission in samba for users to have access to the shares. However my folders were root owned and had access denied to all but root. Just for getting it up and working, i gave those folders chmod 777 permissions, and they work fine. What kind of chmod definition should i use on that in order to not let it be wide open, but at the same only allow access to authenticated samba users?

You should not be sharing files owned by root.

Make a shared directory, either in /home or say /media/samba

The change the ownership and permissions of the mount point to the samba user (the one you use to mount the share).

Nepherte
August 11th, 2008, 08:10 PM
I believe the default permission is 755. Be sure to follow bodhi.zazen's advice as well.

Mauler5858
August 11th, 2008, 08:49 PM
The two folders im referring to are:

/home/samba/profiles/(contents are the romaing profiles)

and

/shared/mediastore

So are you guys saying i should take ownership and give 755 permissions to these folders. My question is...given what i have here, how far back should the permissions and ownership go. For instance i wouldnt want to chown the /home folder for the first example...just wanting to know where to draw the line.