Hallo,
ich hab grad festgestellt, dass das Problem nur in einigen Klassen
auftaucht. So sieht das Klassentauschverzeichnis der 5a z.B. so aus:
-rw------- 1 xxx 5a 35307 Okt 20 08:09 Steckbrief von ...
-rw------- 1 xxx 5a 34664 Okt 20 08:04 Steckbrief von ...
-rw------- 1 xxx 5a 36060 Okt 20 08:02 Steckbrief von ...
-rw------- 1 xxx 5a 34688 Okt 20 07:48 Steckbrief von ...
-rw------- 1 xxx 5a 39198 Okt 20 08:06 Steckbrief Von ...
-rw------- 1 xxx 5a 35581 Okt 20 08:04 Steckbrief von ...
(Namen anonymisiert)
Das der 5b aber so (wie es sein sollte):
-rw-r--r-- 1 xxx 5b 36324 Okt 21 11:29 ...
-rw-r--r-- 1 xxx 5b 34160 Okt 21 11:19 ...
-rw-r--r-- 1 xxx 5b 36630 Okt 21 11:27 ...
-rw-r--r-- 1 xxx 5b 40189 Okt 21 11:53 Steckbrief ...
-rw-r--r-- 1 xxx 5b 40304 Okt 7 11:53 Steckbrief von ...
-rw-r--r-- 1 xxx 5b 36544 Okt 7 11:56 Steckbrief von ...
...
Ich habe eben mal sophomorix-repair --permissions -c 5a versucht, hat
aber nicht geholfen.
Die smb.conf sieht so aus:
#======================= Global Settings =======================
[global]
## Browsing/Identification ###
# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = SCHULE
# server string is the equivalent of the NT Description field
# server string = Linux %h mit Samba %v
server string = %h
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no
# What naming service and in what order should we use to resolve host names
# to IP addresses
; name resolve order = lmhosts host wins bcast
#### Debugging/Accounting ####
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
log level = 0
# Put a capping on the size of the log files (in Kb).
max log size = 1000
# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
; syslog only = no
# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
syslog = 0
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
####### Authentication #######
# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc
# package for details.
; security = user
# You may wish to use password encryption. See the section on
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
encrypt passwords = true
ldap ssl = Off
ldap replication sleep = 5000
ldap admin dn = cn=admin,dc=lug-kirchheim,dc=es,dc=bw,dc=schule,dc=de
ldap suffix = dc=lug-kirchheim,dc=es,dc=bw,dc=schule,dc=de
ldap group suffix = ou=groups
ldap user suffix = ou=accounts
ldap machine suffix = ou=machines
passdb backend = ldapsam:ldap://localhost
obey pam restrictions = no
guest account = nobody
# username map = /etc/samba/username.map
# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
; unix password sync = yes
# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Augustin Luton
<alu...@hybrigenics.fr> for
# sending the correct chat script for the passwd program in Debian Potato).
passwd program = /usr/sbin/sophomorix-passwd --interactive --user %u
passwd chat = *New*password*:* %n\n *Retype*new*password*:* %n\n
# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
; pam password change = no
########## Printing ##########
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = no
# lpr(ng) printing. You may wish to override the location of the
# printcap file
; printing = bsd
; printcap name = /etc/printcap
# CUPS printing. See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
printing = cups
printcap name = cups
# When using [print$], root is implicitly a 'printer admin', but you can
# also give this right to other users to add drivers and set printer
# properties
# printer admin = root
######## File sharing ########
# Name mangling options
; preserve case = yes
; short preserve case = yes
#### linuxmuster settings ####
interfaces = 10.16.1.1/255.240.0.0 127.0.0.1/255.0.0.0
domain logons = Yes
admin users = domadmin
unix charset = UTF8
dos charset =
logon script = login.bat
time server = Yes
logon path =
logon home = \\%L\%u
use sendfile = No
os level = 99
wide links = No
# server side cifs configuration
unix extensions = yes
map archive = No
delete readonly = Yes
case sensitive = auto
mangled names = no
# fix for #56 & #64
winbind enum users = yes
winbind enum groups = yes
unix password sync = no
ldap passwd sync = No
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
#delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
############ Misc ############
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /home/samba/etc/smb.conf.%m
# Most people will find that this option gives better performance.
# See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/speed.html
# for details
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
# Domain Master specifies Samba to be the Domain Master Browser. If this
# machine will be configured as a BDC (a secondary logon server), you
# must set this to 'no'; otherwise, the default behavior is recommended.
domain master = Yes
# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash
# including your own global configuration
include = /etc/samba/smb.conf.global
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
# administrator is able to do housekeeping
admin users = administrator
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
writable = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mode = 2644
# Directory creation mask is set to 0700 for security reasons. If you
want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mode = 2755
# linuxmuster settings
path = %H
valid users = %S
root preexec = samba-userlog --log=in --username=%U --hostname=%I
--homedir=%H
root postexec = samba-userlog --log=out --username=%U --hostname=%I
--homedir=%H
veto files = /.locked/.htaccess/
delete veto files = no
# Un-comment the following and create the netlogon directory for Domain
Logons
# (you need to configure Samba to act as a domain controller too.)
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
writable = no
force create mode = 664
write list = @domadmins
force group = domadmins
#[printers]
# comment = All Printers
# browseable = no
# path = /tmp
# printable = yes
# public = no
# writable = no
# create mode = 0700
# Windows clients look for this share name as a source of downloadable
# printer drivers
#[print$]
# comment = Printer Drivers
# path = /var/lib/samba/printers
# browseable = yes
# read only = yes
# guest ok = no
# force group = printoperators
# create mask = 664
# directory mode = 775
# Uncomment to allow remote administration of Windows print drivers.
# Replace 'ntadmin' with the name of the group your admin users are
# members of.
# write list = @ntadmin
[pgm]
comment = Windows Programs
path = /home/samba/progs
writable = no
write list = @domadmins
force group = domadmins
force create mode = 664
force directory mode = 775
guest ok = Yes
[cdrom]
comment = CD-Images
path = /home/samba/cds
force group = domadmins
force create mode = 664
force directory mode = 775
write list = @domadmins
writable = no
guest ok = Yes
[linbo-repo]
comment = LINBO repository
path = /var/linbo
wide links = yes
write list = administrator,linbo
valid users = administrator,linbo
admin users = administrator,linbo
writable = no
guest ok = no
# following shares are only used by linux clients
[students]
comment = Students Homes
path = /home/students
writeable = no
write list = administrator,@teachers
valid users = administrator,@teachers
admin users = administrator
browseable = No
guest ok = No
[linbo-repo]
comment = LINBO repository
path = /var/linbo
wide links = yes
write list = administrator,linbo
valid users = administrator,linbo
admin users = administrator,linbo
writable = no
guest ok = no
# following shares are only used by linux clients
[students]
comment = Students Homes
path = /home/students
writeable = no
write list = administrator,@teachers
valid users = administrator,@teachers
admin users = administrator
browseable = No
guest ok = No
[shares]
comment = Shares
admin users = administrator
path = /home/share
writeable = yes
create mode = 2664
directory mode = 2775
browseable = No
guest ok = No
[tasks]
comment = Templates
path = /var/cache/sophomorix/tasks
writeable = no
write list = administrator,@teachers
admin users = administrator
browseable = No
guest ok = No
[backup]
comment = Backups
path = /media/backup
valid users = administrator
browseable = No
guest ok = No
# including your own share definitions
include = /etc/samba/smb.conf.shares
------------------------------------------------
Ideen?
Viele Grüße,
Marcus
Am 21.10.2014 um 16:11 schrieb Schule Führinger:
Hallo Marcus
ein Kollege hat mich heute darauf hingewiesen, dass die
Klassen-Tauschverzeichnisse nicht wirklich benutzbar sind, da eine Datei,
die ein Schüler dort abgelegt hat, von keinem anderen Schüler gelesen oder
kopiert werden kann.
Ich habe mir eben die Samba-Manual-Page zu Gemüte geführt und prinzipiell
schon verstanden, aber evtl. hat ja einer hier schon entsprechende
Anpassungen für das entsprechende Samba-Share gemacht und ist bereit, diese
mitzuteilen...?
Da muss man nichts ändern, das sollte standardmäßig so sein, dass alle
Leserechte haben.
Kannst Du mal Deine smb.conf schicken und auch mal die Rechte des
Ordners /home/students prüfen?
Kannst Du auch mal "ls -l" eines betreffenden Verzeichnisses posten?
Was ich nicht verstehe: in der / den smb.conf wird ja nicht zwischen eine
Klassen-Share und einem anderen Share unterschieden, d.h. die Rechte sind
gleich, d.h. das Problem müsste doch auch im Schul-Tausch auftreten?
jein. Im Schul-Tauschverzeichnis ist die Gruppe eine andere
(students), während sie im Klassen-Tauschverzeichnis eben die Klasse
ist. Wenn da etwas die Gruppen durcheinandergeschüttelt hat, liegts
vll. daran...
Gruß
Max
_______________________________________________
linuxmuster-user mailing list
linuxmuster-user@lists.linuxmuster.net
https://mail.lehrerpost.de/mailman/listinfo/linuxmuster-user
