Hi again Dexter, thanks for giving this so much thought :-) I'm afraid your suggestion does not give me what I want. I don't want to limit access to files in the share, I want the whole share to not appear at all for those logins who don't have access to it. Here's an example, which should make it more obvious. Suppose I have a share called [letters_from_girlfriends] (I don't, but for the example, say I do). It isn't enough just to have my wife not to have access to it, I'd rather she didn't even see the share name at all. Got it?
I could do this:- valid users = @parents browseable = @parents it would work. The browseable flag would be a function of the current login. Unfortunately, browseable is a boolean, and doesn't take a user or group name as an argument, and therefore is either always true or always false, irrespective of who is logged in. julian. ================ At 08:02 PM 12/14/01 -0700, you wrote: >Hello me again: > >How about this.... > >If I understand you correctly, you are going to have multiple people use >samba to access your linux box and you want to limit the availability of >the files in the share depending on who is logging in. Well, what if you >set up multiple accounts in your linbox and limit access accordingly. >For example, let's say you have usera and userb. Set up two additional >accounts in your linbox with the respective usernames and passwords. >Could you not then set up usera to browseable yes and userb to browseable >no (or use veto files for that matter)? You could set the same path for >both users, but limit them with the browseable option. If I am not >mistaken, it would also require to set up multiple accounts in your >winbox, if you only have one winbox networked to your linbox. Did I make >sense? Hope it helps... > >Regards, > >Dexter > > > > > >On Fri, 14 Dec 2001, Julian Opificius wrote: > > > Just like "browseable = no", right? > > No, I want the share to show up or not show up as a function of it's > > accessibility by the current login - i.e. login-dependant, rather than > > definition-dependant. > > > > Thanks all the same. > > > > Julian. > > =================== > > At 11:55 AM 12/14/01 -0600, you wrote: > > >This probabally isn't what you want, but if you end a SMB share name with > > >a '$' it will not show up in browse lists but will still be accessable > > >(assuming you have rights to the share and the underlying files of > course.) > > > > > >-----Original Message----- > > >From: Julian Opificius <[EMAIL PROTECTED]> > > >To: [EMAIL PROTECTED] > > >Date: Fri, 14 Dec 2001 10:44:01 -0600 > > >Subject: Re: [newbie] Samba question - making shares invisible > > > > > >Thanks for the response Dexter. > > > > > >No, what I'm looking for is to have shares simply not show up in the > > >network directory listing if the current user is not authorized to access > > >them. > > > > > >I thought of it as a "duh", an obvious feature, and that I was overlooking > > >the obvious, but apparently not. The more I think about it, it > demonstrates > > >the philosophical difference between Microsoft (the KISS principle) and > > >Unix (the long rope - you either do rope tricks or hang yourself). The > idea > > >of iding unavailable shares for the sake of simplicity probably wouldn't > > >occur to a Unix/Linux programmer. Not that it's wrong, just different. > > > > > >Thanks again. > > > > > >Julian. > > >===================== > > >At 09:11 AM 12/14/01 -0700, you wrote: > > > >Hello: > > > > > > > >Have you tried the veto files command? I have not used it, but the > book I > > > >have has a description for it, which you might find helpful: > > > > > > > >veto files: Contains a list of file and directory names that are marked > > > >by Samba as not visible and cannot be accessed by users. Entires in the > > > >list are separated by the / character, and the ? and * wildcard > characters > > > >can be used. For example, to veto access to Windows executables > files on > > > >a file share use veto files = /*.exe/*.com/*.bat/. If the > case-sensitive > > > >parameter is false, Samba will veto files regard to case. > > > > > > > >Hopefully, this command can help you solve your problem. Good luck... > > > > > > > >Dexter > > > > > > > > > > > >On Fri, 14 Dec 2001, Julian Opificius wrote: > > > > > > > > > I've pored over man on the Samba web-site, and yes, you remember > > > > correctly ;-) > > > > > > > > > > It's true that though "browseable = no" hides a share from > everyone, you > > > > > can still map to it, but then how does one know it's there? That's > > > cryptic > > > > > and unreasonably clumsy for non-expert users (which includes me), who > > > have > > > > > other things to remember, like where we've put the car keys. > > > > > > > > > > Seems like it's all or nothing, which is not really very clever > at all. > > > > > What we need is a "hide unavailable shares = true/false" switch for > > > > > smb.conf or something like that. > > > > > > > > > > Thanks for the response, Dave. > > > > > > > > > > Any Samba programmers out there listening, or other wizards? > > > > > > > > > > Julian. > > > > > > > > > > At 07:56 AM 12/14/01 -0600, Dave Sherman replied: > > > > > >On Thu, 2001-12-13 at 22:14, Julian Opificius wrote: > > > > > > > With dexterous use of chmod and the smbpasswd file I can control > > > > access to > > > > > > > various shares, but how do I prevent shares from even > appearing for > > > > logins > > > > > > > who are not permitted to access them? I'd rather those shares not > > > even > > > > > > > appear, so as to provide a simplified interface to some users > > > (i.e. my > > > > > > kids). > > > > > > > > > > > >If I remember correctly, under a share definition just add: > > > > > > browseable = no > > > > > >This will make it invisible, but you can still map a network > drive to > > > > > >it. However, this makes it invisible to everyone, not just selected > > > > > >users. > > > > > > > > > > > >I would seggest 'man smb.conf' for further information. > > > > > > > > > > > >Dave > > > > > > > > > > > >============================= > > > > > > > > > > > > > > > > > > > > > > > > > > >Want to buy your Pack or Services from MandrakeSoft? > > > >Go to http://www.mandrakestore.com > > > > > >============================== > > >Julian A. Opificius. > > >802 Fawn Road, Elk River, MN 55330. > > >Home: 763.441.1291, Cell: 763.360.5919 > > >[EMAIL PROTECTED] ICQ: 3268206 > > >============================== > > > > > > > > > > > > > > > > > > > > >Want to buy your Pack or Services from MandrakeSoft? > > >Go to http://www.mandrakestore.com > > > > ============================== > > Julian A. Opificius. > > 802 Fawn Road, Elk River, MN 55330. > > Home: 763.441.1291, Cell: 763.360.5919 > > [EMAIL PROTECTED] ICQ: 3268206 > > ============================== > > > > > > > > > > >Want to buy your Pack or Services from MandrakeSoft? >Go to http://www.mandrakestore.com ============================== Julian A. Opificius. 802 Fawn Road, Elk River, MN 55330. Home: 763.441.1291, Cell: 763.360.5919 [EMAIL PROTECTED] ICQ: 3268206 ==============================
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com