Re: [Samba] Inexplicable rejection of credentials
From: Ryan Bair [mailto:ryandb...@gmail.com] Did you smbpasswd the user on that machine? No. I don't recall ever doing it on the other Ubuntu machine either, but I've had that machine for a year, so I can't swear to it. But that was the problem. I had to do sudo smbpasswd pauld, so that it wouldn't ask for the old password, but that made it work. I had sort of thought that the unix password sync parameter had something to do with that, but on carefully reading the smb.conf man page, it looks like it only ensures that changing the Samba password also changes the unix password, not that Samba inherits the unix password. Anyway, thanks for clearing that up. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Inexplicable rejection of credentials
I have a Windows home network with a bunch of Windows boxes and two Ubuntu boxes. Everything can access shares on everything else, with one exception: no one can get to the one share on the second Ubuntu box which I just added to the system. All my machines have one user account (admin privileges in Windows) with the name pauld and the same password. In an effort to solve this problem on the second Ubuntu box, I even copied the smb.conf file from the first Ubuntu box and edited its netbios name parameter. The only difference I can see in the configuration of the two boxes is the different computer names, which are reflected both in their hostnames and their netbios names. Oh, and I've rebooted everything several times. Yet when I attempt to access the sole share on this machine, either from a Windows machine or from the other Ubuntu box, it rejects the username/password. (One difference: Windows boxes fail on trying to open the machine; the older Ubuntu box can see open the machine and see the share name, but fail on trying to open the share. Dunno if that means anything.) For reference, here's the smb.conf from the offending machine: --- [global] workgroup = WORKGROUP netbios name = BUILD server string = %h server (Samba, Ubuntu) dns proxy = no name resolve order = bcast wins log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user usershare allow guests = yes [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no [all] comment = Everything read only = no path = / browsable = yes create mask = 755 --- Most of this stuff was created automatically by installing Samba, so I don't really know what it means, or even if it's necessary. I stripped out all the comments, and manually added the [all] share at the end. (And I don't need any lectures about providing write access to root, please.) The ONLY difference between this file and the one on the working Ubuntu machine is the netbios name. There are no other mysterious files in /etc/samba that could be confusing things. No logs in /var/log/samba show any failures. So my general question is: how do I fix this? And a more specific question is: is there any other file somewhere that could be getting into the act, and screwing this machine up? If there isn't an answer forthcoming, how about this: how do I go about debugging this? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does anyone think a mini-Samba server would be useful?
From: Andrew Bartlett [mailto:abart...@samba.org] One thing we have found when developing Samba is that very quickly we find that one thing depends on another. It isn't easy to 'just do the basics'. Indeed, the AD DC isn't actually that large, compared with so much else that we need. That isn't to say that for example printing comes free - and I think there even is an option to disable that code - but a 'cut down samba' isn't free either. Much of the bulk comes from library code we have come to depend on across the whole sever. That all may be true, but when it's around eighty megabytes, something's wrong. That's a Microsoftian level of bloat. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Triggering a reread
The docs say that sending SIGHUP to smbd triggers an immediate reread of the configuration. There's generally more than one instance of smbd running, though. Can I send the signal to any one, or is there one in particular that handles it, or must I send it to all of them? More to the point, my embedded system stores a single process ID in /var/run/smbd.pid; will signalling that reliable trigger a reread? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Where is the tdbsam database?
I've added Samba 3.6.8 to my Gumstix build, and I'd like to include a single Samba user and password as part of the initial image. Can I do that by manually adding the user to the TDB database, and then copying the resulting file into my build machine and including it in the build? If so, where is that file normally? (The few locations I've found mentions of via Google didn't have it in my system.) And if that method won't work for some reason, what other method might I use? Also, once I've got a password in the system, what's the easiest way to get my custom service (this is an embedded box) to change the password? Do I have to spawn the smbpasswd program, and feed the new password into it on stdin, or is there some library function that can do it? I'm probably going to stick with the tdbsam backend. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
From: Volker Lendecke [mailto:volker.lende...@sernet.de] On Mon, Jul 22, 2013 at 01:24:52AM -0700, Paul D. DeRocco wrote: From: Volker Lendecke [mailto:volker.lende...@sernet.de] There is also the username map parameter, using which you can for example say username map = /etc/samba/usermap and then open a file named /etc/samba/username with a single line containing root = * That looks like just the ticket. But I still need to know which of the following three things is true: 1) I can rely on Unix authentication and not even bother with SMB passwords, if I don't mind telling the clients the local root password. 2) I can use smbpasswd to assign a different client password, so I can keep the local root password secret from the clients. 3) I must use smbpasswd and assign the same password as the local root password. 2) is correct. This all worked very nicely. Thanks for your help. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] RE Samba (winbind) troubles
From: steve On Wed, 2013-07-24 at 09:09 +0200, L.P.H. van Belle wrote: I do like samba, but wiki/howtos are lots to improve. To be fair, it's not just Samba. It's most open source stuff. There are too many hobbyists and armchair users. As joe public, what we should be doing is not criticising the devs for their poor documentation. We should be writing it ourselves at our own level. Let the devs enjoy their C and let's thank them for the code. It's not down to them to document it for end users. It's a little hard to write documentation when all you've got is a million questions and no answers. The only people who actually have the answers are the developers. I wish developers would routinely budget, oh, 10% of their time to writing docs. I spend at least twice that much on documenting my own software, because I find it helps me write better organized code if I first have to explain what it's going to do, or how to use it. Write the manual first, then implement it, modifying the manual as you discover logical flaws during the process of writing and debugging. I doubt that Microsoft would allow their coders anywhere near the end user documentation department. I don't know what they do at Microsoft, but there must be some organized way of getting the software writers to convey the information to the people who actually write the documentation. In my opinion (as someone who's been spending a big chunk of his life reading documentation lately), the MSDN content ranges from marginal to excellent, while Linux-land documentation ranges from practically non-existent (e.g., ALSA) to very good (the kernel man pages). So far, I think Samba's docs get about a C-, but that's because I know next to nothing about networking; they may look much better to someone who already knows all about SMB from the Windows world. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Does anyone think a mini-Samba server would be useful?
I'm working on a couple of Yocto Project based embedded projects, one using a Gumstix Overo board and the other using an Intel Atom motherboard. Both need a simple Samba server, which isn't included in the standard build. The only existing Yocto-compatible recipe for Samba is an OpenEmbedded one for version 3.6.8. I was quite surprised to find that adding Samba almost tripled the size of my Atom build. I understand that version 4 is quite a bit smaller, but we're still talking many tens of megabytes of stuff. I would think there would be lots of people in my boat, who are doing embedded systems and who would like to include a really simple SMB file server. For instance, a data acquisition system needs to record large amounts of data to a local disk, and then provide access to it over a network so people can bring it into Matlab or other tools. A CNC machine tool system needs a way to have Gerber or other files loaded into them. A media server needs to be able to serve up video or audio files. Any embedded device needs to have a way of being fed configuration data, or having its firmware upgraded. The requirements for such a system are much smaller than what Samba provides: * It only needs to serve files, not printers or other resources. * It doesn't need a client, or any of the functionality related to a client. * It doesn't need to deal with domains, let alone be a domain controller. * It doesn't need to provide separate user accounts. * The only security it needs is perhaps a password for reading, and maybe a different password for writing. * Since these devices are generally closed boxes with no general-purpose command line interface, there's no need to encrypt passwords internally. * It can assume it's being connected to a fully functional network, so doesn't need to be a master browser. * It doesn't need to support multiple interfaces. * Its only configuration parameters would be a machine name, workgroup name, list of shared folders, and one or two passwords per shared folder. * It doesn't need most of the command line tools currently used to configure, monitor and debug the system. Sounds to me like the sort of thing that could be done in under a megabyte. I wonder if there's a way to build such a mini-Samba out of the existing Samba code base. It's certainly way above my abilities, but it may be something that someone on the Samba team could do without mounting a major development effort. How many other people would find such a system useful? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does anyone think a mini-Samba server would be useful?
From: Chris Weiss [mailto:cwe...@gmail.com] I'll bite... smb/cifs is not a simple protocol suite, see my comments in-line On Wed, Jul 24, 2013 at 1:19 PM, Paul D. DeRocco pdero...@ix.netcom.com wrote: The requirements for such a system are much smaller than what Samba provides: * It only needs to serve files, not printers or other resources. smb without an AD domain needs rpc and for network browsing nmb. * It doesn't need to deal with domains, let alone be a domain controller. smb namespacing (for lack a better word) effectively treats a single standalone PC as a domain. I know this is over-simplification/generalization... * It doesn't need to provide separate user accounts. I guess you could compile it so that it only anon connections are used, but cifs still has to deal with users * The only security it needs is perhaps a password for reading, and maybe a different password for writing. cifs doesn't do this. the old smb version that win95 used can, but modern OS's don't like talking to them. * Since these devices are generally closed boxes with no general-purpose command line interface, there's no need to encrypt passwords internally. smb/cifs expect a challenge/response hash system. if you store only plain text on the server, you'd have to generate the hash every time to want to have auth. * It can assume it's being connected to a fully functional network, so doesn't need to be a master browser. it still has to participate or you won't be able to browse to it. I wonder if there's a way to build such a mini-Samba out of the existing Samba code base. It's certainly way above my abilities, but it may be something that someone on the Samba team could do without mounting a major development effort. How many other people would find such a system useful? what you want as an end product is totally possible, and practical. It may even be feasible to make a bare cifs server that can't be browsed and you have to connect to by IP, but I don't think most people expect this. Basing it off the existing samba codebase is probably going to be a lot more work than just writing it from scratch. Maybe a few methods or classes can be pulled from samba as a start. maybe. however, all the use cases you've mentioned can be accomplished via ftp or http, for which there are a few light weight server options already and all OS's already include clients for. Obviously, there's a lot I don't understand about the guts of Samba. But it seems a shame that if we want simple file sharing, we need to add nearly a hundred megabytes of code. Your comment about using FTP or HTTP is true, but it's sometimes it's more useful to be able to open files directly on a remote server, rather than having to copy them in and out. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does anyone think a mini-Samba server would be useful?
From: Ben Metcalfe [mailto:bwmetca...@gmail.com] How about Webdav? Yocto supports Java: http://git.yoctoproject.org/cgit/cgit.cgi/meta-oracle-java/tree/README so Miltion.io java webdav may work? 40-70 Mb for the JRE but only a couple of Mb more for the milton IO Webdav server: http://milton.io/downloads/index.html Well, that would be nice if I already needed Java. Interesting. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does anyone think a mini-Samba server would be useful?
From: Chris Weiss [mailto:cwe...@gmail.com] On Wed, Jul 24, 2013 at 1:19 PM, Paul D. DeRocco pdero...@ix.netcom.com wrote: I wonder if there's a way to build such a mini-Samba out of the existing this is interesting... https://code.google.com/p/impacket/source/browse/#svn%2Ftags%2Fimpacket_0_9_ 10%2Fexamples%2Fsmbserver Yes it is, since Python is already there in both my builds. Thanks. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
From: Volker Lendecke [mailto:volker.lende...@sernet.de] force user happens after any user authentication. Samba uses the client provided username to find the entry in the smbpasswd file. After that succeeded, when connecting to the share, it will switch back to root for accessing files. But the local user must exist for Samba to let the user in at all. So is there ANY way to provide access to a share, with only a password, not caring about a username? Or must I pick a name (e.g., root) and tell all clients to log in under that username? If I do the latter, and root isn't listed in smbpasswd, will it just do ordinary Unix authentication, demanding a password that matches the local root password? Is the purpose of an SMB password to allow a client to be assigned a different password, without having to reveal the local Unix one? Or MUST I list root in smbpasswd with the same password as the local Unix one? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
From: Volker Lendecke [mailto:volker.lende...@sernet.de] There is also the username map parameter, using which you can for example say username map = /etc/samba/usermap and then open a file named /etc/samba/username with a single line containing root = * That looks like just the ticket. But I still need to know which of the following three things is true: 1) I can rely on Unix authentication and not even bother with SMB passwords, if I don't mind telling the clients the local root password. 2) I can use smbpasswd to assign a different client password, so I can keep the local root password secret from the clients. 3) I must use smbpasswd and assign the same password as the local root password. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Sat, Jul 20, 2013 at 10:41:31PM -0700, Paul D. DeRocco wrote: I've read what I can find about SMB passwords, but I don't get what they are. Are they Unix passwords or an alternative to them? If I have a file share, and the underlying file system requires some sort of credentials to access it, what is the relationship between that and an SMB password? If a client tries to access the share, using a user account that is listed in the smbpasswd file, does the client have to provide a password that matches the SMB password in order for the server to allow the access, and having done that, does it then not need to know the Unix password? Or is the SMB password the Unix password that the server will use to access the share, so that the client doesn't have to supply a password at all? I don't even understand if the SMB server runs as root, and can therefore access anything, or if it can't access local files unless it is given a password somehow. The smbpasswd(5) and smbpasswd(8) man pages, and everything else I've read, seem to assume that whoever is reading them already knows the answers to these questions. From: Volker Lendecke [mailto:volker.lende...@sernet.de] The Samba server never sees the plaintext password. The Samba password is a one-way hashed version of the plaintext password, that is all Samba needs to do its challenge-response authentication. If Samba is a domain member, it does not even have the hash, it has nothing but trusts the domain controller to have it and check it properly. What file system is this? If it happens to be AFS, then there's the fake_kaserver functionality. The basic trick is that this makes the file server the KDC. A blatant violation of any security policy, but that's the only way. You completely misunderstood my question. I'm asking something much simpler and more basic than all that. What's an SMB password for, and how does it relate to a Unix password? Here's the situation. I have a directory on a machine, and the files in it are created by a service which runs as root, so the files are owned by root and only locally accessible to root. I need to make this directory accessible to ANY remote client who knows a particular password. Do I have to tell the client the root password, so that the client can tell the Samba server the password needed to access the files? Or does Samba run as root and have access to everything anyway? If the former, is the SMB password the same as the Unix password needed to access the files, programmed into the Samba server so that the client doesn't have to supply it? If the latter, is the SMB password a completely independent password that Samba uses to grant access? Nothing in the docs gives me a clue how this works. It all seems to be written by and for people who've been working with networking since the Stone Age, and already know all the mechanisms and issues. My only involving with networking over the years has been as a user, who is given a user name and a password to access various network services. How that maps to what's going on in the Samba server is a complete mystery to me. But now I need to set up a simple server with one file share, as described above. Some of the docs imply that the client must supply a password that matches a password on one of the local Unix user accounts (or in some remote password server). Yet then there's this talk about an SMB password. I don't see where that fits in. Is my question clearer now? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
From: Volker Lendecke [mailto:volker.lende...@sernet.de] On Sun, Jul 21, 2013 at 01:34:23AM -0700, Paul D. DeRocco wrote: You completely misunderstood my question. I'm asking something much simpler and more basic than all that. What's an SMB password for, and how does it relate to a Unix password? With the Samba password stored on the server a client can convince the Samba server about it's identity. That's called authentication. The Samba password has no relationship at all to the unix password, it is a completely separate thing. Here's the situation. I have a directory on a machine, and the files in it are created by a service which runs as root, so the files are owned by root and only locally accessible to root. I need to make this directory You could set up a normal Samba server, and for this particular share use force user = root. Be aware this option is pretty dangerous, but it is made for that situation. (This is an embedded box, so, short of taking a screwdriver and opening the unit, there is no other access besides this share.) Thanks for taking the time to try to explain this. The fog is starting to lift a little. I assume force user = root means ignore the username provided by the client, and pretend all clients are username root instead. So what password does the client need to provide? The root Unix password, or some password entered into the SMB password database by the smbpasswd command? Does Samba use an SMB password if it finds an appropriate username in its own database, and fall back to using the Unix password if it doesn't find the username in its own database? If so, is the purpose of the SMB password to provide an alternate namespace, so that one can use a different password (and perhaps username) than has no analog among local user accounts? For instance, if my root account has the password blahblah, can I invent an arbitrary username like foobar that doesn't correspond to any local Unix user account, put that into the SMB password database with the password yadayada, and then put force user = foobar in smb.conf? Will all external clients then be able to log in with any username and yadayada, so I don't need to reveal blahblah to anyone? Or will Samba be unable (or unwilling) to access the files owned by root without somehow being given the blahblah password? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Can someone explain SMB passwords?
I've read what I can find about SMB passwords, but I don't get what they are. Are they Unix passwords or an alternative to them? If I have a file share, and the underlying file system requires some sort of credentials to access it, what is the relationship between that and an SMB password? If a client tries to access the share, using a user account that is listed in the smbpasswd file, does the client have to provide a password that matches the SMB password in order for the server to allow the access, and having done that, does it then not need to know the Unix password? Or is the SMB password the Unix password that the server will use to access the share, so that the client doesn't have to supply a password at all? I don't even understand if the SMB server runs as root, and can therefore access anything, or if it can't access local files unless it is given a password somehow. The smbpasswd(5) and smbpasswd(8) man pages, and everything else I've read, seem to assume that whoever is reading them already knows the answers to these questions. -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Pruning embedded samba 3.6 installation
From: Volker Lendecke [mailto:volker.lende...@sernet.de] Start with only smbd and depending on your configuration the VFS modules. Depending on whether you need NetBIOS, you might also need nmbd. Please try to avoid security=share if at all possible. If you have just a fixed password, you can prepare a smbpasswd file externally, so that you can also ditch the smbpasswd binary. Hope that helps, What's wrong with security=share in this case? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Pruning embedded samba 3.6 installation
I'm using the Yocto Project to build an embedded distro, to which I'm adding Samba 3.6 from OpenEmbedded. Doing so increases my root file system from about 63MB to 175MB. I seem to be building a large Samba server with a small ancillary operating system tacked onto it. I listed the files in my file system image, and see that lots of the commands are quite large. I understand that Samba 4 is better behaved in this way, but writing my own bitbake recipe to include such a large complex system is waaay beyond me, so I have to wait until someone else does it. I can, however, figure out how to prune various unneeded files from the image to make it smaller. But what's unneeded? I'd like to know what commands will NEVER be used if I don't explicitly invoke them myself. That is, commands that aren't invoked from init scripts, or by smbd and nmbd, or by other commands. (And what shared libraries won't be used, although they're typically a lot smaller.) I'm running a simple standalone server with a single file share using share level security, and one password for anonymous access. It assumes a remote DHCP server, and needs to appear on Windows systems under a particular name, and be browsable. I don't need a client, it won't be part of a domain, it won't be a WINS server, and so on. Its configuration will never change, other than possibly the machine name, the workgroup name, and the single password used to access the share. These are most of the files, and their sizes. I'm not sure all of these are really part of Samba, but they all got added as a result of adding the OE Samba package. They add up to about 83MB, and if I could cut that in half, that would be a big win. Any guidance as to what I could prune would be greatly appreciated. 1800096 usr/bin/eventlogadm 4607 usr/bin/findsmb 8351180 usr/bin/net 1526820 usr/bin/nmblookup 1826880 usr/bin/pdbedit 1465348 usr/bin/profiles 7457348 usr/bin/rpcclient 1440772 usr/bin/sharesec 5946532 usr/bin/smbcacls 5979364 usr/bin/smbclient 1465604 usr/bin/smbcontrol 5942436 usr/bin/smbcquotas 6200476 usr/bin/smbget 5966980 usr/bin/smbpasswd 3284036 usr/bin/smbspool 1514500 usr/bin/smbstatus 4910 usr/bin/smbtar 1440736 usr/bin/smbta-util 5872800 usr/bin/smbtree 30216 usr/bin/tdbbackup 26064 usr/bin/tdbdump 30180 usr/bin/tdbrestore 34600 usr/bin/tdbtool 1444868 usr/bin/testparm 166092 usr/bin/udevadm 1024 usr/lib/auth 9476 usr/lib/auth/script.so 1024 usr/lib/charset 5356 usr/lib/charset/CP437.so 5356 usr/lib/charset/CP850.so 15 usr/lib/libtdb.so.1 87516 usr/lib/libtdb.so.1.2.9 62908 usr/lib/libwbclient.so.0 131072 usr/lib/lowcase.dat 131072 usr/lib/upcase.dat 65536 usr/lib/valid.dat 1024 usr/lib/vfs 30704 usr/lib/vfs/acl_tdb.so 26612 usr/lib/vfs/acl_xattr.so 18256 usr/lib/vfs/aio_fork.so 10052 usr/lib/vfs/audit.so 18316 usr/lib/vfs/cap.so 18320 usr/lib/vfs/catia.so 5908 usr/lib/vfs/crossrename.so 5848 usr/lib/vfs/default_quota.so 1 usr/lib/vfs/dirsort.so 10004 usr/lib/vfs/expand_msdfs.so 14184 usr/lib/vfs/extd_audit.so 5844 usr/lib/vfs/fake_perms.so 47432 usr/lib/vfs/full_audit.so 9976 usr/lib/vfs/linux_xfs_sgid.so 14160 usr/lib/vfs/netatalk.so 10064 usr/lib/vfs/preopen.so 9972 usr/lib/vfs/readahead.so 18244 usr/lib/vfs/readonly.so 22384 usr/lib/vfs/recycle.so 26516 usr/lib/vfs/scannedonly.so 30676 usr/lib/vfs/shadow_copy2.so 10004 usr/lib/vfs/shadow_copy.so 22460 usr/lib/vfs/smb_traffic_analyzer.so 18296 usr/lib/vfs/streams_depot.so 22424 usr/lib/vfs/streams_xattr.so 10032 usr/lib/vfs/syncops.so 43188 usr/lib/vfs/time_audit.so 22388 usr/lib/vfs/xattr_tdb.so 7288 usr/sbin/genl-ctrl-list 10668 usr/sbin/nl-class-add 9428 usr/sbin/nl-class-delete 7376 usr/sbin/nl-classid-lookup 8824 usr/sbin/nl-class-list 10596 usr/sbin/nl-cls-add 9920 usr/sbin/nl-cls-delete 9516 usr/sbin/nl-cls-list 8760 usr/sbin/nl-link-list 8628 usr/sbin/nl-pktloc-lookup 9972 usr/sbin/nl-qdisc-add 9572 usr/sbin/nl-qdisc-delete 10028 usr/sbin/nl-qdisc-list 3488896 usr/sbin/nmbd 9822288 usr/sbin/smbd -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Passwording a simple anonymous share
I have an embedded box (Yocto Project based linux distro) to which I'm adding Samba 3.6 (from OpenEmbedded). All I need it for is to provide one browsable file share that allows read/write access to anyone on the network. But I want it to be password protected. My best guess as to what goes into smb.conf is: [global] workgroup=WORKGROUP netbios name=MACHINE security=share [sharename] path=/sharedfiles force user=root read only=no I use root because it's currently the only user I've got on my embedded system. However, there is no password on the root account, because the only way to use the root account is to open the box and connect a keyboard and monitor to the motherboard inside, so security isn't an issue. The docs mention the smbpasswd command, but it's not clear what this actually does. Does it tell samba what password to demand from an external client who wishes to access a particular share? Or does it tell samba what password to use when accessing the underlying file system, so that an external client doesn't need to know the password? The question boils down to this: is there a way to add a password that a samba client has to provide, without passwording the underlying Linux user, or do I have to add another passworded user to the Linux user database in order to have a passworded share? -- Ciao, Paul D. DeRocco Paulmailto:pdero...@ix.netcom.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba