[Samba] Write access to one user and Read-Only for anyother
Hi! Im trying here to figure out how to make this to work... I need that one user, lets say, userfoo be able to write and have all permissions on the share [memos]... and ALL others who are not userfoo have only read-only access... The ideia is that userfoo can upload files to the share and everyone could read them ... thanks! -- Maginot Júnior -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
Im trying here to figure out how to make this to work... I need that one user, lets say, userfoo be able to write and have all permissions on the share [memos]... and ALL others who are not userfoo have only read-only access... The ideia is that userfoo can upload files to the share and everyone could read them ... So set the file permissions; and write list =, etc... in the share configuration. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
the problem is if I set the write list or valid users Im only giving the permission to those in the list... and the big problem is how to set all other users to be in the read list ... I dont have group with all inside and are not going to be any... I tryed with something like [memos] path = /home/memos write list = foouser read list = !foouser but this doesnt work There are more them 100 users on this box so only one have to be able to write on the share and all others have only to be able to read On 6/20/07, Adam Tauno Williams [EMAIL PROTECTED] wrote: Im trying here to figure out how to make this to work... I need that one user, lets say, userfoo be able to write and have all permissions on the share [memos]... and ALL others who are not userfoo have only read-only access... The ideia is that userfoo can upload files to the share and everyone could read them ... So set the file permissions; and write list =, etc... in the share configuration. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Maginot Júnior the game of life LPIC - CCNA - ¿Designer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
Hmm now its workin... BUT one more thing, and if I dont want to be prompted for an user name ? What I want to do is map the share with the foouser login and username info and all other who try to view the share could do it at the most transparent way, with no question for user and password... is that possible? And thanks for the help, worked great =) On 6/20/07, Eric Boehm [EMAIL PROTECTED] wrote: On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote: Maginot == Maginot Junior [EMAIL PROTECTED] writes: Maginot the problem is if I set the write list or valid users Im Maginot only giving the permission to those in the list... and Maginot the big problem is how to set all other users to be in Maginot the read list ... I dont have group with all inside and Maginot are not going to be any... I tryed with something like [memos] path = /home/memos write list = foouser read list = !foouser No, you should use [memos] path = /home/memos read only = yes write list = foouser This will make it read only except for anyone in the write list. From man smb.conf write list (S) This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax. Note that if a user is in both the read list and the write list then they will be given write access. This parameter will not work with the security = share in Samba 3.0. This is by design. Note the first paragraph -- If the connecting user is in this list then they will be given write access, no matter what the read only options is set to. -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- Maginot Júnior the game of life LPIC - CCNA - ¿Designer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote: Maginot == Maginot Junior [EMAIL PROTECTED] writes: Maginot the problem is if I set the write list or valid users Im Maginot only giving the permission to those in the list... and Maginot the big problem is how to set all other users to be in Maginot the read list ... I dont have group with all inside and Maginot are not going to be any... I tryed with something like [memos] path = /home/memos write list = foouser read list = !foouser No, you should use [memos] path = /home/memos read only = yes write list = foouser This will make it read only except for anyone in the write list. From man smb.conf write list (S) This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax. Note that if a user is in both the read list and the write list then they will be given write access. This parameter will not work with the security = share in Samba 3.0. This is by design. Note the first paragraph -- If the connecting user is in this list then they will be given write access, no matter what the read only options is set to. -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
Ok, I will try to be more precise. This share: [memos] path = /home/memos read only = yes write list = foouser must be read by everyone BUT must be write only by the foouser. With the parameters like above I can login my foouser to get write/read access and I can log any other user, until now its ok. But the problem is that its asking for the username and password when I try to access the share . For a regular user who will only read the files (read access) this can be a problem because not everyone knows or remember the password or username (they are tipical users who forget things easy) so What i want to do is: at the foouser computer (w2k box) I will Map the Share and set the login and password so when he wants to upload any file to the share it will be possible and all he will do will be to open the share ( z:\ ) but this (the mapping) will not be done in the other computers so they must not be ask for a username and password, they must access the share direct (the smb must recognize that the user is not foouser and login as a guest or whatever be possible). the smb.conf file (some shares were ommited) [global] workgroup = DOMAIN netbios name = BNISERV04 server string = Servidor de Arquivos interfaces = 192.168.0.4 bind interfaces only = Yes encrypt passwords = Yes restrict anonymous = Yes log level = 5 log file = /var/log/samba/log.%m max log size = 2048 time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE logon script = %u.bat logon drive = H: domain logons = Yes os level = 165 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes preload = homes invalid users = bin daemon adm sync shutdownhalt mail news uucp operator admin users = root hosts allow = 192.168.0.0/255.255.255.0, 127. veto files = /mail/ default case = lower case sensitive = No preserve case = No short preserve case = No guest account = gilberto map to guest = bad user [homes] comment = Home Directories read only = No create mask = 0600 directory mask = 0700 browseable = No [tmp] comment = Temporary file space path = /tmp read only = No guest ok = Yes [netlogon] path = /home/export/netlogon browseable = No guest ok = yes [oradocs] path = /home/export/oracledocs/producao read only = No create mask = 0777 force create mode = 0777 directory mask = 0777 [memos] path = /home/memos read only = yes write list = foouser On 6/20/07, Eric Boehm [EMAIL PROTECTED] wrote: On Wed, Jun 20, 2007 at 12:37:09PM -0300, Maginot Junior wrote: Maginot == Maginot Junior [EMAIL PROTECTED] writes: Maginot Hmm now its workin... BUT one more thing, and if I dont Maginot want to be prompted for an user name ? What I want to do Maginot is map the share with the foouser login and username info Maginot and all other who try to view the share could do it at Maginot the most transparent way, with no question for user and Maginot password... is that possible? We would need to see you whole smb.conf. I'm not following what you are trying to do. If you map the share to foouser login, then everyone will have access. Perhaps you could give more concrete examples of what it is you are seeing and what you are trying to do,. -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- Maginot Júnior the game of life LPIC - CCNA - ¿Designer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
On Wed, Jun 20, 2007 at 12:37:09PM -0300, Maginot Junior wrote: Maginot == Maginot Junior [EMAIL PROTECTED] writes: Maginot Hmm now its workin... BUT one more thing, and if I dont Maginot want to be prompted for an user name ? What I want to do Maginot is map the share with the foouser login and username info Maginot and all other who try to view the share could do it at Maginot the most transparent way, with no question for user and Maginot password... is that possible? We would need to see you whole smb.conf. I'm not following what you are trying to do. If you map the share to foouser login, then everyone will have access. Perhaps you could give more concrete examples of what it is you are seeing and what you are trying to do,. -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
I'm no pro (by a long shot), But. Have you looked into using the ACL commands for this ? Permissions can be specified using acl command setfacl for the right group/person. use getfacl to check the applied permissions. From my limited experimentation with these ACL commands, I would think you can accomplish the permissions you are after. Rgd's, Cary At 10:37 AM 6/20/2007, Maginot Junior wrote: Hmm now its workin... BUT one more thing, and if I dont want to be prompted for an user name ? What I want to do is map the share with the foouser login and username info and all other who try to view the share could do it at the most transparent way, with no question for user and password... is that possible? And thanks for the help, worked great =) On 6/20/07, Eric Boehm [EMAIL PROTECTED] wrote: On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote: Maginot == Maginot Junior [EMAIL PROTECTED] writes: Maginot the problem is if I set the write list or valid users Im Maginot only giving the permission to those in the list... and Maginot the big problem is how to set all other users to be in Maginot the read list ... I dont have group with all inside and Maginot are not going to be any... I tryed with something like [memos] path = /home/memos write list = foouser read list = !foouser No, you should use [memos] path = /home/memos read only = yes write list = foouser This will make it read only except for anyone in the write list. From man smb.conf write list (S) This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax. Note that if a user is in both the read list and the write list then they will be given write access. This parameter will not work with the security = share in Samba 3.0. This is by design. Note the first paragraph -- If the connecting user is in this list then they will be given write access, no matter what the read only options is set to. -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- Maginot Júnior the game of life LPIC - CCNA - ¿Designer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- No virus found in this incoming message. Checked by AVG. Version: 7.5.472 / Virus Database: 269.9.1/854 - Release Date: 6/19/2007 1:12 PM -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
thanks for the help ... thanks to all now its working like it should... forget what I said in may last post the ask for a password I think was a windows bug the now is not having anymore. Thanks =) On 6/20/07, Cary Robinson [EMAIL PROTECTED] wrote: I'm no pro (by a long shot), But. Have you looked into using the ACL commands for this ? Permissions can be specified using acl command setfacl for the right group/person. use getfacl to check the applied permissions. From my limited experimentation with these ACL commands, I would think you can accomplish the permissions you are after. Rgd's, Cary At 10:37 AM 6/20/2007, Maginot Junior wrote: Hmm now its workin... BUT one more thing, and if I dont want to be prompted for an user name ? What I want to do is map the share with the foouser login and username info and all other who try to view the share could do it at the most transparent way, with no question for user and password... is that possible? And thanks for the help, worked great =) On 6/20/07, Eric Boehm [EMAIL PROTECTED] wrote: On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote: Maginot == Maginot Junior [EMAIL PROTECTED] writes: Maginot the problem is if I set the write list or valid users Im Maginot only giving the permission to those in the list... and Maginot the big problem is how to set all other users to be in Maginot the read list ... I dont have group with all inside and Maginot are not going to be any... I tryed with something like [memos] path = /home/memos write list = foouser read list = !foouser No, you should use [memos] path = /home/memos read only = yes write list = foouser This will make it read only except for anyone in the write list. From man smb.conf write list (S) This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax. Note that if a user is in both the read list and the write list then they will be given write access. This parameter will not work with the security = share in Samba 3.0. This is by design. Note the first paragraph -- If the connecting user is in this list then they will be given write access, no matter what the read only options is set to. -- Eric M. Boehm /\ ASCII Ribbon Campaign [EMAIL PROTECTED] \ / No HTML or RTF in mail X No proprietary word-processing Respect Open Standards / \ files in mail -- Maginot Júnior the game of life LPIC - CCNA - ¿Designer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- No virus found in this incoming message. Checked by AVG. Version: 7.5.472 / Virus Database: 269.9.1/854 - Release Date: 6/19/2007 1:12 PM -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Maginot Júnior the game of life LPIC - CCNA - ¿Designer? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Write access to one user and Read-Only for anyother
On Wed, 2007-06-20 at 11:53 -0300, Maginot Junior wrote: the problem is if I set the write list or valid users Im only giving the permission to those in the list... and the big problem is how to set all other users to be in the read list ... I dont have group with all inside and are not going to be any... I tryed with something like [memos] path = /home/memos write list = foouser read list = !foouser but this doesnt work There are more them 100 users on this box so only one have to be able to write on the share and all others have only to be able to read read only = yes / writable = no write list = foouser write list trumps read only. -- Adam Tauno Williams, Network Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba