Re: SMB permissions -

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What does the share's stanza in smb.conf look like?

Here's one of mine:
[zzmodelrw]
        comment = Model for Read/Write shares
        path = /lan/shares/zzmodelrw
        browseable = yes
        guest ok = yes
        writeable = no
        write list = @smbusers
        create mask = 660
        directory mask = 2770
        available = no
[site]

# 'I' drive
        copy = zzmodelrw
        comment = Share for all users
        path = /lan/shares/site
        browseable = yes
        writeable = yes
        available = yes


I put all samba users in group smbusers.  My directory permissions are:
drwxr-xr-x.  4 root root     system_u:object_r:samba_share_t:s0   37 Jan 15  2011 /lan
drwxr-sr-x.  9 root root     system_u:object_r:samba_share_t:s0  104 Feb  8 09:46 /lan/shares
drwxrwsr-x. 10 root smbusers system_u:object_r:samba_share_t:s0 4096 Feb 21 15:25 /lan/shares/site


Bill

On 3/7/2019 12:08 PM, Bob Goodwin wrote:


On 03/05/19 15:35, Fred Smith wrote:
Yes.  Put it in fstab instead of defaults.
I use this for the options in fstab:

credentials=/root/.smbcred,defaults,uid=my-username,gid=my-username,auto,users,exec,vers=3.0

the credentials= points to a file with read-only permissions, owned by root. it contains

username=xxx
password=yyy

vers=3.0 restricts it to version 3.0 of the SMB protocol. If your file
share supports that version it's a good idea to restrict it on both the
server and the clients, since earlier versions of SMB are rife with holes.

for the uid= and gid= items you can also user the numerical value, from
/etc/passwd and /etc/group.

I find this works fine with my NAS box, which I talk to via SMB.
.
Well, I think I've tried all the things suggested in this thread however I still need to be root to add to or make changes to the Samba data, run Thunar as root works. The best I have been able to do is put this in fstab:
//192.168.1.48/smbBOX48         /mnt/box48/    cifs defaults,credentials=/root/.smbcreds   0 0

With credentials:
[root@Box83 bobg]# cat /root/.smbcreds
#    /root/.smbcreds

username=
password=9ic0A7Y9LoQ

So perhaps I have something set wrong in the smb server. The data is mounted on /mnt/box48 and the permissions do not allow write in anything but root despite having been changed via chmod 777.
[root@Box83 bobg]# ll /mnt/
total 32
drwxrwxr-x.   2 bobg bobg  4096 Feb 24 12:50 apple
drwxr-xr-x.   2 root root     0 Mar  3 12:11 box48

However umount /mnt/box48 shows the changed permissions which change back to the above as soon as box48 is mounted:

[root@Box83 bobg]# ll /mnt/
total 36
drwxrwxr-x.   2 bobg bobg  4096 Feb 24 12:50 apple
drwxrwxrwx.   2 bobg root  4096 Nov 28 19:10 box48

As I said earlier, my daughter has no problem writing date to the server from her Apple devices while I have to do these things as root, reading as user works as expected.

I hesitate to go messing around making trial and error changes in the server. I would appreciate some help, guidance to point me in the right direction if possible.

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux