| View previous topic :: View next topic |
| Author |
Message |
Taki
Apprentice
Joined: 22 Sep 2005
Posts: 249
Location: Johannesburg, South Africa
|
 Posted: Tue Dec 04, 2007 6:33 am Post subject: samba in fstab with write permissions? |
 |
|
Hi there,
I was just wondering what I would put in my fstab to have samba shares mount with write permissions for normal users.
Right now I am using \\hostname in kde and it works fine but Openoffice can't open files this way so I think i need to mount it.
Thanks
_________________
I live a life of needles and wax.
When the needle touches the wax,
I begin to breathe. |
|
| Back to top |
|
 |
feivelda
Guru
Joined: 21 Feb 2005
Posts: 480
Location: Frankfurt, Germany
|
| Posted: Tue Dec 04, 2007 9:20 am Post subject: |
|
|
| Have a look here |
|
| Back to top |
|
|
Taki
Apprentice
Joined: 22 Sep 2005
Posts: 249
Location: Johannesburg, South Africa
|
| Posted: Wed Dec 05, 2007 7:18 am Post subject: |
|
|
Thanks for the reply feivelda,
My samba server is in shared security mode. I followed the tip on the link. Only root has write access to the share.
fstab
| Code: |
/dev/sda1 /boot ext2 noauto,noatime 1 2
/dev/sda3 / ext3 noatime 0 1
/dev/sda2 none swap sw 0 0
/dev/cdroms/cdrom0 /mnt/cdrom iso9660 noauto,ro 0 0
#/dev/fd0 /mnt/floppy auto noauto 0 0
# NOTE: The next line is critical for boot!
proc /proc proc defaults 0 0
# glibc 2.2 and above expects tmpfs to be mounted at /dev/shm for
# POSIX shared memory (shm_open, shm_unlink).
# (tmpfs is a dynamically expandable/shrinkable ramdisk, and will
# use almost no memory if not populated with files)
shm /dev/shm tmpfs nodev,nosuid,noexec 0 0
#dr_evil
/dev/hda5 /mnt/dr_evil vfat rw,user,exec,gid=users,umask=000 0 0
//server/infospective /mnt/infospective smbfs username=guest,password=guest 0 0
|
_________________
I live a life of needles and wax.
When the needle touches the wax,
I begin to breathe. |
|
| Back to top |
|
|
feivelda
Guru
Joined: 21 Feb 2005
Posts: 480
Location: Frankfurt, Germany
|
| Posted: Wed Dec 05, 2007 4:23 pm Post subject: |
|
|
| Does it work? Or what is the question |
|
| Back to top |
|
|
Taki
Apprentice
Joined: 22 Sep 2005
Posts: 249
Location: Johannesburg, South Africa
|
| Posted: Thu Dec 06, 2007 3:53 am Post subject: |
|
|
it works but only for root. Users can view but can't write.
_________________
I live a life of needles and wax.
When the needle touches the wax,
I begin to breathe. |
|
| Back to top |
|
|
feivelda
Guru
Joined: 21 Feb 2005
Posts: 480
Location: Frankfurt, Germany
|
| Posted: Thu Dec 06, 2007 8:38 am Post subject: |
|
|
What you need on the server to get per User access:
- add the users to the system, if not already done: useradd <account>
- add the users to samba: smbadduser <account>
- in smb.conf
- in global set: "security = user" and encrypt "passwords = Yes"
- in share section set: "valid users = <account1> <account2>" and "writeable = Yes" or "write list = <account1>" if you want only some users to have write access |
|
| Back to top |
|
|
Taki
Apprentice
Joined: 22 Sep 2005
Posts: 249
Location: Johannesburg, South Africa
|
| Posted: Sat Dec 08, 2007 12:24 pm Post subject: |
|
|
Please excuse the late response, been AFKB.
I don't wan't to use per user access, its too much of a hassle given that my users change randomly.
Funny though, if I access the share with \\<hostname> on konqueror, i get right access. all windows machines have write access aswell. The reason I need to mount the share on a folder is because most of my applications can't use the \\hostname or smb://hostname name structures.
_________________
I live a life of needles and wax.
When the needle touches the wax,
I begin to breathe. |
|
| Back to top |
|
|
djinnZ
Advocate
Joined: 02 Nov 2006
Posts: 4831
Location: somewhere in L.O.S.
|
| Posted: Sat Dec 08, 2007 1:34 pm Post subject: |
|
|
| Taki wrote: | | //server/infospective /mnt/infospective smbfs username=guest,password=guest 0 0 |
Not so good, is better to you create a file /somewhere/infospective.credentials owned and readble only by root with | Code: | username=dedicated-user
password=password |
in (is secure to have a good passoword and not leave it readable to all) and use | Code: | | //server/infospective /mnt/infospective smbfs credentials=/somewhere/infospective.credentials,uid=dedicated-user,gid=users,umask=0600,fmask=0660,dmask=0770 0 0 |
in fstab.
Note that umask will be not necessary as you use fmask (permissions for regular files) and dmask (permissions for directory).
To prevent error in creation and modify of the file on the server as you use a manual mount and so other is better to set the share in smb.conf with a | Code: | | valid user = dedicated-user |
or with a | Code: | | force user = dedicated-user |
instruction if you will leave it public.
Obliviously the dedicated user must be present on the host system, set on smb passwd etc.
The username and password option for mount are for the autentication but the share will be ever mounted with the user (and it's default group as set in /etc/passwd) who has started the mount command as owner, if you not use the uid,gid options.
edit: I must warn you, for now the init will fail if some filesystem in auto-mount will be not accessible and smb do not have the bg option of nfs, so is better to add a noauto in fstab and mount it in local.start with a | Code: | while [$mountfaiuls == 0]
do
mount /mnt/infospetcive
mountfails=$?
[$mountfaiuls != 0] && {
umount /mnt/infospective
#here you can add an instruction to start the server via etherwake by example
}
done |
.
But the better solution is to use the automount.
_________________
scita et risus abundant in ore stultorum sed etiam semper severi insani sunt
mala tempora currunt...mater stultorum semper pregna est 
Murpy'sLaw:If anything can go wrong, it will - O'Toole's Corollary:Murphy was an optimist |
|
| Back to top |
|
|
karaluch
Apprentice
Joined: 23 Apr 2005
Posts: 236
Location: Wrocław / Poland
|
| Posted: Tue Mar 04, 2008 1:40 am Post subject: |
|
|
| Have you ever try OpenOffice on SuseLinux. I don't kwow why but opening files from samba without mount it is not problem. Maybe they use some patch or temp directory witch strange permissions. |
|
| Back to top |
|
|
|
Networking & Security
