[CentOS] Re: new CentOS5.1, samba help requested

Wed Mar 26 18:12:54 UTC 2008
Les Mikesell <lesmikesell at gmail.com>

Scott Silva wrote:
> 
>> I'm fighting with samba on a new CentOS 5.1 install.
>>
>> The goal here is to have unix/linux usernames/passwords used for the 
>> samba shares (which i'll setup using webmin, as I find it easy that 
>> way).  At present, the home share and one for the company's public 
>> share are in place.
>>
>> I can see the server, browsing from WinXP to \\172.16.0.106, but 
>> permissions seem amiss.  I should be able to read/write to a given 
>> share but it seems to be ro.
>>
>> Any pointers or advice would be greatly appreciated.
>>
>> My simple smb.conf file is here:
>>
>> [global]
>>        netbios name = BACKUP
>>        socket options = TCP_NODELAY
>>        force directory mode = 777
>>        unix password sync = yes
>>        workgroup = WORKGROUP
>>        force create mode = 777
>>        os level = 20
>>        encrypt passwords = yes
>>        security = share
>>        public = yes
>>        passdb backend = smbpasswd
>>        directory mode = 777
>>
>>
>> [homes]
>>        writeable = yes
>>        public = yes
>>        path = /home
>>
>> [company data]
>>        comment = company data
>>        writeable = yes
>>        create mode = 775
>>        path = /home/share1
>>
>>
>> Thanks in advance,
>> -Ray
> If you are going to use smb passwords anyway, why set security to "share?
> You should set security to "user" and make sure you keep unix users and 
> samba users synced.  For public shares you can set a shared user and 
> group, and make shared directories keep those perms.

The problem is that all these shares are set as 'public' so you'll 
connect as a guest user - which I don't see defined - and unless the 
unix file system is writable by the guest you'll only have read access.

With user level security you can't connect to different shares as 
different users, so if you remove the 'public' from the home section (as 
you probably should) and let people connect as themselves, they will 
have to also connect as themselves to the public shares.

-- 
   Les Mikesell
    lesmikesell at gmail.com