I set up a generally working samba server on a Linux machine like this:
useradd -g users netshareuser
passwd netshareuser
smbpasswd -a netshareuser
(passwords are the same)
mkdir /net/share
chown -R root:users /net/share
chmod -R g+rwxs /net/share
setfacl -R -m default:user::rwx,default:group::rwx,default:mask::rwx,default:other::--- /net/share
/etc/samba/smb.conf:
[global]
workgroup = workgroup
server string = server
security = user
hosts allow = 192.168. 127.
load printers = no
log file = /var/log/samba/%m.log
max log size = 50
dns proxy = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
unix extensions = no
follow symlinks = yes
wide links = yes
[share]
comment = Directory containing shared files
path = /net/share
valid users = netshareuser
read only = yes
rc.d restart samba
From a Windows (7) machine, "netshareuser" can access this share, read files and directories. However, If I create a symlink ln -s /some/directory/ /net/share/nameOfSymlink
, the same Windows machine would not even display it.
What do I have to do, to get Linux symlinks in that share to work on windows machines and is that even possible? UPDATE: This question has been answered by ultrasawblade! The problem were wrong permissions on
/some/directory
Is there some way of sharing files with samba, that does not require to change file permissions? I mean a way, where you can share any file on your linux system to anyone on your network but without changing this file's permissions. What I want is: Tag a file as shared to "netshareuser", without changing the permissions of that file.
Thanks in advance for any suggestions!
Answer
Looks like you have the wide links
setting to yes
, which is what got me recently.
It's probably due to the permissions on /some/directory
, following your example above.
If you don't want to change the file permissions, then you need to tell Samba to use a different local user for that share. That's really your only two options.
I think the force user
and force group
options is what you want. You will not have an optimum security situation if you force user
to root
, but it may be what you are looking for.
No comments:
Post a Comment