![]() I never had it running on Ubuntu 8.04, but it ran on Ubuntu 7.04 for a long time before getting migrated to a recent Debian Lenny install. My smb.conf has been working with only minor tweaks through several different versions of Samba, and currently is used with Samba 3.2.5. The maintainers of the other shares get the same permissions as everyone else when working in shared stuff, and permissions & groups are normal when they work in the other shares. These do exactly what you want yours to do: "drwxrwxr-x" on directories, "rwxrwxr-x" on files, and newly created files are owned by the user and sambagroup. I think, without the +, guest is given sambagroup credentials, which is not wanted (particularly with the write list directive above). At this point, it is very dependent on how package mount.ntfs or ntfs-3g is built. adduser username1 sharefolder adduser username2 sharefolder Umount the ntfs external drive, then remount it. addgroup sharefolder Add all users to that group. ![]() They're already the only ones who can write. To share common folder between different users: On Ubuntu create a new group with. force group = +sambagroup - The + means that the force only applies to existing members of sambagroup.write list = - Authenticated members of sambagroup can write.read only = yes - by default, read only.The section of my smb.conf is almost identical to yours, except I don't use the force create/directory mode directives (in my case, they'd interfere with the other shares). Other shares are read-only except for a single maintainer user. I do something similar, but only one share is open to the group's users. to communicate with a system bus) explore with find /tmp -type s ! -user $UID (where $UID is your user ID).This might help. There may be sockets owned by other system users as well (e.g. Run find /tmp -type s -user 0 to discover root-owned sockets which you may need to make world-accessible. There may be other sockets that need to be publicly available. Access control on these sockets is enforced by the server, not by the file permissions. ACLs and UNIX permissions interact in a rather simple way. For this reason accessing an object's ACL requires server and client to use a common directory service which translates between UUIDs and user/group IDs. Unlike UNIX permissions, which are bound to user or group IDs, ACLs are tied to UUIDs. make all files and directories private (remove all permissions for group and other), but make the X11 sockets accessible to all. An ACL is an ordered list of Access Control Entries (ACEs) explicitly granting or denying a set of permissions to a given user or group. The following command should mostly set things right: chmod 1777 /tmp However, at least one directory critically needs to be world-readable: /tmp/.X11-unix, and possibly some other similar directories ( /tmp/.XIM-unix, etc.). (with a valid shell) if your system uses shadow passwords, you will need to compile shadow password support into netatalk so it can check passwords from your /etc/shadow file. Otherwise, run chmod 1777 /tmp.Īdditionally, a lot of files in /tmp need to be private. on the unix side of the fence, each netatalk user requesting access to your system has to have a valid account. A text document will work for anyone, where as an. If your /tmp is a tmpfs filesystem, a reboot will restore everything. When we move a bunch of files and folders over, the correct permissions are set (770), but for some reason, for certain filetypes, the will only open for the owner. The problem with a /tmp with mode 777 is that another user could remove a file that you've created and substitute the content of their choice. That is: wide open, except that only the owner of a file can remove it (that's what this extra t bit means for a directory). The normal settings for /tmp are 1777, which ls shows as drwxrwxrwt.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |