[Samba] Write access to one user and Read-Only for anyother - Samba

This is a discussion on [Samba] Write access to one user and Read-Only for anyother - Samba ; Hi! Im trying here to figure out how to make this to work... I need that one user, lets say, userfoo be able to write and have all permissions on the share [memos]... and ALL others who are not userfoo ...

+ Reply to Thread
Results 1 to 10 of 10

Thread: [Samba] Write access to one user and Read-Only for anyother

  1. [Samba] Write access to one user and Read-Only for anyother

    Hi!

    Im trying here to figure out how to make this to work...

    I need that one user, lets say, userfoo be able to write and have all
    permissions on the share [memos]... and ALL others who are not userfoo have
    only read-only access...

    The ideia is that userfoo can upload files to the share and everyone could
    read them ...


    thanks!


    --
    Maginot J˙nior
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] Write access to one user and Read-Only for anyother

    > Im trying here to figure out how to make this to work...
    > I need that one user, lets say, userfoo be able to write and have all
    > permissions on the share [memos]... and ALL others who are not userfoo have
    > only read-only access...
    > The ideia is that userfoo can upload files to the share and everyone could
    > read them ...


    So set the file permissions; and write list =, etc... in the share
    configuration.

    --
    Adam Tauno Williams, Network & Systems Administrator
    Consultant - http://www.whitemiceconsulting.com
    Developer - http://www.opengroupware.org

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  3. Re: [Samba] Write access to one user and Read-Only for anyother

    the problem is if I set the write list or valid users Im only giving the
    permission to those in the list... and the big problem is how to set all
    other users to be in the read list ... I dont have group with all inside and
    are not going to be any... I tryed with something like

    [memos]
    path = /home/memos
    write list = foouser
    read list = !foouser

    but this doesnt work.... There are more them 100 users on this box so only
    one have to be able to write on the share and all others have only to be
    able to read....




    On 6/20/07, Adam Tauno Williams wrote:
    >
    > > Im trying here to figure out how to make this to work...
    > > I need that one user, lets say, userfoo be able to write and have all
    > > permissions on the share [memos]... and ALL others who are not userfoo

    > have
    > > only read-only access...
    > > The ideia is that userfoo can upload files to the share and everyone

    > could
    > > read them ...

    >
    > So set the file permissions; and write list =, etc... in the share
    > configuration.
    >
    > --
    > Adam Tauno Williams, Network & Systems Administrator
    > Consultant - http://www.whitemiceconsulting.com
    > Developer - http://www.opengroupware.org
    >
    > --
    > To unsubscribe from this list go to the following URL and read the
    > instructions: https://lists.samba.org/mailman/listinfo/samba
    >




    --
    Maginot J˙nior
    "the game of life"
    LPIC - CCNA - ┐Designer?
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  4. Re: [Samba] Write access to one user and Read-Only for anyother

    Hmm now its workin... BUT one more thing, and if I dont want to be prompted
    for an user name ?
    What I want to do is map the share with the foouser login and username info
    and all other who try to view the share could do it at the most transparent
    way, with no question for user and password... is that possible?


    And thanks for the help, worked great =)

    On 6/20/07, Eric Boehm wrote:
    >
    > On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote:
    > >>>>> "Maginot" == Maginot Junior writes:

    >
    > Maginot> the problem is if I set the write list or valid users Im
    > Maginot> only giving the permission to those in the list... and
    > Maginot> the big problem is how to set all other users to be in
    > Maginot> the read list ... I dont have group with all inside and
    > Maginot> are not going to be any... I tryed with something like
    >
    >
    > [memos]
    > path = /home/memos
    > write list = foouser
    > read list = !foouser
    >
    > No, you should use
    >
    > [memos]
    > path = /home/memos
    > read only = yes
    > write list = foouser
    >
    > This will make it read only except for anyone in the write list. From
    > man smb.conf
    >
    > write list (S)
    > This is a list of users that are given read-write
    > access to a service. If the connecting user is in this
    > list then they will be given write access, no matter
    > what the read only option is set to. The list can
    > include group names using the @group syntax.
    >
    > Note that if a user is in both the read list and the
    > write list then they will be given write access.
    >
    > This parameter will not work with the security = share
    > in Samba 3.0. This is by design.
    >
    >
    > Note the first paragraph -- "If the connecting user is in this list
    > then they will be given write access, no matter what the read only
    > options is set to."
    >
    > --
    > Eric M. Boehm /"\ ASCII Ribbon Campaign
    > boehm@nortel.com \ / No HTML or RTF in mail
    > X No proprietary word-processing
    > Respect Open Standards / \ files in mail
    >




    --
    Maginot J˙nior
    "the game of life"
    LPIC - CCNA - ┐Designer?
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  5. Re: [Samba] Write access to one user and Read-Only for anyother

    On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote:
    >>>>> "Maginot" == Maginot Junior writes:


    Maginot> the problem is if I set the write list or valid users Im
    Maginot> only giving the permission to those in the list... and
    Maginot> the big problem is how to set all other users to be in
    Maginot> the read list ... I dont have group with all inside and
    Maginot> are not going to be any... I tryed with something like


    [memos]
    path = /home/memos
    write list = foouser
    read list = !foouser

    No, you should use

    [memos]
    path = /home/memos
    read only = yes
    write list = foouser

    This will make it read only except for anyone in the write list. From
    man smb.conf

    write list (S)
    This is a list of users that are given read-write
    access to a service. If the connecting user is in this
    list then they will be given write access, no matter
    what the read only option is set to. The list can
    include group names using the @group syntax.

    Note that if a user is in both the read list and the
    write list then they will be given write access.

    This parameter will not work with the security = share
    in Samba 3.0. This is by design.


    Note the first paragraph -- "If the connecting user is in this list
    then they will be given write access, no matter what the read only
    options is set to."

    --
    Eric M. Boehm /"\ ASCII Ribbon Campaign
    boehm@nortel.com \ / No HTML or RTF in mail
    X No proprietary word-processing
    Respect Open Standards / \ files in mail
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  6. Re: [Samba] Write access to one user and Read-Only for anyother

    Ok, I will try to be more precise.

    This share:

    [memos]
    path = /home/memos
    read only = yes
    write list = foouser

    must be read by everyone BUT must be write only by the foouser.
    With the parameters like above I can login my foouser to get write/read
    access and I can log any other user, until now its ok.

    But the problem is that its asking for the username and password when I try
    to access the share . For a regular user who will only read the files (read
    access) this can be a problem because not everyone knows or remember the
    password or username (they are tipical users who forget things easy) so What
    i want to do is:

    at the foouser computer (w2k box) I will Map the Share and set the login and
    password so when he wants to upload any file to the share it will be
    possible and all he will do will be to open the share ( z:\ ) .... but this
    (the mapping) will not be done in the other computers so they must not be
    ask for a username and password, they must access the share direct (the smb
    must recognize that the user is not foouser and login as a guest or whatever
    be possible).

    the smb.conf file (some shares were ommited)

    [global]
    workgroup = DOMAIN
    netbios name = BNISERV04
    server string = Servidor de Arquivos
    interfaces = 192.168.0.4
    bind interfaces only = Yes
    encrypt passwords = Yes
    restrict anonymous = Yes
    log level = 5
    log file = /var/log/samba/log.%m
    max log size = 2048
    time server = Yes
    socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
    logon script = %u.bat
    logon drive = H:
    domain logons = Yes
    os level = 165
    preferred master = Yes
    domain master = Yes
    dns proxy = No
    wins support = Yes
    preload = homes
    invalid users = bin daemon adm sync shutdown halt mail
    news uucp operator
    admin users = root
    hosts allow = 192.168.0.0/255.255.255.0, 127.
    veto files = /mail/
    default case = lower
    case sensitive = No
    preserve case = No
    short preserve case = No
    guest account = gilberto
    map to guest = bad user
    [homes]
    comment = Home Directories
    read only = No
    create mask = 0600
    directory mask = 0700
    browseable = No
    [tmp]
    comment = Temporary file space
    path = /tmp
    read only = No
    guest ok = Yes

    [netlogon]
    path = /home/export/netlogon
    browseable = No
    guest ok = yes

    [oradocs]
    path = /home/export/oracledocs/producao
    read only = No
    create mask = 0777
    force create mode = 0777
    directory mask = 0777

    [memos]
    path = /home/memos
    read only = yes
    write list = foouser





















    On 6/20/07, Eric Boehm wrote:
    >
    > On Wed, Jun 20, 2007 at 12:37:09PM -0300, Maginot Junior wrote:
    > >>>>> "Maginot" == Maginot Junior writes:

    >
    > Maginot> Hmm now its workin... BUT one more thing, and if I dont
    > Maginot> want to be prompted for an user name ? What I want to do
    > Maginot> is map the share with the foouser login and username info
    > Maginot> and all other who try to view the share could do it at
    > Maginot> the most transparent way, with no question for user and
    > Maginot> password... is that possible?
    >
    > We would need to see you whole smb.conf. I'm not following what you
    > are trying to do. If you map the share to foouser login, then everyone
    > will have access.
    >
    > Perhaps you could give more concrete examples of what it is you are
    > seeing and what you are trying to do,.
    >
    > --
    > Eric M. Boehm /"\ ASCII Ribbon Campaign
    > boehm@nortel.com \ / No HTML or RTF in mail
    > X No proprietary word-processing
    > Respect Open Standards / \ files in mail
    >




    --
    Maginot J˙nior
    "the game of life"
    LPIC - CCNA - ┐Designer?
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  7. Re: [Samba] Write access to one user and Read-Only for anyother

    I'm no pro (by a long shot),
    But.....
    Have you looked into using the ACL commands for this ?

    Permissions can be specified using acl command setfacl for
    the right group/person.
    use getfacl to check the applied permissions.

    From my limited experimentation with these ACL
    commands, I would think you can accomplish the permissions you are after.

    Rgd's,
    Cary


    At 10:37 AM 6/20/2007, Maginot Junior wrote:

    >Hmm now its workin... BUT one more thing, and if I dont want to be prompted
    >for an user name ?
    >What I want to do is map the share with the foouser login and username info
    >and all other who try to view the share could do it at the most transparent
    >way, with no question for user and password... is that possible?
    >
    >
    >And thanks for the help, worked great =)
    >
    >On 6/20/07, Eric Boehm wrote:
    >>
    >>On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote:
    >> >>>>> "Maginot" == Maginot Junior writes:

    >>
    >> Maginot> the problem is if I set the write list or valid users Im
    >> Maginot> only giving the permission to those in the list... and
    >> Maginot> the big problem is how to set all other users to be in
    >> Maginot> the read list ... I dont have group with all inside and
    >> Maginot> are not going to be any... I tryed with something like
    >>
    >>
    >>[memos]
    >> path = /home/memos
    >> write list = foouser
    >> read list = !foouser
    >>
    >>No, you should use
    >>
    >>[memos]
    >> path = /home/memos
    >> read only = yes
    >> write list = foouser
    >>
    >>This will make it read only except for anyone in the write list. From
    >>man smb.conf
    >>
    >> write list (S)
    >> This is a list of users that are given read-write
    >> access to a service. If the connecting user is in this
    >> list then they will be given write access, no matter
    >> what the read only option is set to. The list can
    >> include group names using the @group syntax.
    >>
    >> Note that if a user is in both the read list and the
    >> write list then they will be given write access.
    >>
    >> This parameter will not work with the security = share
    >> in Samba 3.0. This is by design.
    >>
    >>
    >>Note the first paragraph -- "If the connecting user is in this list
    >>then they will be given write access, no matter what the read only
    >>options is set to."
    >>
    >>--
    >>Eric M. Boehm /"\ ASCII Ribbon Campaign
    >>boehm@nortel.com \ / No HTML or RTF in mail
    >> X No proprietary word-processing
    >>Respect Open Standards / \ files in mail

    >
    >
    >
    >--
    >Maginot J˙nior
    >"the game of life"
    >LPIC - CCNA - ┐Designer?
    >--
    >To unsubscribe from this list go to the following URL and read the
    >instructions: https://lists.samba.org/mailman/listinfo/samba
    >
    >
    >
    >--
    >No virus found in this incoming message.
    >Checked by AVG. Version: 7.5.472 / Virus
    >Database: 269.9.1/854 - Release Date: 6/19/2007 1:12 PM


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  8. Re: [Samba] Write access to one user and Read-Only for anyother

    On Wed, Jun 20, 2007 at 12:37:09PM -0300, Maginot Junior wrote:
    >>>>> "Maginot" == Maginot Junior writes:


    Maginot> Hmm now its workin... BUT one more thing, and if I dont
    Maginot> want to be prompted for an user name ? What I want to do
    Maginot> is map the share with the foouser login and username info
    Maginot> and all other who try to view the share could do it at
    Maginot> the most transparent way, with no question for user and
    Maginot> password... is that possible?

    We would need to see you whole smb.conf. I'm not following what you
    are trying to do. If you map the share to foouser login, then everyone
    will have access.

    Perhaps you could give more concrete examples of what it is you are
    seeing and what you are trying to do,.

    --
    Eric M. Boehm /"\ ASCII Ribbon Campaign
    boehm@nortel.com \ / No HTML or RTF in mail
    X No proprietary word-processing
    Respect Open Standards / \ files in mail
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  9. Re: [Samba] Write access to one user and Read-Only for anyother

    thanks for the help ... thanks to all
    now its working like it should... forget what I said in may last post the
    ask for a password I think was a windows bug the now is not having anymore.


    Thanks =)


    On 6/20/07, Cary Robinson wrote:
    >
    > I'm no pro (by a long shot),
    > But.....
    > Have you looked into using the ACL commands for this ?
    >
    > Permissions can be specified using acl command setfacl for
    > the right group/person.
    > use getfacl to check the applied permissions.
    >
    > From my limited experimentation with these ACL
    > commands, I would think you can accomplish the permissions you are after.
    >
    > Rgd's,
    > Cary
    >
    >
    > At 10:37 AM 6/20/2007, Maginot Junior wrote:
    >
    > >Hmm now its workin... BUT one more thing, and if I dont want to be

    > prompted
    > >for an user name ?
    > >What I want to do is map the share with the foouser login and username

    > info
    > >and all other who try to view the share could do it at the most

    > transparent
    > >way, with no question for user and password... is that possible?
    > >
    > >
    > >And thanks for the help, worked great =)
    > >
    > >On 6/20/07, Eric Boehm wrote:
    > >>
    > >>On Wed, Jun 20, 2007 at 11:53:59AM -0300, Maginot Junior wrote:
    > >> >>>>> "Maginot" == Maginot Junior writes:
    > >>
    > >> Maginot> the problem is if I set the write list or valid users Im
    > >> Maginot> only giving the permission to those in the list... and
    > >> Maginot> the big problem is how to set all other users to be in
    > >> Maginot> the read list ... I dont have group with all inside and
    > >> Maginot> are not going to be any... I tryed with something like
    > >>
    > >>
    > >>[memos]
    > >> path = /home/memos
    > >> write list = foouser
    > >> read list = !foouser
    > >>
    > >>No, you should use
    > >>
    > >>[memos]
    > >> path = /home/memos
    > >> read only = yes
    > >> write list = foouser
    > >>
    > >>This will make it read only except for anyone in the write list. From
    > >>man smb.conf
    > >>
    > >> write list (S)
    > >> This is a list of users that are given read-write
    > >> access to a service. If the connecting user is in this
    > >> list then they will be given write access, no matter
    > >> what the read only option is set to. The list can
    > >> include group names using the @group syntax.
    > >>
    > >> Note that if a user is in both the read list and the
    > >> write list then they will be given write access.
    > >>
    > >> This parameter will not work with the security = share
    > >> in Samba 3.0. This is by design.
    > >>
    > >>
    > >>Note the first paragraph -- "If the connecting user is in this list
    > >>then they will be given write access, no matter what the read only
    > >>options is set to."
    > >>
    > >>--
    > >>Eric M. Boehm /"\ ASCII Ribbon Campaign
    > >>boehm@nortel.com \ / No HTML or RTF in mail
    > >> X No proprietary word-processing
    > >>Respect Open Standards / \ files in mail

    > >
    > >
    > >
    > >--
    > >Maginot J˙nior
    > >"the game of life"
    > >LPIC - CCNA - ┐Designer?
    > >--
    > >To unsubscribe from this list go to the following URL and read the
    > >instructions: https://lists.samba.org/mailman/listinfo/samba
    > >
    > >
    > >
    > >--
    > >No virus found in this incoming message.
    > >Checked by AVG. Version: 7.5.472 / Virus
    > >Database: 269.9.1/854 - Release Date: 6/19/2007 1:12 PM

    >
    > --
    > To unsubscribe from this list go to the following URL and read the
    > instructions: https://lists.samba.org/mailman/listinfo/samba
    >




    --
    Maginot J˙nior
    "the game of life"
    LPIC - CCNA - ┐Designer?
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  10. Re: [Samba] Write access to one user and Read-Only for anyother

    On Wed, 2007-06-20 at 11:53 -0300, Maginot Junior wrote:
    > the problem is if I set the write list or valid users Im only giving the
    > permission to those in the list... and the big problem is how to set all
    > other users to be in the read list ... I dont have group with all inside and
    > are not going to be any... I tryed with something like
    > [memos]
    > path = /home/memos
    > write list = foouser
    > read list = !foouser
    >
    > but this doesnt work.... There are more them 100 users on this box so only
    > one have to be able to write on the share and all others have only to be
    > able to read....


    read only = yes / writable = no
    write list = foouser

    write list trumps read only.


    --
    Adam Tauno Williams, Network & Systems Administrator
    Consultant - http://www.whitemiceconsulting.com
    Developer - http://www.opengroupware.org

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread