Linux samba read write

How to give Read, Write Permissions using IPs in SAMBA

I want to give Read and Write access based on the IPs instead of the Users in SAMBA using smb.conf This is the Text I copied from my smb.conf file.

[TEST] comment = test path = /mnt/vg-stg/storage/test read only = no writeable = yes oplocks = yes level2 oplocks = yes force security mode = 0 dos filemode = yes dos filetime resolution = yes dos filetimes = yes fake directory create times = no browseable = yes csc policy = manual veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/ veto files = /*:Zone.Identifier:*/ store dos attributes = yes map acl inherit = yes create mode = 0777 directory mode = 2777 printable = no guest ok = yes hosts allow = 10.20.20.213 #hosts readonly allow = [TEST] comment = test path = /mnt/vg-stg/storage/test read only = yes writeable = no oplocks = yes level2 oplocks = yes force security mode = 0 dos filemode = yes dos filetime resolution = yes dos filetimes = yes fake directory create times = no browseable = yes csc policy = manual veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/ veto files = /*:Zone.Identifier:*/ store dos attributes = yes map acl inherit = yes create mode = 0777 directory mode = 2777 printable = no guest ok = yes hosts allow = 10.20.20.147 #hosts readonly allow = 

But the Samba is not picking up the changes. Because when i try to access from explorer or Nautilus it is giving me error

Could not display "smb://XXX.XXX.XXX.XXX/Reports The file is of an unknown type 

2 Answers 2

I don’t think the options hosts readonly allow and hosts write list exist. btw: my samba/testparm do not either. theoretically this should do what you expect:

[mainBak] comment = Main Backup Writeable path = /mnt/vg-stg/storage/Main_Backup read only = no writeable = yes oplocks = yes level2 oplocks = yes force security mode = 0 dos filemode = no dos filetime resolution = no dos filetimes = no fake directory create times = no browseable = yes csc policy = manual veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/ veto files = /*:Zone.Identifier:*/ store dos attributes = yes map acl inherit = yes create mode = 0777 directory mode = 2777 printable = no guest ok = yes hosts allow = 10.91.12.109 10.91.12.115 10.91.12.95 10.91.12.67 10.91.12.109 10.91.12.115 10.20.20.147 [mainBak] comment = Main Backup Readonly path = /mnt/vg-stg/storage/Main_Backup read only = yes writeable = no oplocks = yes level2 oplocks = yes force security mode = 0 dos filemode = no dos filetime resolution = no dos filetimes = no fake directory create times = no browseable = yes csc policy = manual veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/ veto files = /*:Zone.Identifier:*/ store dos attributes = yes map acl inherit = yes create mode = 0777 directory mode = 2777 printable = no guest ok = yes hosts allow = 10.20.20.0/24 10.20.50.0/24 172.16.0.0/16 192.168.0.0/16 10.91.12.252 10.20.20.94 10.91.12.46 10.91.12.197 10.91.12.87 10.91.12.106 10.91.12.110 10.91.12.12 10.91.12.108 10.91.12.62 10.91.12.129 10.91.12.127 10.91.12.128 10.91.12.50 10.91.12.142 

Idea is to have same Name for share two times, but with different write-/read-rights and host-allows. If this is the only share you have in your config, you could export some options/settings to [global] to reduce redundancy.

Читайте также:  Создание группы пользователя linux

access-check you could do with: testparm /path/to/smb.conf hostname hostIP

Источник

Linux samba read write

Библиотека сайта rus-linux.net

read only , так и параметр writable . В примере ниже показан вариант использования параметра writable для разрешения записи в разделяемую директорию.

А это пример использования параметра read only для разрешения записи в разделяемую директорию.

12.3. Настройка разделяемого ресурса

После осуществления описанных манипуляций мы можем просто добавить описание разделяемого ресурса в файл конфигурации нашего сервера Samba с именем smb.conf . Ниже приведен пример проверки файла конфигурации с помощью утилиты testparm. (Мы могли бы изменить строку описания сервера. )

[root@RHEL52 samba]# testparm Load smb config files from /etc/samba/smb.conf Processing section "[pubwrite]" Processing section "[pubread]" Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] netbios name = TEACHER0 server string = Public Anonymous File Server security = SHARE [pubwrite] comment = files to write path = /srv/samba/writable read only = No guest ok = Yes [pubread] comment = files to read path = /srv/samba/readonly guest ok = Yes

12.4. Проверка возможности соединения с сервером с помощью ОС Windows

Теперь мы можем проверить возможность соединения с сервером с помощью компьютера, работающего под управлением ОС Windows 2003. Используем для этого команду net use .

C:\>net use L: \\teacher0\pubwrite net use L: \\teacher0\pubwrite The command completed successfully.

12.5. Проверка возможности записи в разделяемую директорию с помощью ОС Windows

Мы смонтировали разделяемый ресурс pubwrite в качестве дискового накопителя ОС Windows, обозначаемого буквой L:. Ниже представлен вывод, полученный в процессе проверки возможности записи в разделяемую директорию.

L:\>echo hoi > hoi.txt L:\>dir Volume in drive L is pubwrite Volume Serial Number is 0C82-272A Directory of L:\ 21/01/2009 06:11 . 21/01/2009 06:11 .. 21/01/2009 06:16 6 hoi.txt 1 File(s) 6 bytes 2 Dir(s) 13.496.238.080 bytes free

12.6. Как же это возможно?

Система Linux (или любая система UNIX) всегда требует наличия учетной записи пользователя для получения доступа к файловой системе. Но в данном случае компьютер, работающий под управлением ОС Windows, не предоставляет серверу Samba данных учетной записи пользователя или пароля. Вместо этого на уровне системы Linux владельцем файлов, созданных в рамках разделяемой директории с доступом для чтения и записи, является пользователь с учетной записью гостя (обычно с именем nobody).

[root@RHEL52 samba]# ls -l /srv/samba/writable/ итого 4 -rwxr--r-- 1 nobody nobody 6 янв 21 06:16 hoi.txt

Исходя из вышесказанного, описанное в главе решение не является безукоризненным. Нам придется усовершенствовать его.

12.7. Практическое задание: настройка файлового сервера с доступом для чтения и записи

1. Создайте директорию и представьте к ней доступ для чтения и записи средствами сервера Samba.

2. Убедитесь в том, что любой клиент из сети может читать и записывать файлы, проверьте возможность записи файлов с помощью утилиты smbclient, а также с помощью программных компонентов ОС производства компании Microsoft.

Читайте также:  Linux установка vnc сервер

3. Установите владельца файлов, созданных (различными) пользователями из сети.

12.8. Корректная процедура практического задания: настройка файлового сервера с доступом для чтения и записи

1. Создайте директорию и представьте к ней доступ для чтения и записи средствами сервера Samba.

mkdir /srv/samba/writable chmod 777 /srv/samba/writable

Секция разделяемого ресурса в файле конфигурации smb.conf может быть выглядеть аналогичным образом:

[pubwrite] path = /srv/samba/writable comment = files to write read only = no guest ok = yes

2. Убедитесь в том, что любой клиент из сети может читать и записывать файлы, проверьте возможность записи файлов с помощью утилиты smbclient, а также с помощью программных компонентов ОС производства компании Microsoft.

Тестирование возможности записи в разделяемую директорию с помощью утилиты smbclient:

echo один > count.txt echo два >> count.txt echo три >> count.txt smbclient //localhost/pubwrite Password: smb: \> put count.txt

3. Установите владельца файлов, созданных (различными) пользователями из сети.

Источник

Getting started with Samba for interoperability

The Samba suite helps you to easily share files between Linux and Windows systems. This first article of two teaches you how and where to begin with interoperability.

Getting started with sharing

File shares are important for collaboration in any network. In this series of articles, I will show you how Samba can help you set up and serve file shares on Linux servers that are accessible from both Linux and Windows clients.

Before we dive in and set up file shares, let’s cover what Samba is and what it can do for you.

Great Linux resources

Samba is a suite of applications that implements the Server Message Block (SMB) protocol. Many operating systems, including Microsoft Windows, use the SMB protocol for client-server networking. Samba enables Linux / Unix machines to communicate with Windows machines in a network.

Samba is open source software. Originally, Samba was developed in 1991 for fast and secure file and print share for all clients using the SMB protocol. Since then it has evolved and added more capabilities. Today Samba provides a suite of applications enabling seamless networking and interoperability between *nix and Windows.

Install the Samba packages

In this example, I’m using CentOS 8 with the hostname centos as my Samba server with an IP address of 192.168.1.122. The only package you will need to install is Samba, but I would like to include other client tools like samba-common and samba-client to test out our shares later.

# yum install samba samba-client samba-common -y

Create a directory to share and set its permissions

Once you’ve installed the required packages on the server, let’s create a directory and provide the required permissions on the directory. Create a directory called share on our root directory. You can name this directory anything you want to, and give it read, write and execute permissions. In this example, we will rely on the Samba configuration to control read, write access to the shared directory.

# mkdir /share # chmod -R 777 /share

Now that we have installed necessary packages, it’s time to configure the shared directory. The configuration file is located under /etc/samba . Using your favorite text editor, append the following to /etc/samba/smb.conf . Leave the rest of the configuration file as is and this should be good for our setup.

# vim /etc/samba/smb.conf [myshare] comment = My share path = /share read only = No

I have created a share called myshare and provided a path to the share, which in our case is located at /share . I then gave it read/write permissions with read only = No . There are many other configuration parameters that you may pass here, but for our setup these settings are good.

Читайте также:  Linux kernel source dir

Check the Samba configuration

Samba provides a tool to check our configuration file. We can check if our configuration file has any errors by using the testparm command.

Next, we need to create a Samba user account, so that Samba can communicate in Samba sessions with shares. The smbpasswd command has several functions depending on if you run the command as root or as a standard user. If you issue smbpasswd without any arguments as a non-root user, by default smbpasswd will change the current logged in user’s Samba password. When you run smbpasswd command as root , you will be able to create new Samba accounts. You can create a Samba account only for existing Linux user accounts.

# smbpasswd -a user New SMB password: Retype new SMB password:

We need to configure SELinux on the /share directory so the Samba service has proper permissions.

# semanage fcontext -a -t samba_share_t "/share(/.*)?" # restorecon -R -v /share

Next, we need to enable and start the smb and nmb services.

# systemctl enable smb # systemctl start smb #systemctl enable nmb #systemctl start nmb

If you have firewalld running on your server, we need to configure it to allow Samba traffic. You can do so by using the firewall-cmd command. Don’t forget to make those changes permanent and reload firewalld .

Now we have our services enabled and started. We can check to see if the share is available from the server by using the smbclient tool. This is the reason I have installed the Samba client tools on the local machine. The command uses the following syntax:

# smbclient -U user -L 192.168.1.122 Enter SAMBA\user's password:

Let’s check if we can access the share by issuing the following command on the server:

# smbclient -U user //192.168.1.122/myshare Enter SAMBA\user's password: Try "help" to get a list of possible commands. smb: \>

We have installed and configured the Samba file share service on our Linux server. We were able to access those shares on the local machine. In the next article, we will set up one Linux client and one Windows 10 client to access share we just created.

[ Want to learn more about Linux system administration? Take a Red Hat system administration course. ]

Источник

Оцените статью
Adblock
detector