Linux Visibility on Microsoft Network
Rick Stevens
rstevens at vitalstream.com
Mon Apr 5 23:08:33 UTC 2004
Wesa, Richard (GE Consumer & Industrial) wrote:
> Rick,
> Thanks. I am going to mess with swat. In the meantime you asked what I want to do with this server.
> To start with I would like to create a share (directory) which ANY user could read or write to.
If you want all users to write to the _same_ directory and you're not
concerned with oodles of security, create the directory on the Linux
machine and give it world write privileges:
# mkdir /some/directory
# chmod 777 /some/directory
Then change your /etc/samba/smb.conf file's [homes] section to read:
[homes]
comment = Universal home directory
path = /some/directory
browseable = yes
writeable = yes
guest ok = yes
create mode = 0666
directory mode = 0777
Then stop and restart samba:
/etc/rc.d/init.d/samba restart
Note that this allows ANYONE to write to /some/directory. This is, uhm,
dangerous!
> -----Original Message-----
> From: redhat-install-list-bounces at redhat.com
> [mailto:redhat-install-list-bounces at redhat.com]On Behalf Of Rick Stevens
> Sent: Monday, April 05, 2004 3:26 PM
> To: Getting started with Red Hat Linux
> Subject: Re: Linux Visibility on Microsoft Network
>
>
> Wesa, Richard (GE Consumer & Industrial) wrote:
>
>>Rick,
>>Thanks for the quick response. I have attached smb.conf but I did not know how to attach
>>it to the list which you were referring to.
>
>
> This is the list (mailing list). When I said "post it to the list", I
> meant just include the text of the file inside your message. Most
> people on the list won't read attachments as they can contain virii.
> However, I'll look at it.
>
> (for the others on the list that won't open attachments, here's the
> gist of what I'm going to speak about):
>
> #===================== Share Definitions ==============================
> [homes]
> comment = Home Directories
> browseable = no
> writeable = yes
> valid users = %S
> create mode = 0664
> directory mode = 0775
> # If you want users samba doesn't recognize to be mapped to a guest user
> ; map to guest = bad user
>
>
> # Un-comment the following and create the netlogon directory for Domain
> Logons
> ; [netlogon]
> ; comment = Network Logon Service
> ; path = /usr/local/samba/lib/netlogon
> ; guest ok = yes
> ; writable = no
> ; share modes = no
>
>
> # Un-comment the following to provide a specific roving profile share
> # the default is to use the user's home directory
> ;[Profiles]
> ; path = /usr/local/samba/profiles
> ; browseable = no
> ; guest ok = yes
>
>
> # NOTE: If you have a BSD-style print system there is no need to
> # specifically define each individual printer
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = no
> # Set public = yes to allow user 'guest account' to print
> printable = yes
>
> # This one is useful for people to share files
> ;[tmp]
> ; comment = Temporary file space
> ; path = /tmp
> ; read only = no
> ; public = yes
>
> # A publicly accessible directory, but read only, except for people in
> # the "staff" group
> ;[public]
> ; comment = Public Stuff
> ; path = /home/samba
> ; public = yes
> ; writable = yes
> ; printable = no
> ; write list = @staff
>
> # Other examples.
> #
> # A private printer, usable only by fred. Spool data will be placed in
> fred's
> # home directory. Note that fred must have write access to the spool
> directory,
> # wherever it is.
> ;[fredsprn]
> ; comment = Fred's Printer
> ; valid users = fred
> ; path = /home/fred
> ; printer = freds_printer
> ; public = no
> ; writable = no
> ; printable = yes
>
> # A private directory, usable only by fred. Note that fred requires write
> # access to the directory.
> ;[fredsdir]
> ; comment = Fred's Service
> ; path = /usr/somewhere/private
> ; valid users = fred
> ; public = no
> ; writable = yes
> ; printable = no
>
> # a service which has a different directory for each machine that connects
> # this allows you to tailor configurations to incoming machines. You could
> # also use the %U option to tailor it by user name.
> # The %m gets replaced with the machine name that is connecting.
> ;[pchome]
> ; comment = PC Directories
> ; path = /usr/local/pc/%m
> ; public = no
> ; writable = yes
>
> # A publicly accessible directory, read/write to all users. Note that
> all files
> # created in the directory by users will be owned by the default user, so
> # any user with access can delete any other user's files. Obviously this
> # directory must be writable by the default user. Another user could of
> course
> # be specified, in which case all files would be owned by that user instead.
> ;[public]
> ; path = /usr/somewhere/else/public
> ; public = yes
> ; only guest = yes
> ; writable = yes
> ; printable = no
>
> # The following two entries demonstrate how to share a directory so that two
> # users can place files there that will be owned by the specific users.
> In this
> # setup, the directory should be writable by both users and should have the
> # sticky bit set on it to prevent abuse. Obviously this could be extended to
> # as many users as required.
> ;[myshare]
> ; comment = Mary's and Fred's stuff
> ; path = /usr/somewhere/shared
> ; valid users = mary fred
> ; public = no
> ; writable = yes
> ; printable = no
> ; create mask = 0765
>
> [root]
> path = /root
>
>
> Ok. I've looked at it. There are a number of things that are going
> to prevent you from seeing any shares.
>
> There are two sections that are live, "homes", "printers" and "root".
> You won't be able to see anything in "homes" as it is not browseable and
> since you are probably connecting as a user on the Windows side that is
> unknown on the Linux side, you can't access it anyway as the allowed
> users ("valid users = %S") are limited to users that have accounts on
> the Linux machine itself.
>
> I won't deal with "printers" here, unless you actually need Windows
> access to a Linux printer.
>
> As for "root", you've set up just a path for that, but you've provided
> no other access information for it.
>
> How to fix? Well, that rather depends on what you want to do. If you
> can be a bit more specific about what you're trying to do, perhaps we
> can help.
>
> You may also want to enable "swat" on the Linux machine. It is a GUI
> tool that helps you configure Samba. To turn it on, edit your
> "/etc/services" file and make sure there is a line that looks like
> this:
>
> swat 901/tcp # Samba Web Administration Tool
>
> in it and that there's no leading "#" on the line. Then either edit
> the /etc/xinetd.d/swat file and change the "disable = yes" line to
> "disable = no" and "kill -HUP `pidof xinetd`" (yes, those are backticks)
> or simply run swat from the command line: "swat &". Then use the web
> browser on the Linux machine and access "http://localhost:901" and you
> should see the swat configuration screen.
> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
> - VitalStream, Inc. http://www.vitalstream.com -
> - -
> - A day for firm decisions!!! Well, then again, maybe not! -
> ----------------------------------------------------------------------
>
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe
>
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-install-list
> To Unsubscribe Go To ABOVE URL or send a message to:
> redhat-install-list-request at redhat.com
> Subject: unsubscribe
>
--
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Grabel's Law: 2 is not equal to 3--not even for large values of 2. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list