How to differentiate SAMBA access rights?

A

Anton Pavlov2015-02-06 08:01:36

linux

Anton Pavlov, 2015-02-06 08:01:36

There is a server under Debian 7.5, samba is configured with access control, i.e. the user enters credentials and gets into strictly defined folders and has full access to them and their contents. Now I want to make sure that user1 has read-only file permissions, and user2 has read-write permissions.
In samba it is done like this
[arm_site]
path = /media/ftp-data/arm_site
readonly = no
writable = yes
guest ok = yes
valid users = @pavlovas,@admins,L_D_S,R_S_V,T_A_B
public = yes
create mask = 0777
directory mask = 0777
i.e. valid users are those users who have full access

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

DarthCorsair, 2015-02-06
@DarthCorsair

write list = user2
read only = user1

E

Evgeny Lavrentiev, 2015-02-06
@lavrentiev

Well, as an option, it is to create each user and assign it to a folder, and then set the rights using chmod. 2) Unfortunately, there is no normal delimitation of rights in samba, by the way, it may already be present in the latter, but because of problem 1 it makes no sense.
By the way, I’ll tell you the moment, I had a fleet of more than ~ 100 machines and also wanted to distribute personal folders among users + a shared folder (there were several because there were several departments) As a result, we encountered a problem that has no solution:
1) If the user is windows then it will not be able to vary from one user to another. windows does not reset authorization. (And this is very sad, so in order to avoid the problem, we removed this option and made each department its own account + chmod, and thus only its department had access to the personal documents of its department employees and had access to the shared folder.)