| View previous topic :: View next topic |
| Author |
Message |
Kessel
n00b
Joined: 19 Mar 2003
Posts: 3
|
 Posted: Tue Jun 01, 2004 7:08 pm Post subject: Samba 3.0 doesnt work the way 2.0 used to |
 |
|
Hi
I used to run my smb server like followed:
[global]
security = user
map to guest = bad user
guest account = nobody
.....
[dieter] #share of the user dieter
path = /home/dieter
guest account = dieter
writeable, browseable, creamask.......
So whenever a Windows Box wanted to mount (can you say it that way?) the share -> map to guest and the guest was the owner of the share, he could, without a PW, write and read from the share.
But since Gentoo updated to samba 3.0 this doesnt work any more. The guest account in the different shares are ignored and the one discribed in [Global] -> nobody is used.
Please help me with his, though I know its not the safest way to run a smb server, I liked it that way.
Thanks |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Tue Jun 01, 2004 7:17 pm Post subject: |
|
|
You might want to read some of the new documentation over on www.samba.org; that's not the only thing that changed!
There are numerous changes to the security model, and Windows access options, and... just check out the official site.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
Kessel
n00b
Joined: 19 Mar 2003
Posts: 3
|
| Posted: Tue Jun 01, 2004 8:03 pm Post subject: |
|
|
Wow, just the answer I was hoping to get, you really helped me.
I am just answering because adaptr made me think of one strange thing.
using:
[global]
guest account = dieter
....
makes the share of dieter work, but of nobody else on the system. Using the uname of another user makes his share work, but none of the others.
So anything is set up properly for guest account =, it just doesnt work the way it should (even as it is described at samba.org docuentation).
And please, no answer like: "But its not safe" or RTFM, did nothing else for some hours now. |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Tue Jun 01, 2004 8:39 pm Post subject: |
|
|
| Kessel wrote: | | Wow, just the answer I was hoping to get, you really helped me. |
Glad to help!
| Kessel wrote: | | And please, no answer like: "But its not safe" or RTFM, did nothing else for some hours now. |
You might try to show some of that.
It's a crazy idea to a leecher like you, I know.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
nobspangle
Veteran
Joined: 23 Mar 2004
Posts: 1318
Location: Manchester, UK
|
| Posted: Tue Jun 01, 2004 10:21 pm Post subject: |
|
|
what you are trying to do doesn't make sense.
Why would Dieter want to access his own share with a guest account, that just means anybody can access his share with full permissions, if that is the case for all the shares you may as well just chmod his directory 777 and use any old user for the guest.
If you say
[global]
guest account = dieter
then all the shares where guest ok = yes will be accessable provided they can be accessed by the unix user dieter
Guest access is usually used to give readonly access to shares, if you want the guest to have full access you just chmod the files to give that access. |
|
| Back to top |
|
|
Chris W
l33t
Joined: 25 Jun 2002
Posts: 972
Location: Brisbane, Australia
|
| Posted: Tue Jun 01, 2004 10:57 pm Post subject: |
|
|
Putting the option | Code: | | guest account = user |
in any section of the smb.conf other than [global] elicits the following error message in /var/log/samba/log.smbd: | Code: | | Global parameter guest account found in service section! |
AFAIK this has not changed since Samba 2.
The [global] section should contain a 'guest account = user' declaration specifying what Linux user unauthenticated Windows users access files as. If guest access is allowed to a share then the 'guest ok = yes' should be added to the section describing the share. On top of any limit applied by Samba (e.g. read only = yes), unauthenticated users will be limited in what they can read/write by the Linux rights of the specified guest user.
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein |
|
| Back to top |
|
|
|
Networking & Security
