In order to control user permissions on a Samba file share, you need to do the following.
- Create the user in unix. Use adduser or useradd. The user can have /usr/sbin/nologin to prevent console logins, if you desire. You can probably avoid giving them a password since the next command will take care of that.
- Create the user with 'sudo smbpasswd -a User' and set the password AGAIN. This will sync it against the unix database.
After that, you can use 'sudo pdbedit -L' to see a list of valid Samba users.
Next, configure your smb.conf (/etc/samba) to use the following:
[global]
security = user
[MyShare]
comment = My Shared Storage
path = /nas/MyShare
browseable = yes
guest ok = no
writeable = yes
create mask = 755
read list = Home
write list = Bob Fred Joe
admin users = Sam
This will allow Sam to administer the share with root permissions. Bob, Fred, and Joe will be able to write files to the share. "Home" user will be able to read it, but not write data.
No comments:
Post a Comment