If /srv, or wherever you have configured your share path, is part of the / partition then a reboot may be required. This example assumes /srv is on a separate partition. Then remount the partition: sudo mount -v -o remount /srv For example, to enable ACLs on /srv in an EXT3 filesystem, edit /etc/fstab and add the acl option: UUID=66bcdd2e-8861-4fb0-b7e4-e61c569fe17d /srv ext3 noatime,relatime,acl 0 1 Fortunately POSIX ACLs are available on Ubuntu servers, which provides more fine-grained control. Traditional Linux file permissions do not map well to Windows NT Access Control Lists (ACLs). Now that Samba has been configured to limit which groups have access to the shared directory, the filesystem permissions need to be checked. Users having administrative permissions may read, write, or modify any information contained in the resource the user has been given explicit administrative permissions to.įor example, if you wanted to give the user Melissa administrative permissions to the share example, you would edit the /etc/samba/smb.conf file, and add the following line under the entry: admin users = melissaĪfter editing /etc/samba/smb.conf, reload Samba for the changes to take effect by running the following command: sudo smbcontrol smbd reload-config Such permissions may be defined by editing the /etc/samba/smb.conf file and specifying the explicit permissions inside a share.įor example, if you have defined a Samba share called share and wish to give read-only permissions to the group of users known as “qa”, but wanted to allow writing to the share by the group called “sysadmin” and the user named “vincent”, then you could edit the /etc/samba/smb.conf file and add the following entries under the entry: read list = list = vincentĪnother possible Samba permission is to declare administrative permissions to a particular shared resource. Read and write permissions define the explicit rights a computer or user has to a particular share. For example, if you wished to use a group named sysadmin in a certain section of the /etc/samba/smb.conf, you would do so by entering the group name as If a group name has a space in it, use double quotes, like Releases". When mentioning groups in the Samba configuration file, /etc/samba/smb.conf, the recognized syntax is to preface the group name with an symbol. All other users only have access to resources explicitly allowed to the group they are part of. Danika can access resources available to both groups since she belongs to both the “qa” and “support” groups. Any network resources configured to allow access by the “qa” group will be available to Freda, Danika, and Rob, but not Jeremy or Vincent. For example, let’s consider a group called “qa” is defined to contain the users Freda, Danika, and Rob, and then a group called “support” is created containing the users Danika, Jeremy, and Vincent. This provides granularity in controlling access to such resources. Groups define a collection of users who have a common level of access to particular network resources. Using the example, this section will cover some common options. There are several options available to control access for each individual shared directory. Multi-node configuration with Docker-Composeĭistributed Replicated Block Device (DRBD)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |