Home arrow Site Administration arrow Page 7 - Dancing The Samba (part 1)

Access Denied - Administration

Tired of paying hundreds of dollars for commercial file serversoftware? Looking for an application that lets you share *NIX andWindows files seamlessly across a network? Say hello to Samba, softwarethat's so cool, it'll make you want to kick up your heels and dance,dance, dance!

TABLE OF CONTENTS:
  1. Dancing The Samba (part 1)
  2. Speaking In Tongues
  3. Building Blocks
  4. Temporary Insanity
  5. Meet Joe Nobody
  6. Home Sweet Home
  7. Access Denied
  8. Mounting Up
By: icarus, (c) Melonfire
Rating: starstarstarstarstar / 12
October 02, 2002

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement
Next up, group file areas. You can create a separate directory for every group on the system, and expose these directories as shares accessible only to members of the respective groups. For example, consider the following extract from the "/etc/group" file:
accounts:x:503:john,joe,sarah
admin:x:504:tom,harry
hr:x:505:tom,joe
Corresponding to these groups are sub-directories in the /home/groups directory:
$ ls -l /home/groups
drwxrws---    2 root     accounts     4096 Sep 25 11:11 accounts
drwxrws---    2 root     admin        4096 Sep 25 11:11 admin
drwxrws---    3 root     hr           4096 Sep 25 11:14 hr
Note the sticky bit set in the group file permissions - this is necessary to ensure that files and sub-directories created inside each group directory are automatically masked with the group name.

These directories can be exposed as shares, simply by adding the following section to the "smb.conf" file:
[groups]
comment = Group file area
path = /home/groups/
writeable = yes
force create mode = 0770
force directory mode = 0770
Restart the Samba daemons, and try connecting to the server. You should see all the sub-directories under the /home/groups directory, but should only have access to those you're a member of, as per the information in the "/etc/group" file. So user "joe" will be able to read and write to the "accounts" and "hr" directories, but will not even be able to view the contents of the "admin" directory.

You can map this directory on a Windows client to drive G:, like this:
c:\> net use g: \\olympus\groups
This type of group-based access makes it easy to set up secure areas on the Samba file server for group-based collaborative file sharing, and restrict access to them in a manner similar to that found in other, commercial file server products.

 
 
>>> More Site Administration Articles          >>> More By icarus, (c) Melonfire
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: