HPE Community
Operating System - Linux
1829159 Members
2217 Online
109986 Solutions
New Discussion

Re: samba user access to /var/www

 
joseph wholey
Regular Advisor

‎10-23-2006 08:54 AM

‎10-23-2006 08:54 AM

samba user access to /var/www

I have a few users in which I need to give full permissions to in the /var/www directory and all sub-dirs. Currently /var/www is owned access is root:root. Does anyone have any recommendations as to how to set these few users up using samba so they can access /var/www and all subdirs without having to change the group permissions? thx.
0 Kudos
Reply
7 REPLIES 7
Ivan Ferreira
Honored Contributor

‎10-23-2006 10:08 AM

‎10-23-2006 10:08 AM

Re: samba user access to /var/www

You don't have too many options, you do have to change the group and permissions for the directories under /var/www or starting with /var/www.

For example:

groupadd webdev
find /var/www -type d -exec chgrp webdev {} \;
find /var/www -type d -exec chmod 775 {} \;

In the samba share, use the option:

valid users = @webdev

Add the users to the webdev group.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
joseph wholey
Regular Advisor

‎10-23-2006 01:36 PM

‎10-23-2006 01:36 PM

Re: samba user access to /var/www

Ivan, thanks for the reply. For some reason, when I put "valid users = @webdev", windows prompts me for a user name and password when logging in. However, it does not accept what actually is the correct username and password. To get around this, I have to use the "force group = webdev", and then I can access the samba share. Unfortunately, so can anyone else. Here is my smb.conf. Any ideas?

[global]
workgroup = AMRS
; security = DOMAIN
security = user
encrypt passwords = Yes
map to guest = Bad User
password server = *
log file = /var/log/smb.log
keepalive = 30
os level = 2
use mmap = no
socket options = SO_KEEPALIVE TCP_NODELAY
wins server = 146.125.26.201;170.240.224.201;146.125.26.202;170.240.224.202

[WEBDEV]
comment = Web Developers
force group = webdev
path = /var/www
public = yes
writable = yes
printable = no
create mask = 0770
0 Kudos
Reply
Stuart Browne
Honored Contributor

‎10-23-2006 04:00 PM

‎10-23-2006 04:00 PM

Re: samba user access to /var/www

Joseph,

Dumb question: Did you set up the 'group' called 'webdev', and add those selected users to that group?

You need to have the 'valid users = @webdev'. You can leave the 'force group = webdev', but the lack of 'valid users' is what's allowing everybody access.
One long-haired git at your service...
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎10-24-2006 12:12 AM

‎10-24-2006 12:12 AM

Re: samba user access to /var/www

You can achieve what you want with admin users directive in your smb.conf.

Below is an example:

[web]
path = /var/www
admin users = user1 user2 user3



Of course user1,user2,user3 must exist.
0 Kudos
Reply
joseph wholey
Regular Advisor

‎10-24-2006 06:18 AM

‎10-24-2006 06:18 AM

Re: samba user access to /var/www

Thanks for the responses:

re: Dumb question: yes, I did setup the group and I did put the users in it. By adding that parameter, 'valid users = @webdev', it actually causes SAMBA to "break" (it prompts me for username and password, but doesn't accept them). When I remove it, I'm able to map the share... but so is everyone else.

re: admin users: same situation as above.



Of course user1,user2,user3 must exist.

0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎10-24-2006 06:58 AM

‎10-24-2006 06:58 AM

Re: samba user access to /var/www

Remove the password server option. You should not use the password server with security = user.

Ensure that you added the user using smbpasswd -a.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
joseph wholey
Regular Advisor

‎10-24-2006 07:16 AM

‎10-24-2006 07:16 AM

Re: samba user access to /var/www

Thanks for the responses:

re: Dumb question: yes, I did setup the group and I did put the users in it. By adding that parameter, 'valid users = @webdev', it actually causes SAMBA to "break" (it prompts me for username and password, but doesn't accept them). When I remove it, I'm able to map the share... but so is everyone else.

re: admin users: same situation as above.


re: 'password server = *' same situation.

i.e. withoug 'force group = webdev', I'm unable to write to the directory with any of the above 3 options.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.