You are here
Howdy! Am new to the Linux world and have been have been fumbling around trying to get a simple file server up an running in my small office. Real basic needs for now, just sharing files amongst coworkers, but eventually I'm going to need to set up more detailed security privileges (Tom and Dick can read and write to everything, Harry can only read, etc..). But for now I just want to get the files up on the server and shared.
I've created the users in linux and synched them in Samba (via Webmin and then through smbpasswd just to be safe), have poured through hundreds of different sites detailing solutions via permissions, smb.conf changes, etc.. I've tried them all to no avail.
My problem is that I'm able to create the shares but they are created with the user ROOT. Logged in as ROOT and I can do as I please. Log in as another user and I'm able to see the files but not able to change them or create new ones. If I change the owner to whatever the user is then that user is able to do as they please, but no one else can (in that directory). No other user is able to create anything in a share that is not owned by them. You're all probably pointing at the screen and laughing, but this has me perplexed.
How can I create a share that allows multiple users to copy files to it, modify them, delete them, etc..? I don't want to strip security away entirely but am willing to try anything at this point.
HAALLPP!!
BTW, I am CLI-tarded so if it can't be done in webmin, please explain it slowly and with small words.
Here's a copy of my SMB.CONF file:
To blanket allow all users to do anything
The easiest for general sharing is to set file permissions to 777 (i.e. anyone can read/write/execute):
This should change the permissions for the folder and all subdirectories and contained files (the '-R' switch). And any new files should inherit those same permissions... Note that this is for the Linux users...
Further note that with Samba on Linux (as with Windows) there are 2 levels of permissions. The Samba (or share) level permissions and the filesystem level permissions (the NTFS file/folder permission on Windows). The above command is adjusting the file level permissions, you may also need to tinker with the Samba permissions as well to get your desired results.
Personally I use the Samba permissions to control what is visable or not the the user and the file level permissions to control who has read/write or read only permissions. I don't know if this is the best way but i find it effective.
See how you go, when the time comes to create a more complex setup, feel free to post back and I'll try to help you out.
IT WORKS!!
Jeremy, I owe you a beer brother. Worked like a charm. I had the permissions set to 755 before.
I'm going to have to read up on permissions, etc.. Any recommendations for a newbie?
Thanks again Jeremy!!
SMB/Samba is not secure over internet
I'm not sure what protocols Aptava supports but personally a secure one that is safe online such as SFTP would be the way to go. Even if it doesn't support it OOTB I'm sure that there would be a plugin for it.
FWIW TKL already has SFTP configured and enabled; although the setup of a new user who is part of the www-data group would probably be best.
Don't wipe your permissions.
you are the best!
Add new comment