breezy LVM and samba questions

Eric S. Johansson esj at harvee.org
Sun Oct 16 20:20:34 UTC 2005 

Kim Briggs wrote:
> 
>     samba:
> 
>     as usual, authentication is a problem.  Create the file share, can't
>     login.  setup password with smbpasswd, no authentication.   didn't
>     change anything with the breezy samba configuration.  It would be nice
>     to have authentication problems handled when a shares created.
> 
>     again, what's the magic incantation allowing one to login to a samba
>     share?
> 
> 
> Sorry I can't help you with all the security issues, but I have just 
> figured out how to setup samba on a trusted LAN and will list the 
> parameters here in case it is useful for someone.  My incantation in 
> this example is "all for one and one for all".

thanks.  Also, I'm not sure what I did but now smbpasswd is working as 
it had in the past and so now I can do per user authentication which is 
better.

sticking with the default Samba configuration, you need to do two things 
to activate file shares.  You need to not do one thing.

1) don't create a file share using the system >> administration >> 
shared folders tool for exporting your home directory.  Only use it for 
exporting non-home directories.  exporting your home directory happens 
automatically.

2) make a few minor changes in /etc/samba/smb.conf

for sharing printers uncomment:

load printers = cups
printing = cups
printer name = cups

in [printing]
browsable = yes

the default script will share your home directory read-only with anyone 
using your user ID and password.  Making it read/write:

[home]
writable = yes


> 
> "security = share": This is not the default, but suggested in Suse Yast 
> program for home network/SOHO.  It allows everyone to see all the shares 
> before asking for a password.  Passwords done by share and not user.

so how do you assign a single username password to a share?  And do so 
without requiring the end-user to totally live in sparkly world of 
command lines?

> In addition, these items are useful to add to the share section if you'd 
> like all the files there to have the same owner (not "nobody", for 
> example), the same group and would like all files and directories to be 
> created with the same permissions (yes, this is a home network).
> 
> force user = user_name
> force group = users
> guest account = same_user_name (needed?)
> force directory mode = 0775
> force create mode = 0775

this is useful for shared spaces.  I was just going to use one username 
and password, different from the user's username and password, for 
common space.

--- eric

More information about the ubuntu-users mailing list