Samba + mounted disks + permissions?

Post by **ayu** » 12 Sep 2008, 01:49

Ok so I have a samba fileserver here at home, and my room mate wants to be able to access it and download files, and also I thought of giving him a folder where he can upload stuff to me when needed.

So I created a new samba user and a new user for the box (since I have security = user on the server). But of course, his account doesn't have shell access.

Anyway, I added the group "samba" and added myself and him to it.

I have 2 mounted disks

the first disk is named gb100 and has the following permissions

owner: www-data:www-data (my account is a member of www-data)
mod: 0770

So my room mates account shouldn't be able to access it. And then I have another disk named gb500 with the following permissions

owner: cats: samba
mod: 0750

So my friend should only be able to download and execute from it, nothing more. Then he has a folder called "smbupload" in the gb500 disk that has owner cats:samba and mod 0770, so he should be able to access it.

Now, the problem is that he can access EVERYTHING.... and when I do "ls -l" I get that root:root is the owner of all the folders =/

Is there something I missed? the disks are mounted automatically through fstab....to /mnt

Post by **bad_brain** » 12 Sep 2008, 04:59

hm, are you using the "forced user/group" setting in the config again?

Post by **ayu** » 12 Sep 2008, 05:00

bad_brain wrote:hm, are you using the "forced user/group" setting in the config again?

naah removed it, since my friend couldn't login with the force user, and with or without the group didn't matter.

I think it's something when the disks are being mounted, since they seem to belong to root for some reason.

EDIT:

Ok I read a little more about fstab and changed to the following:

/dev/sdb1 /mnt/gb100 ntfs-3g uid=www-data,gid=www-data,umask=007,nls=utf8 0 0
/dev/sdc1 /mnt/gb500 ntfs-3g uid=cats,gid=samba,umask=027,nls=utf8 0 0

Now, this one works partially. But there is till one problem. This sets the permissions for ALL files and folders on the disk, I want to be able to set some of them differently because I have a lot of private stuff on those disks.

I want some to be only readable, and only one folder with write permissions. Then I have my private folders that shouldn't even be viewable. But at the moment he can only read everything, not write anywhere or delete.

Is there any way to change individual folders?

Post by **ayu** » 25 Sep 2008, 10:08

Googled around on this topic a lot today, didn't find anything of interest =/

The thing is, that when the share is mounted, I can set the permissions for the WHOLE share, but since the share is one large disk that is mounted, with many subdirectories, then all of the folders get the same permissions, and there is ONE folder that I want other Samba users to be able to write in... the other ones are too sensitive and can only be read... but at the moment no folder can be written to, since I don't know how to set individual permissions on the folder on the mounted disk =/

I dunno why though, I mean shouldn't the permissions still be there even after I unmount and restart? The permissions are at the moment set when the disc is being mounted through fstab.

Tip, anyone?

Post by **bad_brain** » 25 Sep 2008, 10:57

hmm...can I see the fstab entry?

and have you tried to set the folder up as extra share independent from the other one?

Post by **ayu** » 25 Sep 2008, 11:07

bad_brain wrote:hmm...can I see the fstab entry?

and have you tried to set the folder up as extra share independent from the other one?

The fstab entry is 2 posts up.

And no, since the permissions are set when the drive is mounted, I didn't see any reason to do so =/

Post by **bad_brain** » 25 Sep 2008, 11:47

hm, the general write-problem is most likely caused by the umask value, because when a directory has 777 umask 027 will result in an effective permission of 750. so try it with umask 007....

Post by **ayu** » 06 Oct 2008, 12:52

But, let's say that I don't have Samba, just skip that part ... because the issue starts with the mounting ...

When the disk is mounted with mount -t ntfs /dev/sdb1 /mnt (or with the other ntfs tool) the owner of all the files are root, and can NOT be changed. But If I mount with fstab, I can at least change some of the overall permissions. But, I don't get it, I mean it just doesn't add up. It can suck that much that I can't edit permissions on another disk then the system disk.

Or is it because the filesystem is NTFS? I mean would it work with having the disk in ext3 and then mount it with fstab, change the permissions and ownerships, and then remount and it would still be there?

I am highly confused about that, because if I could just get the filesystem level permissions right, then it would solve everything =/

Post by **bad_brain** » 06 Oct 2008, 13:32

ohhh....

yeah, you found the problem by yourself:
it is because the file system is NTFS....ext3 has it's name for a reason: extended file system. NTFS don't have this extensions and can't handle permissions like user/group or read/write/execute....you can set the permissions while having the partition mounted, but changes can't be stored by the file system.
it should work out of the box with an ext file system...

Post by **ayu** » 06 Oct 2008, 13:37

Finally a solution!

:D:D:D:D:D ME LOVE YOU LONG TIME xD

Fuck trigonometry! I'm getting a backup HDD and changing filesystems! ^^