Join Log in
Score:0
Belushi avatar Ubuntu

How to set up SAMBA user permissions?

cn flag
Belushi

I would like to configure a homemade NAS. It runs Ubuntu 20.04 LTS Server and use SAMBA to share the content of disk. It works perfectly (i can reach the shared folder). Now I would like to set permissions.

Idea:

There are 5 different user (client) who would like to use this server. Two of them (user 1, user2) can access the whole HDD (all directory with Read/Write permissions). The rest (user3-4-5) can acces the whole content also, but with read-only permissions. However there are some directory (ex. theirs private dirs) which are readable/writeable for them too.

To make this idea more understandable, I created a directory map, where green dir = read/write and red dir = read-only:

user1 and user2:

user1 and user2

user n (n=3,4,5):

user n

I modified /etc/samba/smb.conf like this:

[My shared folder]

path = /media/my/shared/folder
read only = no
read list = user3 user4 user5
browseable = yes
hosts allow = ip1 ip2 ip3 ip4 ip5
hosts deny = 0.0.0.0/0
valid users = user1 user2 user3 user4 user5
max connections = 5

(users already added to samba)

The main problem is that user3-4-5 cannot modifie theirs private folder, because the whole HDD is read-only for them.

How can I set permissions correctly to user3-4-5 be able to R/W (modifie) theirs (ONLY theirs) folders?

108
1 + 0
Score:0
SEWTGIYWTKHNTDS avatar Ubuntu
cn flag
SEWTGIYWTKHNTDS

I would set up shares for the users private home directories, the standard samba config file has sections for this with extensive comments.

For the other parts of the disk stick with the config which you have already created.

0 + 2
Belushi avatar
cn flag
Belushi
I don't want to create multiple shared folders. Is there any way to solve this problem without creating 3 extra (user3-4-5) shared places? I just want to share 1 folder (whole content of my NAS)
0
Reply
SEWTGIYWTKHNTDS avatar
cn flag
SEWTGIYWTKHNTDS
I have used LINUX file system permissions to do this in the past, set the owner of the users private directory to the specific user and then change the permission to 700. The others will not be able to access the directory, but the specific user should. Then set the remainder of the files to world readable, writable by a specific group (and change the ownership of the files to a user in that group). Remove the samba permission from your shares and add the users to the relevant linux groups. You may need to set the create mask and group in the smb.conf so new files have correct permissions
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.