ewalstad
asked on
Samba, Win98 Password Prob when not 'root'
From my Win98 machine, I can see all Samba shares.
When I log into my Win98 as 'root' I can write to all the Samba shares. However, when I log into Win98 as ewalstad, I only have write access to /home/ewalstad/.
When I try to write to other folders, I get an 'Access Denied' error from Windows.
I need to have read & write access to the entire structure when I log in as ewalstad. How do I do this?
Here's my smbconf file:
#======================= Global Settings ==========================
[global]
workgroup = energywright
server string = Samba Server on Caldera OpenLinux
hosts deny = ALL
hosts allow = 192.168.1. 127.
guest account = guest
log file = /var/log/samba.d/smb.%m
max log size = 50
socket options = TCP_NODELAY
name resolve order = lmhosts wins bcast
dns proxy = no
#=========================
[homes]
comment = Home Directories
path = %H/home
valid users = %S
only user = yes
browseable = yes
writable = yes
create mask = 0750
# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
[erics]
comment = ewalstad, ericw & root
path = /
valid users = ewalstad ericw root
writable = yes
When I log into my Win98 as 'root' I can write to all the Samba shares. However, when I log into Win98 as ewalstad, I only have write access to /home/ewalstad/.
When I try to write to other folders, I get an 'Access Denied' error from Windows.
I need to have read & write access to the entire structure when I log in as ewalstad. How do I do this?
Here's my smbconf file:
#======================= Global Settings ==========================
[global]
workgroup = energywright
server string = Samba Server on Caldera OpenLinux
hosts deny = ALL
hosts allow = 192.168.1. 127.
guest account = guest
log file = /var/log/samba.d/smb.%m
max log size = 50
socket options = TCP_NODELAY
name resolve order = lmhosts wins bcast
dns proxy = no
#=========================
[homes]
comment = Home Directories
path = %H/home
valid users = %S
only user = yes
browseable = yes
writable = yes
create mask = 0750
# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
[erics]
comment = ewalstad, ericw & root
path = /
valid users = ewalstad ericw root
writable = yes
Basically you are running into the normal unix protection system. Samba is required to obey the Unix file protections and can't give you access to things that you wouldn't have access to if you were logged on the Linux system as that user. Root has full access to everything, but ewalstad doesn't (prove by directly logging in to your Linux box as ewalstad and trying to copy a file to, say /usr/bin). I think you'll find that you can write to some areas of the "erics" share, like /tmp, because anyone can write to /tmp.
Oh and I meant to end that comment with...
If you want to be able to write to anywhere on the system you have to be root. If you have specific places that you need to be able to write to from a PC (an htdoc dir, a common file store, etc) that aren't going to compromise the system, you could change the permissions on those areas, and those areas only, to allow non-root write privs.
If you want to be able to write to anywhere on the system you have to be root. If you have specific places that you need to be able to write to from a PC (an htdoc dir, a common file store, etc) that aren't going to compromise the system, you could change the permissions on those areas, and those areas only, to allow non-root write privs.
I fell into the same problem. I got around this by placing my putting Win UID (which is 'mapped' in etc/smbusers file to my Linux log on)into the group 'root'.
Sometimes it is better to leave the access denials in place, as MS do some funny things with file structures sometimes...
Nick
Sometimes it is better to leave the access denials in place, as MS do some funny things with file structures sometimes...
Nick
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks, Michael, but a few thoughts...
Surely by using smbuser to map my win UID to my Linux UID 'root' this only allows a root log-in as per su command in telnet etc anyway? The smb.conf is set for only user. I only done this so I can have full access to my machine (486) via my win machine (233) for faster access speeds. How do I get full access via smb otherwise? [apart from logging in Win as root =8^(__) ], which is basically what I am doing anyway?
Cheers,
Nick
Surely by using smbuser to map my win UID to my Linux UID 'root' this only allows a root log-in as per su command in telnet etc anyway? The smb.conf is set for only user. I only done this so I can have full access to my machine (486) via my win machine (233) for faster access speeds. How do I get full access via smb otherwise? [apart from logging in Win as root =8^(__) ], which is basically what I am doing anyway?
Cheers,
Nick