Setting up a Samba Server in few steps
Posted by vigosan, Fri Apr 04 10:08:00 UTC 2008
I will try to explain here the work we have done for implementing a linux-samba server with several users and folder privileges, of course, for server issues, we are going to use Debian distribution.
First at all, we need to install the samba packages as follow:
boxroom:# apt-get install samba samba-common
The next step is creating the users:
boxroom:# useradd -s /usr/sbin/nologin pini boxroom:# smbpasswd -a pini boxroom:# useradd -s /usr/sbin/nologin pon boxroom:# smbpasswd -a pon
And the groups, for example:
boxroom:# groupadd cartoons
The group cartoons will include both users:
boxroom:# usermod -a -G cartoons pini boxroom:# usermod -a -G cartoons pon
Now, we need to share one folder, in my case the /intranet one:
boxroom:# chmod 775 /intranet
And finally we edit the /etc/samba/smb.conf:
[global] workgroup = factory server string = Intranet # In my case I have a WINS Server in my network, so I use it, why not… wins support = no wins server = 192.168.100.2 ####### Authentication ####### security = user encrypt passwords = true invalid users = root [Intranet] comment = Intranet path = /intranet guest ok = no browseable = yes writable = yes create mask = 6770 directory mask = 6770
Now, we are going to create three folders for showing you how the permissions work:
boxroom:# cd /intranet warehouse:/intranet# mkdir fpini warehouse:/intranet# mkdir fpon warehouse:/intranet# mkdir public
And we set the permissions:
warehouse:/intranet# chmod –R 6770 fpini fpon warehouse:/intranet# chown pini:pini fpini warehouse:/intranet# chown pon:pon fpon warehouse:/intranet# chmod –R 6775 public warehouse:/intranet# chown -R pini:cartoons public
In this case, Pini can access to fpini and public folders and Pon to fpon and public. Also, Pini can’t write in Pon folder and vice versa. In the case of plublic folder, all the users can see it, but only Pini or the users that belongs to cartoons group can write or delete files.
So that’s all, I hope you have enough information for setting your own intranet, bye.