Hallo,
ich bin ratlos, Samba spielt bei den ZUugriffen der WinXP-Clients uaf den OpenSuse 11.2-File-Server scheinbar keine Rolle. Untersagungen des Zugriffs in Samba scheinen folgenlos, Untersagungen in den Unix-Rechte wirken sich sofort aus. Woran kann das liegen?
Anbei meine smb.conf (gekuerzt um einige weitere Freigaben). Eingeschraenkt ist die Freigabe bigfilm/01-temporaer fuer den User thomas, der kann aber trotzdem zugreifen.
Die Unix-Rechte sind: Owner+Group view+modify, others forbidden. Owner root, group users.
# Samba config file created using SWAT
# from UNKNOWN (0.0.0.0)
# Date: 2010/01/23 07:51:17
[global]
logon drive = P:
domain master = Yes
map to guest = Bad User
passdb backend = smbpasswd
logon home = \\%L\%U\.9xprofile
cups options = raw
server string = BIGPC
logon path = \\%L\profiles\.msprofile
workgroup = MORISCHE.DE
os level = 65
debug level = 3
printcap name = cups
security = user
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
usershare allow guests = No
domain logons = Yes
local master = Yes
preferred master = Yes
wins server =
wins support = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
write list = root
[homes]
comment = Home Directories
valid users = %S, %D%w%S
read only = No
inherit acls = Yes
browseable = No
browsable = No
[profiles]
comment = Network Profiles Service
path = %H
read only = No
create mask = 0600
directory mask = 0700
store dos attributes = Yes
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775
[bigfilm/01-temporaer]
writeable = yes
valid users = @DREAM
invalid users = thomas
path = /BIGFILM/01-TEMPORAER
write list = @DREAM
inherit acls = Yes
Thomas M.
ich bin ratlos, Samba spielt bei den ZUugriffen der WinXP-Clients uaf den OpenSuse 11.2-File-Server scheinbar keine Rolle. Untersagungen des Zugriffs in Samba scheinen folgenlos, Untersagungen in den Unix-Rechte wirken sich sofort aus. Woran kann das liegen?
Anbei meine smb.conf (gekuerzt um einige weitere Freigaben). Eingeschraenkt ist die Freigabe bigfilm/01-temporaer fuer den User thomas, der kann aber trotzdem zugreifen.
Die Unix-Rechte sind: Owner+Group view+modify, others forbidden. Owner root, group users.
# Samba config file created using SWAT
# from UNKNOWN (0.0.0.0)
# Date: 2010/01/23 07:51:17
[global]
logon drive = P:
domain master = Yes
map to guest = Bad User
passdb backend = smbpasswd
logon home = \\%L\%U\.9xprofile
cups options = raw
server string = BIGPC
logon path = \\%L\profiles\.msprofile
workgroup = MORISCHE.DE
os level = 65
debug level = 3
printcap name = cups
security = user
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$
usershare allow guests = No
domain logons = Yes
local master = Yes
preferred master = Yes
wins server =
wins support = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
write list = root
[homes]
comment = Home Directories
valid users = %S, %D%w%S
read only = No
inherit acls = Yes
browseable = No
browsable = No
[profiles]
comment = Network Profiles Service
path = %H
read only = No
create mask = 0600
directory mask = 0700
store dos attributes = Yes
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775
[bigfilm/01-temporaer]
writeable = yes
valid users = @DREAM
invalid users = thomas
path = /BIGFILM/01-TEMPORAER
write list = @DREAM
inherit acls = Yes
Thomas M.