Sams Teach Yourself Samba in 24 Hours
Hour 4: Installing and Testing the Configuration
Previous
Hour
|
Sections in this Chapter: |
|
|
|
||
|
||
|
||
|
||
|
||
|
||
|
|
Sams Teach Yourself Samba in 24 Hours |
|
|||||||||||||||||||||||||
|
Hour 4: Installing and Testing the Configuration |
|
|||||||||||||||||||||||||
|
Setting up home directories in Samba is very similar to setting up the group share that was discussed in the previous section. The main difference is that I want to enforce the rule that only the owner is permitted to connect to a particular home directory. In other words, I don't want to allow Joe to connect to the boss's home directory. That would be bad.
When I set up the shared group directory, it was necessary to verify that the boss and Joe had valid UNIX accounts on the server. Under normal circumstances, these UNIX accounts also have some disk space allocated as the user's home directory. Rather than allocate new space, I configure Samba to share the user's home directory specified in the UNIX account database (that is, //passwd). Here are the parameters that need to be added to smb.conf to make the home directories available:
; share name
[homes]
comment = Unix home directory space
path = %H
writeable = yes
valid users = %S
create mode = 0600
directory mode = 0700
locking = no
I've not included comments in this section because most of the settings are similar to the parameters used in definition of [boss1]. There are a few differences that should be noted.
The first is the name of the share or service, [homes]. Home directories are something of a special case. During a connection attempt from a client, the share name [homes] will be substituted with the username sent by the connecting client. This means that if my boss is attempting to connect to her home directory, she can specify either the network path \\EAGLE\homes or \\EAGLE\boss. Samba interprets both as the same share. Figure 4.4 illustrates how Samba creates the [homes] share for each user at connection time. If the user exists in /ect/passwd, Samba uses the home directory path defined in the user's entry for the location of the [homes] folder.
Figure
4.4
Samba creates and expands the %H variable from the home directory specified in /etc/passwd at run time.
The second item is the valid users = %S entry. The %S variable is expanded at connection time to the name of the share. Remember that the [homes] share is renamed at run time to the username sent by the connecting client. By allowing only connections from a user who has the same username as the name of the share, Joe is prevented from accessing \\EAGLE\boss. This method works even if the permissions on the /home/boss are set to be world writeable (that is, rwxrwxrwx).
|
Sams Teach Yourself Samba in 24 Hours |
|
|||||||||||||||||||||||||
|
Hour 4: Installing and Testing the Configuration |
|
|||||||||||||||||||||||||
|
© Copyright Macmillan USA. All rights reserved.
){kind=link}