samba - share a user pristup

[Honza Houstek]

> > > > security = share tohle neresi (RTFM). Rozdil mezi security = share a
> > > > security = user je ten, ze u toho prvniho se zcela ignoruje poslane
> > > > username a UID se urci podle hesla (lze definovat poradi jmen, na
> > > > ktera se to heslo bude zkouset).
> > >
> > > Muzu vedet jak?
> >
> > Muzete. man smb.conf zodpovi vsechny vase otazky (zejmena popis
> > direktivy "username" a sekce "NOTE ABOUT USERNAME/PASSWORD VALIDATION").
>
> No nevim, ale nic tam o tom nevidim.

No vidite, a ja ano.

> Asi si nerozumime - nastavim si security = share, povolim pristup jen
> uzivatelum "ADAM, BARA, CARDA" a chci, aby se heslo ktere poslal aklient
> srovnalo s hesly uzivatelu "BARA, CARDA, ADAM v tomto poradi. Takto jsem
> to pochopil z vasi vety "(lze definovat poradi jmen, na ktera se to
> heslo bude zkouset)"

K tomu slouzi prave ta direktiva username, o ktere jste si mohl precist v
man smb.conf.

A vubec, kdyz se do toho odmitate podivat sam, tak vam kus odcituju:

As clients are not required to send a username to the server in share
level security, smbd uses several techniques to determine the correct UNIX
user to use on behalf of the client.

A list of possible UNIX usernames to match with the given client password
is constructed using the following methods :

* If the guest only parameter is set, then all the other stages are missed
  and only the guest account username is checked.

* Is a username is sent with the share connection request, then this
  username (after mapping - see username map), is added as a potential
  username.

* If the client did a previous logon request (the SessionSetup SMB call)
  then the username sent in this SMB will be added as a potential
  username.

* The name of the service the client requested is added as a potential
  username.

* The NetBIOS name of the client is added to the list as a potential
  username.

* Any users on the user list are added as potential usernames.

-- Honza Houstek