samba a dedeni prav, delsi
temporary
temporary na jannovak.cz
Čtvrtek Únor 2 17:44:43 CET 2006
jeste doplnuji:
# net groupmap list | sort
Account Operators (S-1-5-32-548) -> -1
Administrators (S-1-5-32-544) -> -1
Backup Operators (S-1-5-32-551) -> -1
Domain Admins (S-1-5-21-3462872969-3411418659-3546968340-512) -> root
Domain Guests (S-1-5-21-3462872969-3411418659-3546968340-514) -> -1
Domain Users (S-1-5-21-3462872969-3411418659-3546968340-513) -> users
Guests (S-1-5-32-546) -> -1
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Replicators (S-1-5-32-552) -> -1
System Operators (S-1-5-32-549) -> -1
Users (S-1-5-32-545) -> -1
temporary wrote:
> Dobry den vespolek,
>
> resim nasledujici problem:
>
> Samba (3.0.14a-Debian) funguje jako PDC, pokud kdokoliv vytvori
> soubor/adresar v serverovem sharu je vlastnikem toho souboru/adresare
> vzdy root.
>
> Stale se nemohu dopatrat proc neni vlastnikem ten, kdo adresar vytvoril.
>
> situace vypada nasledovne:
>
> # mount | grep data
> /dev/md1 on /data type xfs (rw)
>
> # getfacl /data
> getfacl: Removing leading '/' from absolute path names
> # file: data
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x
>
> # getfacl /data/install/
> getfacl: Removing leading '/' from absolute path names
> # file: data/install
> # owner: root
> # group: users
> user::rwx
> group::rwx
> other::---
>
> # cat /etc/samba/smb.conf
>
> [global]
> workgroup = GRUPPE
> server string = %h server
> wins support = yes
> dns proxy = no
> security = user
> encrypt passwords = true
> passdb backend = tdbsam guest
> obey pam restrictions = yes
> guest account = nobody
> invalid users = root
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\spassword:* %n\n *Retype\snew\spassword:*
> %n\n .
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = yes
> domain master = yes
> preferred master = yes
> os level = 128 nt acl support = yes
> hosts allow = 192.168.1.0/24, 127.0.0.1
> hosts deny = 0.0.0.0/0
> nt acl support = yes
> map acl inherit = Yes
> domain logons = yes
>
>
> [netlogon]
> comment = Network Logon Service
> path = /data/netlogon
> guest ok = yes
> writable = no
> share modes = no
>
> [install]
> path = /data/install
> browseable = yes
> read only = no
> share modes = yes
> directory mode = 0770
> create mode = 0660
> hide dot files = yes
> force group = users
>
>
>
>
> Predem diiky za nakopnuti spravnym smerem :]
>
> --
> temporary
Další informace o konferenci Linux