samba a dedeni prav, delsi

temporary temporary na jannovak.cz
Čtvrtek Únor 2 17:44:43 CET 2006


jeste doplnuji:

# net groupmap list | sort
Account Operators (S-1-5-32-548) -> -1
Administrators (S-1-5-32-544) -> -1
Backup Operators (S-1-5-32-551) -> -1
Domain Admins (S-1-5-21-3462872969-3411418659-3546968340-512) -> root
Domain Guests (S-1-5-21-3462872969-3411418659-3546968340-514) -> -1
Domain Users (S-1-5-21-3462872969-3411418659-3546968340-513) -> users
Guests (S-1-5-32-546) -> -1
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Replicators (S-1-5-32-552) -> -1
System Operators (S-1-5-32-549) -> -1
Users (S-1-5-32-545) -> -1

temporary wrote:
> Dobry den vespolek,
> 
> resim nasledujici problem:
> 
> Samba (3.0.14a-Debian) funguje jako PDC, pokud kdokoliv vytvori
> soubor/adresar v serverovem sharu je vlastnikem toho souboru/adresare
> vzdy root.
> 
> Stale se nemohu dopatrat proc neni vlastnikem ten, kdo adresar vytvoril.
> 
> situace vypada nasledovne:
> 
> # mount | grep data
> /dev/md1 on /data type xfs (rw)
> 
> # getfacl /data
> getfacl: Removing leading '/' from absolute path names
> # file: data
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x
> 
> # getfacl /data/install/
> getfacl: Removing leading '/' from absolute path names
> # file: data/install
> # owner: root
> # group: users
> user::rwx
> group::rwx
> other::---
> 
> # cat /etc/samba/smb.conf
> 
> [global]
>    workgroup = GRUPPE
>    server string = %h server
>    wins support = yes
>    dns proxy = no
>    security = user
>    encrypt passwords = true
>    passdb backend = tdbsam guest
>    obey pam restrictions = yes
>    guest account = nobody
>    invalid users = root
>    unix password sync = yes
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\spassword:* %n\n *Retype\snew\spassword:*
> %n\n .
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>    local master = yes
>    domain master = yes
>    preferred master = yes
>    os level = 128   nt acl support = yes
>    hosts allow = 192.168.1.0/24, 127.0.0.1
>    hosts deny = 0.0.0.0/0
>    nt acl support = yes
>    map acl inherit = Yes
>    domain logons = yes
> 
> 
> [netlogon]
>    comment = Network Logon Service
>    path = /data/netlogon
>    guest ok = yes
>    writable = no
>    share modes = no
> 
> [install]
>   path = /data/install
>   browseable = yes
>   read only = no
>   share modes = yes
>   directory mode = 0770
>   create mode = 0660
>   hide dot files = yes
>   force group = users
> 
> 
> 
> 
> Predem diiky za nakopnuti spravnym smerem :]
> 
> --
> temporary


Další informace o konferenci Linux