On Thu, Dec 31, 2009 at 7:35 AM, Martin Balint <[email protected]>wrote:
> Hello, > I configured samba fileserver as a member of samba domain. PDC and > fileserver are different machines. > It works great using windows sharing. > Now, I need to set up apache to serve my shares, but I am having > problem with permissions. Apache runs as www-user, and doesn't see > content in shares. > So I would like to ask, what is the proper way to use apache (or > another http server) to serve files on file server. > Using Ubuntu 9.10 and Samba 3.4.0-3ubuntu5.1. > > Thanks for help, > Martin > > Right now, my configuration is: > smb.conf > [global] > workgroup = DOMAIN.EU > netbios name = share2 > server string = %h server (Samba, Ubuntu) > log file = /var/log/samba/log.%m > max log size = 1000 > syslog = 0 > panic action = /usr/share/samba/panic-action %d > > winbind separator = + > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind enum users = yes > winbind enum groups = yes > > security = domain > password server = * > > [software] > comment = Shared software > path = /srv/fileserver/software > force group = "DOMAIN.EU+domain users" > create mask = 0660 > directory mask = 0770 > writable = yes > > /etc/nsswitch.conf: > passwd: compat winbind > group: compat winbind > > # ls -la /srv/fileserver/software/ > total 20 > drwxrwxrwx 5 root root 4096 2009-12-31 12:12 > . > drwxr-xr-x 3 root root 4096 2009-12-31 00:08 > .. > drwxrwx--- 2 DOMAIN.EU+martin DOMAIN.EU+domain users 4096 2009-12-31 00:24 > test2 > drwxrwx--- 2 DOMAIN.EU+martin DOMAIN.EU+domain users 4096 2009-12-31 12:11 > test3 > drwxrwx--- 2 DOMAIN.EU+martin DOMAIN.EU+domain users 4096 2009-12-31 12:12 > test4 > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > I guess you are trying to do this with wedav. I've looked and have not found a good Linux solution. To use Apache, you would have to write a listener that forks an Apache process as the user. That is expensive and there is no pre-built solution out there. We finally gave up and used Windows 2008 with IIS 7 which can do this natively. We set-up a web site who's root is our samba share (we only have one share and specify all permissions through ACLs). This preserves permissions and owners so that quotas are not thrown off. We initially did some nasty group member things to get it to work with Apache, but the management overhead was a nightmare and went with the Windows solution even though we wanted to go Linux. Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
