Erlend Sannerud wrote:
Hi folks
I'm new to this list, fresh into linux and samba. Simply love it :-)
I have a customer that have about 10 XP pro machines connected to a
linux samba server. Since there are a quite few documents that only two
of the users are going to see, I use groups and different shares.
This setup have been working for a while. Today everyone got access to
everything - not good. Actualy very very very bad. I have tried to
reboot the smbd service, reboot the whole server and I even tried to
delete users and groups, and make new ones. No go.
1. it's time to go for upgrade - I suggest 2.2.8a if you do not want to go to 3.0.
2. when configuring access permissions, its better if you do it not just rely on smb.conf parameters (as valid users, read list ...), but on filesystem level perms too. Filesystem level perms might be a second level block - in case Samba (e.g. because of bug or misconfig) fails.
See - when user wants to access a certain share, Samba daemon (running uner root privileges) forks a process running with priviliges of that user. (only in case you do not use "force user/group" parameter for share). If you set filesystem perms properly, he cannot simly go to wrong dirs/files.
Dan
P.S. in case rwx access rights params are limiting to you, then go for ACL -> I suggest XFS filesystem (patch and recompile kernel)+ recompile Samba with "--with-acl-support" switch.
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
