Hi Dale, thanks for the explanation.
I understand were you are coming from now.
I certainly hope to be of help to you someday.
God bless.
Dale Schroeder wrote:
I have nothing against posix acl's. In fact, I make sure I install
the acl package on every Debian system I build. It's just a
preference. I like the way things behave with group permissions. I
prefer to administer through permissions. If I use posix acl's, it is
usually to remove a permission rather than add. If it is your
preference to set controls via acl's, then do what is most comfortable
for you.
Conversely, I use Windows acl's quite a bit to fine tune access on
shares _from_ Windows systems. The flexibility is much greater in
Windows acl's, and do much more for me than posix acl's. That being
said, I still prefer the power of posix systems for servers, and use
them whenever feasible. More info
here: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id376593
I am not the world's foremost expert on nix; just someone like you,
learning new things, using that which I've experienced to try to help
someone else. I hope I've done some of that for you! :-\
Dale
jayendren anand maduray wrote:
Hi Dale.
Thank you for this.
I will try some tests.
Can you elaborate on why you do not like ACLs?
Had some bad experiences?
God bless.
Dale Schroeder wrote:
Jayendren,
Rather than acls, my preference (and it's only a preference) would
be to create a group for the database users. Add user1 and user2 to
that group. Then ==>
chown root.database_group /srv/samba/file-server/studies/databases
For security, let the permissions of this directory be no greater
than 775. (It looks like that is what you already have.) If you go
with MySQL, you can customize the access levels on a user-by-user
basis on global settings, database settings, table settings, etc.
The security options list is quite extensive. If you prefer GUI
administration of MySQL (I do), Navicat is the program of choice.
http://www.navicat.com/
It's not free, but is an affordable extension to a free database server.
The only things I would say need changing in your smb.conf are:
create mode = 0775
veto oplock files = /*.mdb/*.MDB*/* #don't forget the trailing
slash (/)
Good luck to you, Nick, and Nico.
Dale
jayendren anand maduray wrote:
Hi Dale.
Thanks for this, would you guys be able to send me a complete
example, that would allow read/write access for two users
(you can call them user1, and user2)
Alternatively, you can comment on this one:
--
Creating the directories, and set permissions:
#mkdir /srv/samba/file-server/studies/databases
#setfacl -R -m u:user1:rwx,u:user2:rwx
/srv/samba/file-server/studies/databases
#getfacl /srv/samba/file-server/studies/databases
# file:
# owner: root
# group: root
user::rwx
user:user1:rwx
user:user2:rwx
group::r-x
mask::rwx
other::r-x
The share entry in smb.conf:
[databases]
path = /srv/samba/file-server/studies/databases
create mode = 0777
writeable = yes
browseable = yes
valid users = user1 user2 root
writelist = user1 user2 root
veto oplock files = /*.mdb/*.MDB
nt acl support = yes
nt pipe support = yes
nt status support = yes
inherit permissions = yes
inherit acls = yes
#smbcontrol smbd reload-config
Global parameter acl compatibility found in service section!
--
Nick/Nico, we must look at moving access databases to SQL/MySQL
backends, soon.
(See message from Dale/David below)
God bless.
Dale Schroeder wrote:
jayendren anand maduray wrote:
Hi All.
Greetings from South Africa.
I have a Samba LDAP server (v 3.022) running on Ubuntu 6.10
Its serving about 200 users, with profiles, and domain logons.
I want to start serving MS Access Databases on it, with the best
speed performance as possible.
At the moment, the back ends for these databases, are about 200+
MB, and will grow over the next few years.
Basically, the share should serve about 4 users, with read/write
access.
I am using the XFS file system, with ACL support.
Has anyone setup such shares in smb.conf?
I would really like to see an example.
Lastly, I do not think I want to use oplocks.
That's a wise choice. In the share, use:
veto oplock files = /*.mdb/*.MDB/
David's suggestion about splitting the databases into Access
frontend and MySQL backend is also wise. It has been my
experience that large Access databases corrupt quite easily. That
no longer happens in the setup David mentioned.
Dale
Any help, will be greatly appreciated.
God bless.
*Ellison, David* david.ellison at atkinsglobal.com
<mailto:samba%40lists.samba.org?Subject=%5BSamba%5D%20Serving%20MS%20Access%20Databases%2C%20with%20ACL&In-Reply-To=47288B56.2010206%40hivsa.com>
/Wed Oct 31 15:03:52 GMT 2007/
Greetings,
This is a little off topic, but may be usefull to you. If the DB is
going to grow much more than that, I would use a real SQL backend to the
database. The MS Access DB backend is ok, however starts to suffer when
they become huge, by the sounds of things they may. I am sure there are
people with 700mb, 900mb etc Access databases, but its best to split the
front end from the database and use a SQL database like MySQl for the
backend.
Just food for thought :)
Cheers.
Dave
--
Jayendren Anand Maduray
Microsoft Certified Professional
Network Plus
Senior IT Administrator
Perinatal HIV Research Unit
Wits Health Consortium
University of the Witwatersrand
Alternate email address: [EMAIL PROTECTED]
Fax Number: 0866857317
...There are 10 types of people,
those who understand binary
and those who do not...
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG.
Version: 7.5.503 / Virus Database: 269.15.15/1101 - Release Date: 10/31/2007 10:06 AM
--
Jayendren Anand Maduray
Microsoft Certified Professional
Network Plus
Senior IT Administrator
Perinatal HIV Research Unit
Wits Health Consortium
University of the Witwatersrand
Alternate email address: [EMAIL PROTECTED]
Fax Number: 0866857317
...There are 10 types of people,
those who understand binary
and those who do not...
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG.
Version: 7.5.503 / Virus Database: 269.15.17/1103 - Release Date: 11/1/2007 6:01 AM
--
Jayendren Anand Maduray
Microsoft Certified Professional
Network Plus
Senior IT Administrator
Perinatal HIV Research Unit
Wits Health Consortium
University of the Witwatersrand
Alternate email address: [EMAIL PROTECTED]
Fax Number: 0866857317
...There are 10 types of people,
those who understand binary
and those who do not...
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
