Re: rant: cifs utterly screwed in fedora 18
On Sun, 27 Jan 2013 19:48:57 -0800 Gordon Messmer wrote: ... map to guest = Bad User ... Just as I suspected from the last time I tried to avoid SHARE security, this still triggers credentials prompts in Windows XP (though it doesn't much care what credentials you provide). It seems the simplest fix is to go ahead and switch to user security and put in a startup .bat file to do a net use command with the user and password built into it (thus providing the exact same level of security as user SHARE provided, only being forced to go over the river and through the woods to achieve the same thing). This has the additional advantage of fixing a separate problem where Windows is too stupid to wait for the network to be up before trying to attach network shares. I can use a ping of a nonexistant IP address to add a delay before the net use. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: rant: cifs utterly screwed in fedora 18
On 01/29/2013 03:57 PM, Tom Horsley wrote: Just as I suspected from the last time I tried to avoid SHARE security, this still triggers credentials prompts in Windows XP (though it doesn't much care what credentials you provide). You didn't say anything about XP. Not that I have an XP machine to test with. Windows 7 never showed an authentication prompt on the file that I posted (and that was the *entire* configuration file). Not to access the list of shares or the test share contents. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: rant: cifs utterly screwed in fedora 18
On 01/25/2013 06:21 AM, Tom Horsley wrote: smbd[20596]: WARNING: Ignoring invalid value 'SHARE' for parameter 'security' This is unacceptably stupid. The guys with the tinfoil hats who think that connecting a computer to AC power is insecure have obviously taken over. It is now utterly impossible to provide a windows share from a linux box that can be connected without the windows side asking for credentials. Nevermind that the entire LAN is isolated behind a firewall. Nevermind that all users inside that firewall are trusted and will be pissed off that they constantly have to provide credentials for no reason. Nevermind that there is nothing in the shared directory but things like copies of holiday snapshots. Oh no! The security geeks need to make sure I'm protected from myself. Just because it is my computer, my LAN, and my data is no reason I get to decide how I want to use it. I'm too ignorant for that. Now, please use this rant as motivation to prove I'm wrong by posting a tested, working, smb.conf file that provides a read/write windows file share which requires no credentials prompt on the windows box. (Merely mentioning things you've heard ought to work isn't useful - I've tried them all - I need a working tested example). Sheesh! This works for XP: $ more smb.conf [global] workgroup = LITTERBOX server string = samba security = share passdb backend = tdbsam load printers = no guest account = fshare os level = 99 wins support = yes name resolve order = wins lmhosts hosts bcast domain master = yes preferred master = yes [pub] comment = data directory path = /var/pub writeable = yes public = yes guest ok = yes create mode = 0664 directory mask = 0775 -- -- Steve -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: rant: cifs utterly screwed in fedora 18
Am 28.01.2013 14:01, schrieb Steven Stern: This works for XP: public below may work $ more smb.conf [global] workgroup = LITTERBOX server string = samba security = share this works surely not with samba 4.0.x or better said has no effect if you re-read the OP passdb backend = tdbsam load printers = no guest account = fshare os level = 99 wins support = yes name resolve order = wins lmhosts hosts bcast domain master = yes preferred master = yes [pub] comment = data directory path = /var/pub writeable = yes public = yes guest ok = yes create mode = 0664 directory mask = 0775 signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: rant: cifs utterly screwed in fedora 18
On 01/28/2013 07:15 AM, Reindl Harald wrote: Am 28.01.2013 14:01, schrieb Steven Stern: This works for XP: public below may work $ more smb.conf [global] workgroup = LITTERBOX server string = samba security = share this works surely not with samba 4.0.x or better said has no effect if you re-read the OP passdb backend = tdbsam load printers = no guest account = fshare os level = 99 wins support = yes name resolve order = wins lmhosts hosts bcast domain master = yes preferred master = yes [pub] comment = data directory path = /var/pub writeable = yes public = yes guest ok = yes create mode = 0664 directory mask = 0775 Sorry... misposted. -- -- Steve -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: rant: cifs utterly screwed in fedora 18
On 01/25/2013 04:21 AM, Tom Horsley wrote: Now, please use this rant as motivation to prove I'm wrong by posting a tested, working, smb.conf file that provides a read/write windows file share which requires no credentials prompt on the windows box. Fine. I tested the configuration that follows. It is the default configuration plus two settings, map to guest and guest ok on the appropriate share. The Windows client that I tested did not prompt me for any password. First, though: http://fedoraproject.org/wiki/Mailing_list_guidelines#Be_Courteous There's not nearly enough of this. Remember that you are asking for help from people who have no obligation to help you. Please behave like an adult and avoid abusive tone when addressing people who have done you no wrong. [global] workgroup = MYGROUP log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam map to guest = Bad User [test] comment = test path = /srv/test browseable = yes writable = yes guest ok = yes -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
rant: cifs utterly screwed in fedora 18
smbd[20596]: WARNING: Ignoring invalid value 'SHARE' for parameter 'security' This is unacceptably stupid. The guys with the tinfoil hats who think that connecting a computer to AC power is insecure have obviously taken over. It is now utterly impossible to provide a windows share from a linux box that can be connected without the windows side asking for credentials. Nevermind that the entire LAN is isolated behind a firewall. Nevermind that all users inside that firewall are trusted and will be pissed off that they constantly have to provide credentials for no reason. Nevermind that there is nothing in the shared directory but things like copies of holiday snapshots. Oh no! The security geeks need to make sure I'm protected from myself. Just because it is my computer, my LAN, and my data is no reason I get to decide how I want to use it. I'm too ignorant for that. Now, please use this rant as motivation to prove I'm wrong by posting a tested, working, smb.conf file that provides a read/write windows file share which requires no credentials prompt on the windows box. (Merely mentioning things you've heard ought to work isn't useful - I've tried them all - I need a working tested example). Sheesh! -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: rant: cifs utterly screwed in fedora 18
Am 25.01.2013 13:21, schrieb Tom Horsley: smbd[20596]: WARNING: Ignoring invalid value 'SHARE' for parameter 'security' This is unacceptably stupid. The guys with the tinfoil hats who think that connecting a computer to AC power is insecure have obviously taken over. It is now utterly impossible to provide a windows share from a linux box that can be connected without the windows side asking for credentials tell this the samba developers security = share is deprecated since years but where is the problem to store the credentials signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org