smaba的问题!~~

由 ruochen 在 08-27-2003 20:14 发表:

smaba的问题!~~

我的系统是rh9,samba是系统自带的!~~我是在gui环境下配置的!samba的远程管理swat已经配置好了!

我建立两个帐号wangyang和wy,家目录都是在home下,即/home/wangyang和/home/wy,我想把他们的家目录都共享出来,但是/home/wangyang只能wangyang能访问,有读写的权限;/home/wy给所有用户,但是只能读,就这样的权限

我的配置文件如下:

Samba config file created using SWAT

from 210.43.133.45 (210.43.133.45)

Date: 2003/08/27 15:33:02

Global parameters

[global]

server string = samba server

encrypt passwords = yes

obey pam restrictions = Yes

pam password change = Yes

passwd program = /usr/bin/passwd %u

passwd chat = Newpassword* %n\n Retypenewpassword %n\n passwd:allauthenticationtokensupdatedsuccessfully*

unix password sync = Yes

log file = /var/log/samba/%m.log

max log size = 0

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

dns proxy = No

username map = /etc/samba/smbusers

guest ok = yes

printing = cups

[homes]

comment = Home Directories

valid users = %S

writeable = yes

create mask = 0664

directory mask = 0775

browseable = No

[printers]

comment = All Printers

path = /var/spool/samba

printable = Yes

browseable = No

[wangyang]

comment = only wangyang use read and write

path = /home/wangyang

writeable = yes

[wy]

comment = anybody use only read

path = /home/wy

guest ok = yes


由 Glue 在 08-27-2003 20:24 发表:


[wangyang]那一段用不着,因为有[homes],每个用户都能看到自己的 家目录

基于同样理由,[wy]也可以不要,但要把/home/wy的属主换成别的用户,这样的话 wy进来就只能看,不能改了。


-_-


由 ruochen 在 08-27-2003 20:38 发表:


This is the main Samba configuration file. You should read the

smb.conf(5) manual page in order to understand the options listed

here. Samba has a huge number of configurable options (perhaps too

many!) most of which are not shown in this example

Any line which starts with a ; (semi-colon) or a # (hash)

is a comment and is ignored. In this example we will use a

for commentry and a ; for parts of the config file that you

may wish to enable

NOTE: Whenever you modify this file you should run the command "testparm"

to check that you have not made any basic syntactic errors.

#======================= Global Settings =====================================

[global]

workgroup = NT-Domain-Name or Workgroup-Name

server string is the equivalent of the NT Description field

server string = samba server

This option is important for security. It allows you to restrict

connections to machines which are on your local network. The

following example restricts access to two C class networks and

the "loopback" interface. For more examples of the syntax see

the smb.conf man page

; hosts allow = 192.168.1. 192.168.2. 127.

if you want to automatically load your printer list rather

than setting them up individually then you'll need this

printcap name = /etc/printcap

load printers = yes

It should not be necessary to spell out the print system type unless

yours is non-standard. Currently supported print systems include:

bsd, sysv, plp, lprng, aix, hpux, qnx, cups

printing = cups

Uncomment this if you want a guest account, you must add this to /etc/passwd

otherwise the user "nobody" is used

; guest account = pcguest

this tells Samba to use a separate log file for each machine

that connects

log file = /var/log/samba/%m.log

Put a capping on the size of the log files (in Kb).

max log size = 0

Security mode. Most people will want user level security. See

security_level.txt for details.

security = SHARE

Use password server option only with security = server

The argument list may include:

password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]

or to auto-locate the domain controller/s

password server = *

; password server =

  1<nt-server-name>   
  2  
  3  
  4  
  5# Password Level allows matching of _n_ characters of the password for   
  6  
  7# all combinations of upper and lower case.   
  8  
  9; password level = 8   
 10  
 11; username level = 8   
 12  
 13  
 14  
 15# You may wish to use password encryption. Please read   
 16  
 17# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.   
 18  
 19# Do not enable this option unless you have read those documents   
 20  
 21encrypt passwords = yes   
 22  
 23smb passwd file = /etc/samba/smbpasswd   
 24  
 25  
 26  
 27# The following is needed to keep smbclient from spouting spurious errors   
 28  
 29# when Samba is built with support for SSL.   
 30  
 31; ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt   
 32  
 33  
 34  
 35# The following are needed to allow password changing from Windows to   
 36  
 37# update the Linux system password also.   
 38  
 39# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.   
 40  
 41# NOTE2: You do NOT need these to allow workstations to change only   
 42  
 43# the encrypted SMB passwords. They allow the Unix password   
 44  
 45# to be kept in sync with the SMB password.   
 46  
 47unix password sync = Yes   
 48  
 49passwd program = /usr/bin/passwd %u   
 50  
 51passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*   
 52  
 53  
 54  
 55# You can use PAM's password change control flag for Samba. If   
 56  
 57# enabled, then PAM will be used for password changes when requested   
 58  
 59# by an SMB client instead of the program listed in passwd program.   
 60  
 61# It should be possible to enable this without changing your passwd   
 62  
 63# chat parameter for most setups.   
 64  
 65  
 66  
 67pam password change = yes   
 68  
 69  
 70  
 71# Unix users can map to different SMB User names   
 72  
 73; username map = /etc/samba/smbusers   
 74  
 75  
 76  
 77# Using the following line enables you to customise your configuration   
 78  
 79# on a per machine basis. The %m gets replaced with the netbios name   
 80  
 81# of the machine that is connecting   
 82  
 83; include = /etc/samba/smb.conf.%m   
 84  
 85  
 86  
 87# This parameter will control whether or not Samba should obey PAM's   
 88  
 89# account and session management directives. The default behavior is   
 90  
 91# to use PAM for clear text authentication only and to ignore any   
 92  
 93# account or session management. Note that Samba always ignores PAM   
 94  
 95# for authentication in the case of encrypt passwords = yes   
 96  
 97  
 98  
 99obey pam restrictions = yes   
100  
101  
102  
103# Most people will find that this option gives better performance.   
104  
105# See speed.txt and the manual pages for details   
106  
107socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192   
108  
109  
110  
111# Configure Samba to use multiple interfaces   
112  
113# If you have multiple network interfaces then you must list them   
114  
115# here. See the man page for details.   
116  
117; interfaces = 192.168.12.2/24 192.168.13.2/24   
118  
119  
120  
121# Configure remote browse list synchronisation here   
122  
123# request announcement to, or browse list sync from:   
124  
125# a specific host or from / to a whole subnet (see below)   
126  
127; remote browse sync = 192.168.3.25 192.168.5.255   
128  
129# Cause this host to announce itself to local subnets here   
130  
131; remote announce = 192.168.1.255 192.168.2.44   
132  
133  
134  
135# Browser Control Options:   
136  
137# set local master to no if you don't want Samba to become a master   
138  
139# browser on your network. Otherwise the normal election rules apply   
140  
141; local master = no   
142  
143  
144  
145# OS Level determines the precedence of this server in master browser   
146  
147# elections. The default value should be reasonable   
148  
149; os level = 33   
150  
151  
152  
153# Domain Master specifies Samba to be the Domain Master Browser. This   
154  
155# allows Samba to collate browse lists between subnets. Don't use this   
156  
157# if you already have a Windows NT domain controller doing this job   
158  
159; domain master = yes   
160  
161  
162  
163# Preferred Master causes Samba to force a local browser election on startup   
164  
165# and gives it a slightly higher chance of winning the election   
166  
167; preferred master = yes   
168  
169  
170  
171# Enable this if you want Samba to be a domain logon server for   
172  
173# Windows95 workstations.   
174  
175; domain logons = yes   
176  
177  
178  
179# if you enable domain logons then you may want a per-machine or   
180  
181# per user logon script   
182  
183# run a specific logon batch file per workstation (machine)   
184  
185; logon script = %m.bat   
186  
187# run a specific logon batch file per username   
188  
189; logon script = %U.bat   
190  
191  
192  
193# Where to store roving profiles (only for Win95 and WinNT)   
194  
195# %L substitutes for this servers netbios name, %U is username   
196  
197# You must uncomment the [Profiles] share below   
198  
199; logon path = \\\%L\Profiles\%U   
200  
201  
202  
203# Windows Internet Name Serving Support Section:   
204  
205# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server   
206  
207; wins support = yes   
208  
209  
210  
211# WINS Server - Tells the NMBD components of Samba to be a WINS Client   
212  
213# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both   
214  
215; wins server = w.x.y.z   
216  
217  
218  
219# WINS Proxy - Tells Samba to answer name resolution queries on   
220  
221# behalf of a non WINS capable client, for this to work there must be   
222  
223# at least one WINS Server on the network. The default is NO.   
224  
225; wins proxy = yes   
226  
227  
228  
229# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names   
230  
231# via DNS nslookups. The built-in default for versions 1.9.17 is yes,   
232  
233# this has been changed in version 1.9.18 to no.   
234  
235guest ok = yes   
236  
237dns proxy = no   
238  
239  
240  
241# Case Preservation can be handy - system default is _no_   
242  
243# NOTE: These can be set on a per share basis   
244  
245; preserve case = no   
246  
247; short preserve case = no   
248  
249# Default case is normally upper case for all DOS files   
250  
251; default case = lower   
252  
253# Be very careful with case sensitivity - it can break things!   
254  
255; case sensitive = no   
256  
257  
258  
259#============================ Share Definitions ==============================   
260  
261[homes]   
262  
263comment = Home Directories   
264  
265browseable = no   
266  
267writeable = yes   
268  
269valid users = %S   
270  
271create mode = 0664   
272  
273directory mode = 0775   
274  
275# If you want users samba doesn't recognize to be mapped to a guest user   
276  
277; map to guest = bad user   
278  
279  
280  
281  
282  
283# Un-comment the following and create the netlogon directory for Domain Logons   
284  
285; [netlogon]   
286  
287; comment = Network Logon Service   
288  
289; path = /usr/local/samba/lib/netlogon   
290  
291; guest ok = yes   
292  
293; writable = no   
294  
295; share modes = no   
296  
297  
298  
299  
300  
301# Un-comment the following to provide a specific roving profile share   
302  
303# the default is to use the user's home directory   
304  
305;[Profiles]   
306  
307; path = /usr/local/samba/profiles   
308  
309; browseable = no   
310  
311; guest ok = yes   
312  
313  
314  
315  
316  
317# NOTE: If you have a BSD-style pri</nt-server-name>
Published At
Categories with 服务器类
Tagged with
comments powered by Disqus