Overview
There might be cases where you want to grant access to a volume for a group of users (e.g., access to /DATA/Producers
to all the producer users), but at the same time you want to restrict one subfolder specifically to one user (e.g., access to /DATA/Producers/DataForEdward/
to only Edward’s user).
Such configuration is not supported out of the box by Xinet, but it can be set up by following the steps below.
Process
- Open the Samba configuration file, which is located in the following path:
/etc/samba/smb.conf
- Add the following configuration blocks to your smb.conf file:
- For the parent folder available to all users (in this example,
/DATA/Producers
):
[smbOnlyProducers]
Replace the value for the
path = /DATA/Producers
writeable = yes
browseable = yes
vfs objects = xinetnamespace,xinetfilehandling
veto files = /.HSResource/.HSancillary/.HSIcon/.HSfidw/.HSxmap/TheFindByContentFolder/TheVolumeSettingsFolder/NetworkTrash Folder/.TemporaryItems/.DS_Store/.VolumeIcon.icns
delete veto files = yes
hide dot files = yes
read only = yes
guest ok = no
create mask = 777
directory mask = 777
comment = smbOnlyProducers
valid users = wnv
write list = wnvpath
variable with the folder you would like to restrict the access.
- For the subfolder available to only one user (in this example,
/DATA/Producers/DataForEdward
):
[smbOnlyProducerEdward]
Replace the value for the
path = /DATA/Producers/DataForEdward
writeable = yes
browseable = yes
vfs objects = xinetnamespace,xinetfilehandling
veto files = /.HSResource/.HSancillary/.HSIcon/.HSfidw/.HSxmap/TheFindByContentFolder/TheVolumeSettingsFolder/NetworkTrash Folder/.TemporaryItems/.DS_Store/.VolumeIcon.icns
delete veto files = yes
hide dot files = yes
create mask = 0777
directory mask = 0777
comment = smbOnlyProducerEdward
valid users = Edward
write list = Edwardpath
variable with the subfolder you would like to enable access to only one user.
Replace the values forvalid users
andwrite list
variables with the ID of the user which will have exclusive access to the folder. In our example, we provided access only to the user named Edward.
- For the parent folder available to all users (in this example,
- Save the changes.
- Restart the Samba service with the following command
systemctl restart smb.service
Confirmation
The subfolder will only be accessible via SMB for the user you specified (in our example Edward).
Comments
0 comments
Please sign in to leave a comment.