这是一个创建于 2116 天前的主题,其中的信息可能已经有所发展或是发生改变。
最近在调试单位的 Samba,使用中发现” admin users “这个参数好像没什么作用,于是百度,发现有两种说法
a)设置在[global]下面,是整个 Samba 的管理员
b)设置在[folder]下面,是该共享目录的管理员
然后我自己在 VMware 里面测试,发现无论怎么配置,admin users 设定的账号始终是无效。
请问各位大神,这个参数到底有什么作用啊??
a)设置在[global]下面,是整个 Samba 的管理员
b)设置在[folder]下面,是该共享目录的管理员
然后我自己在 VMware 里面测试,发现无论怎么配置,admin users 设定的账号始终是无效。
请问各位大神,这个参数到底有什么作用啊??
 |
1
Humorce 2019-01-23 16:18:28 +08:00
|
 |
2
milestonev6 OP @Humorce 感谢你的回答,如文档所说:
admin users This option specifies a list of users that perform file operations as if they were root. This means that they can modify or destroy any other user's files, regardless of the permissions. Any files that they create will have root ownership and will use the default group of the admin user. The admin users option allows PC users to act as administrators for particular shares. Be very careful when using this option, and make sure good password and other security policies are in place. At the other end of the spectrum, you can explicitly specify users who will be allowed superuser (root) access to a share with the admin users option. An example follows: [sales] path = /home/sales comment = Sedona Real Estate Sales Data writable = yes valid users = sofie shelby adilia admin users = mike 但是经过测试: [folder] path = /home/sales writable = yes valid users = user1 admin users = admin 以上配置只有 user1 能够进入,admin 死活进不去 - -。 有一直在使用 samba 的大神吗,Help~ |
 |
3
hoyixi 2019-01-23 17:03:08 +08:00
# 2
"admin 死活进不去", 你在 samba 服务器添加 admin 这个用户给 samba 了吗? |
 |
4
yulgang 2019-01-23 17:09:48 +08:00
[share]
path = /mnt/sda1/downloads valid users = admin read only = no guest ok = no create mask = 0700 directory mask = 0700 #follow symlinks follow symlinks = yes wide links = yes smbpasswd 里还要加 admin 用户,然后应该就能进去了。 |
|
5
milestonev6 OP @hoyixi 添加了呀,没有这个用户的话 pdbedit 是会报错吧?
|
|
6
milestonev6 OP @yulgang 我的理解是,管理员应该是不受” valid users “ 、“ read only ”这类参数限制的,你试下把 valid users 这条参数去掉 admin 就没权限了。
|
|
7
milestonev6 OP @hoyixi 上条看错,添加了 pdbedit -L 是有这个用户的。
|
|
8
yulgang 2019-01-24 09:25:41 +08:00
@milestonev6 我也弄不太懂这个东西,不过我的配置在路由器里是生效的,admin 访问 downloads 目录可以读写,匿名登陆到 public 只读。
# smbd -V Version 3.6.25 #cat /opt/etc/samba/smb.conf [global] netbios name = RT-AC68U display charset = UTF-8 interfaces = 127.0.0.1/8 lo 192.168.1.1/24 br0 server string = ASUS RT-AC68U Samba Shares unix charset = UTF-8 workgroup = WORKGROUP browseable = yes deadtime = 30 domain master = yes encrypt passwords = true enable core files = no guest account = nobody guest ok = yes invalid users = root local master = yes load printers = no map to guest = Bad User max protocol = SMB2 min receivefile size = 16384 null passwords = yes obey pam restrictions = yes os level = 20 passdb backend = smbpasswd preferred master = yes printable = no security = user smb encrypt = disabled smb passwd file = /opt/etc/samba/smbpasswd socket options = TCP_NODELAY IPTOS_LOWDELAY syslog = 2 use sendfile = yes writeable = yes unix extensions = no [share] path = /mnt/sda1/downloads valid users = admin read only = no guest ok = no create mask = 0700 directory mask = 0700 #follow symlinks follow symlinks = yes wide links = yes [public] path = /mnt/sda1/public #valid users = nobody read only = yes guest ok = yes #create mask = 0700 directory mask = 0700 #follow symlinks follow symlinks = yes wide links = yes |
|
9
milestonev6 OP @yulgang 唔,我看了下,你这个应该没有设置到管理员用户吧?也就是"admin users"这个参数,你只是允许 admin 这个用户访问 share。
|
|
10
yulgang 2019-01-24 11:04:09 +08:00
@milestonev6 对的,只有 admin 可以读写 share,看来我发的不是你要的东西 哈哈哈,不好意思。
|
Select Language