Can't Wrap My Head Around It. Permissions

Hello!

I'm setting up my second homeserver and i'm trying a better/safer approach this time.

My last box ran centOS6.5, Plexmediaserver (ntfs mounted drives) ; Samba , znc , ftp & ssh.
Now this machine was perfect still works like a charm. But i want to do things better this time.

So i got an old server HP Proliant ml350 G5 for a buck. I've finally dared to format 3x 2tb drives as Ext4 and have them running in a software RAID 5. (bye bye NTFS)

Now since my parents will also be using this server as backup and fileserver, i need some permissions in my sambashares.

So i've set up a directory at /sambashares and gave Thomas ownership of it.
but now the rest

So what i'm struggling with:

http://i184.photobucket.com/albums/x...ium77/foto.jpg

User Thomas needs to have read/write/execute access to the whole /sambashares dir
(including Patrick & Nane's files)

Patrick needs read/write/execute access to /sambashares/Patrick & /sambashares/"NewItemsHere"
Patrick needs read access in Movies / TvShows
Patrick may not see the data of Thomas or Nane

Nane needs read/write/execute access to /sambashares/Nane & /sambashares/"NewItemsHere"
Nane needs read access in Movies / TvShows
Nane may not see the data of Thomas or Patrick

I already added 2 groups (admins & pheasants)
Thomas is in the admin group.
Nane and Patrick are in Pheasants




Note: If i recall correctly PlexMediaserver needs ownership of the movie files and Tv Shows for it to function correctly.
(not sure about that, might have been a requirement with mounted NTFS drives)

Time is not on my side, i'm at the end of my CCNA certification and my brain is overloaded with routing commands due to exams coming soon! So if anyone could help me on the way with some keystrokes, that would be great.

Cheers!
Thomas


Similar Content



Samba Configuration Not Letting Me Access Files?

Hey guys, I got samba working and I am able to access my files, however I am now trying to learn security with it. i am pretty much trying to allow certain groups access certain files. if you look at samba group you can see that I have @sambausers group to access sambagroup directory.

I have a user called sambatest01. the user can access "samba users only" but the user can access all of the other files as well. what is a correct set up on the other smb.conf to prevent users from accessing this? I cant seem to find a proper set up


[drivers]
path = /files/drivers
browseable = yes
read only = no
guest ok = no
guest only = no


[samba users only]
path = /files/sambagroup
browseable = yes
read only = no
guest ok = no
guest only = no
write list = @sambausers
valid users = @sambausers

Can't Access Samba Share

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:
Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:
[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:
total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Flash Drive Read-only Half Solved

Lots of posts on internet about flash drives ending up read-only in Linux after using on a windows or mac systme. Gather it is a problem with incorrectly ejecting or the ejection being poorly done.

Usually I can go back to the box and re-eject and all is well. This time even GParted and the resident fedora 21 Disk Utility programs did not even see the drive (which Was visible under "files").

Using disk utility on the "offending" machine, it seems there were many files that were truncated (due to some eject issue? Note the ejection was done "according to Hoyle" ); regardless the flash drive was still read-only. Howeverk, re-trying GParted, which now recognized the drive, the drive was unmounted checked. Some repair was necessary. Currently, I can read, write and copy within the drive.

However, the drive itself is still only read-only for all but the owner (which is not even root). I cannot copy any file to the flash drive. Chmod does nothing (no matter if root or other user tries). I suppose I should be satisfied for the access there is, but if anyone has any more suggestions, it would be great.

Thanks in advance for any info/interest

Permission Problems

trying to set up a simple NAS using Raspian on RaspberryPi2.
installed ntfs-3g and samba.
followed various methods to set it up.
found one that allows me access to my drives.
PROBLEM.....

As a test I edited a simple text file using my laptop (windows7), however when trying to save I receive "access denied"
same occurred on our other computers.

My setup....
in fstab

added...
UUID=DBE6-7AC0 /media/Lexar vfat defaults.noatime 0 2
UUID=F21843B31843756F /media/OurFiles ntfs defaults,noatime0 3


in samba config set security = user and encrypt passwords = yes in Authentication Section, then added the following at the end of file:
[Lexar]
comment this is the Lexar (vfat)
path = /media/Lexar
available = yes
read only = no
browsable = yes
public = yes
writable = yes
create mask = 0775

[OurFiles]
comment this is the OurFiles (ntfs)
path = /media/OurFiles
available = yes
read only = no
browsable = yes
public = yes
writable = yes
create mask = 0775

I would be very grateful for any assistance....thank you

Having trouble mastering this environment, please bear with me,

Get RAID1 And LVM Back After Re Installating The OS

Hi All,
I had installed Cent OS 6.6 on sda. The RAID1 and LVM setup was on sdb and sdc. To practice well on recovering RAID and LVM after the OS reinstallation, I just reinstalled the OS. During first re installation of OS, I had selected all the mount points including RAID/LVM partitions as same as how those where mounted before the reinstallation, but the format was selected to only /, /others, /var. And after booting /dev/md0 and LVM partitions were set to active automatically and everything was mounted properly. Also there was no any data loss in the RAID/LVM partitions. So I could made sure that everything will be perfect if we carefully select the mount points during OS reinstallation by making sure the formating partitions.

Now I thouht of reinstalling OS once again but this time didn't select mount points for RAID/LVM partitions during OS reinstallation, thought for manual setup after the installation. So just selected /, /others, /var partitions to format. When it booted, I ran "cat /proc/mdstat" but it was taken /dev/md127(read only) instead of /dev/md0.
Code:
# cat /proc/mdstat 
Personalities : [raid1] 
md127 : active (auto-read-only) raid1 sdc[1] sdb[0]
      52396032 blocks super 1.2 [2/2] [UU]
      
unused devices: <none>

So now I just wanted to stop and restart this RAID array as /dev/md0. But I am not able to stop as it is giving following error.
Code:
# mdadm --stop --force /dev/md127
mdadm: Cannot get exclusive access to /dev/md127:Perhaps a running process, mounted filesystem or active volume group?

I made sure that no one RAID/LVM partitions are mounted.
Code:
# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1        15G  3.5G   11G  26% /
tmpfs           376M     0  376M   0% /dev/shm
/dev/sda2       4.7G  9.8M  4.5G   1% /others
/dev/sda3       2.9G  133M  2.6G   5% /var

But LVM is active
Code:
# pvdisplay 
  --- Physical volume ---
  PV Name               /dev/md127
  VG Name               data
  PV Size               49.97 GiB / not usable 4.00 MiB
  Allocatable           yes 
  PE Size               4.00 MiB
  Total PE              12791
  Free PE               5111
  Allocated PE          7680
  PV UUID               IJ2br8-SWHW-cf1d-89Fr-EEw9-IJME-1BpfSj
   
# vgdisplay 
  --- Volume group ---
  VG Name               data
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  19
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                2
  Open LV               0
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               49.96 GiB
  PE Size               4.00 MiB
  Total PE              12791
  Alloc PE / Size       7680 / 30.00 GiB
  Free  PE / Size       5111 / 19.96 GiB
  VG UUID               982ay8-ljWY-kiPB-JY7F-pIu2-87uN-iplPEQ
   
# lvdisplay 
  --- Logical volume ---
  LV Path                /dev/data/home
  LV Name                home
  VG Name                data
  LV UUID                OAQp25-Q1TH-rekd-b3n2-mOkC-Zgyt-3fX2If
  LV Write Access        read/write
  LV Status              available
  # open                 0
  LV Size                10.00 GiB
  Current LE             2560
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:0
   
  --- Logical volume ---
  LV Path                /dev/data/backup
  LV Name                backup
  VG Name                data
  LV UUID                Uq6rhX-AvPN-GaNe-zevB-k3iB-Uz0m-TssjCg
  LV Write Access        read/write
  LV Status              available
  # open                 0
  LV Size                20.00 GiB
  Current LE             5120
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:1

As LVM is active on /dev/md127 it is not allowing to stop /dev/md127 raid array. So as I am fresher in RAID/LVM, expecting your kind help to make LVM inactive without any data loss and restart the RAID array as /dev/md0 and then re activate the LVM setup.
Expecting your kind reply, Thanks.

Samba-Apache-Webdav Permission Problem With User Www-data

I'm not sure if this should be in the newbie section, but I am somewhat of a newbie, so here goes:

In a home network, I have an Xubuntu file server with a Samba share that has me as the owner and authorizes me to access the share.

On another computer, I have Mint running and providing various services, including webdav on Apache with SSL. In the var/www/webdav directory of the Mint computer, I have the Xubuntu Samba share mounted. This is supposed to allow me to access the Samba share from the public internet.

Everything works fine except for one big problem: Apache requires the owner of the webdav directory to be user "www-data," and I can't figure out how to give www-data access to the Samba share, since www-data is not a user on the Xubuntu computer, and moreover I don't know the password for user www-data.

Can anyone figure out how to get around this problem? In particular, is there a way to configure the Samba share on the Xubuntu computer so that user www-data on the Mint computer can have access to it?

(Incidentally, I have my reasons for using two computers, one as a file server and one as a web server. Also, I am thinking about switching to NFS instead of Samba, but I'm not sure if even that would solve my problem.)

I Set Up An Ext4 Partition On External HD To Store Media Files. Permission Issues

I recently bought a WD external hard drive for storing file of several types. Using gparted I made two partitions, one ntfs for windows files and an ext 4 for linux files. Strangely, I have complete access to ntfs partition from linux side of duel boot system, but do not have permission to access ext4 partition. My root password does not work when I use su to gain root access. It works fine on built in hard drive.

Write Permission When Automount Usb Ntfs Drives

I want to get all permissions for all the users when ntfs usb drives is detected and linux mount it automatically. Linux grants permission only for root and it canīt be changed.

Linux File Server

Hello Everyone
I have installed Ubuntu Server on a 500 GB drive formatted as EXT4.

Of of my Media, movies, music and pictures are from Windows PC's formatted in NTFS.
As all of the computers connecting to the server will be windows based will NTFS be fine or will I have to reformat them to work. The two media drives are 2 x 2GB Sata drives.
Could you tell me if this setup would work or will I have to reformat and and transfer the files to a new filesystem.
Also as a file server whats the best linux file system to use so it will work with windows PC's in a lan flawlessly.
Thanks for you expertise.
Regards

NFS Response Is Very Slow

Hi Everyone,

We are using Dell Power Edge R510 server as a central storage in Linux network. I have configured RAID6 on 10 near-line SAS hard disks. Using NFS i have exported one directory and mounted it on other machines.

Recently we are facing one problem, when anyone read/write big file (2-3GB)from NFS drive,others feel very slow access to that drive. Sometime we can't open simple text file till complete read/write process.

I have remounted NFS drive but still problem as it is.

Can anyone help me to solve this problem.