Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

samba, user management

Featured Replies

I would like to tear down an old MS server, but I need to be able to create users with private directories.

I dont need different variations of security levels, just completely private libraries. Wife and two teenage girls want to keep their stuff, pictures, essays, diaries, etc. private :-)

 

Is it part of future development or has anyone implemented it as a tweak.

Is is possible to make a few lines in the go script as a solution ?

 

/Rene

You could use user shares and keep them hidden.  So for your top level directories have Wife, Daughter, Daughter2.  And then in there windows profiles map only their hidden shares to their accounts and don't tell the others what the path to the other shares are. 

I would like to tear down an old MS server, but I need to be able to create users with private directories.

I dont need different variations of security levels, just completely private libraries. Wife and two teenage girls want to keep their stuff, pictures, essays, diaries, etc. private :-)

 

Is it part of future development or has anyone implemented it as a tweak.

Is is possible to make a few lines in the go script as a solution ?

 

/Rene

You could make a copy of the samba configuration file /etc/samba/smb.shares, edit it for the security you desire, and then save it on your USB flash.

 

Then, add three lines to your "go" script at its end.

 

/root/samba stop

cp /boot/smb.shares /etc/samba/smb.shares

/root/samba start

 

You will need to read up on SMB configuration, but odds are there are examples on the web somewhere.

 

Also, this does not solve a major snag to the plan.  You daughters could telnet to the server, log in without a password, and get directly to any of the files.  Once logged on, they could edit the smb.shares file and restart the samba server and then get to their sister's files via windows.

 

You can slow them down by adding a temporary root password.  It will be in effect until the server is rebooted, then it will revert to no password.

 

To add a root password, log in via telnet and type;

passwd root

 

Joe L.

 

Tom really needs to address basic security.

One more thing...

 

Since the smb.shares file is re-created every time the re-scan button is pressed on the web-interface, this will undo anything you do in the "go" script.

 

Don't tell your daughters about the admin web-page. 

 

(Tom, The web-admin page needs a password too)

The security update will include the ability to tag directories with their owner & owner could decide not to grant read privilege to anyone except themselves.  But this will not prevent password guessing!

 

You could get them a folder encryption program, but then even you wouldn't be able to snoop  ;)

The security update will include the ability to tag directories with their owner & owner could decide not to grant read privilege to anyone except themselves.

 

Is this something that is in the current beta release of unRAID, or is this something you have planned for a future release ?

 

Excuse the newb question  ;D

modified the smb.shares and added a HARRY section and put it on the flash key.

[harry]

path = /mnt/disk1/home/harry

 

in the go script I added:

/root/samba stop

cp /boot/smb.shares /etc/samba/smb.shares

/root/samba start

 

at reboot there is no change, but if I telnet and run the stop-copy-start lines one by one, the HARRY share turns up nicely.

 

I have a feeling that the go script copy the smb.shares file too early.

 

/Rene

Your probably right.

 

How about this then....

I would give a try at copying /root/samba to your USB drive and making a change to it.

If you open the copy in your editor, you will see a function where first the names.conf file is created and then samba itself started.

It looks like this

samba_start() {
  if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then

    /usr/bin/fromdos </boot/config/ident.cfg >/var/tmp/ident.cfg
    source /var/tmp/ident.cfg
    echo "# Generated names" >/etc/samba/smb.names
    echo "netbios name = $NAME" >>/etc/samba/smb.names
    echo "server string = $COMMENT" >>/etc/samba/smb.names
    echo "workgroup = $WORKGROUP" >>/etc/samba/smb.names
    echo "local master = $localMaster" >>/etc/samba/smb.names
    echo "smb ports = $smbPorts" >>/etc/samba/smb.names
                                                                       <------ Add line to copy custom smb.shares into place here.
    echo "Starting Samba:  /usr/sbin/smbd -D -l /dev/null"
    /usr/sbin/smbd -D -l /dev/null
    echo "                 /usr/sbin/nmbd -D -l /dev/null"
    /usr/sbin/nmbd -D -l /dev/null
  fi
}

If you add your own commands between those two steps it might do what you are wanting.

 

 

So copy the /root/samba file to /boot/samba

Edit /boot/samba to add your command to copy the local /boot/smb.shares file into place to /etc/samba/smb.shares

Edit the original go script and add just one line at its end (instead of the three you tried  earlier)

cp /boot/samba /root/samba

 

This has the advantage of being invoked after you use the web-interface "scan-files" button as well as upon initial boot as emhttp invokes  /root/samba

 

Joe L.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.