Redes - Samba: Comparticion de recursos por niveles
porblema
crear directorios para tres grupos de usuarios
- secretaria
- coordinacion
- jefes
arbol de directorio
|- compartidos
| |- secretaria
| | |- secretaria01
| | |- secretaria02
| |- coordinacion
| | |- coordinacion01
| | |- coordinacion02
| | |- coordinacion03
| | |- coordinacion04
crear usuarios en el sistema
y usar "smbpasswd -a <usuario>" para asignale contraseña en samba
condiciones exigidas
- el servidor samba debe pedir autenticcion de los usuarios para acceder a los directorios
- todos los usuarios deben poder modificar solo sus propios directorios, pero con acceso de solo lectura a los recursos de su mismo grupo, los jefes pueden cambiar todo
- otras redes no pueden tener acceso a esos recursos
procedimiento
instalar samba
configurar samba/smb.conf
# Samba config file created using SWAT
# from UNKNOWN (127.0.0.1)
# Date: 2014/01/22 09:53:12
[global]
workgroup = WORKGROUP
realm = CARPETASRED
netbios name = CARPETASRED
server string = Recursos compartidos
dns proxy = no
security = user
passdb backend = tdbsam
# cups options = raw
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
usershare allow guests = yes
map to guest = Bad User
username map = /etc/samba/smbusers
guest ok = yes
log file = /var/log/samba/log.%m
max log size = 50
syslog = 0
# name resolve order = lmhosts host wins bcast
time server = yes
interfaces = lo br0 192.168.16.0/24 192.168.34.0/24 127.0.0.1
hosts allow = 127. 192.168.34. 192.168.16.
# remote announce = 192.168.16.0/24 192.168.34.0/24
################ Auditoria de Samba ###############################
full_audit:prefix = %u|%I|%S
full_audit:failure = connect
full_audit:success = connect disconnect opendir mkdir rmdir closedir open close read pread write pwrite rename
full_audit:facility = local5
full_audit:priority = notice
################################################################
veto files = /*.inf/*.bat/*.scr/*.lnk/*.cmd/
delete veto files = yes
########## Printing ##########
load printers = yes
printing = cups
printcap name = cups
usershare max shares = 100
encrypt passwords = true
guest account = nobody
###################################
[recursos_compartidos]
admin users = jefe01 jefe02
valid users = jefe01 jefe02
path = /home/compartir/recursos/
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
###################################
[coordinacion]
valid users = coordinacion01 coordinacion02 coordinacion03 coordinacion04
path = /home/compartir/recursos/coordinacion/
public = no
guest ok = no
read only = yes
writeable = no
create mask = 0777
directory mask = 0777
[secretaria]
valid users = secretaria01 secretaria02
path = /home/compartir/recursos/secretaria/
public = no
guest ok = no
writeable = no
read only = yes
create mask = 0777
directory mask = 0777
###################################
[secretaria01]
admin users = secretaria01
valid users = secretaria01
path = /home/compartir/recursos/secretaria/secretaria01
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
[secretaria02]
admin users = secretaria02
valid users = secretaria02
path = /home/compartir/recursos/secretaria/secretaria02
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
###################################
[coordinacion01]
admin users = coordinacion01
valid users = coordinacion01
path = /home/compartir/recursos/coordinacion/coordinacion01
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
[coordinacion02]
admin users = coordinacion02
valid users = coordinacion02
path = /home/compartir/recursos/coordinacion/coordinacion02
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
[coordinacion03]
admin users = coordinacion03
valid users = coordinacion03
path = /home/compartir/recursos/coordinacion/coordinacion03
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
[coordinacion04]
admin users = coordinacion04
valid users = coordinacion04
path = /home/compartir/recursos/coordinacion/coordinacion04
public = no
guest ok = no
writeable = yes
create mask = 0777
directory mask = 0777
el archivo samba/smbusers para asentar los usuarios habilitados
coordinacion01 = coordinacion01
coordinacion02 = coordinacion02
coordinacion03 = coordinacion03
coordinacion04 = coordinacion04
secretaria01 = secretaria01
secretaria02 = secretaria02
jefe01 = jefe01
jefe02 = jefe02
++++REFERENCIAS
- http://www.linux-noob.com/forums/index.php?/topic/4355-simple-guest-read-password-writable-samba-server-for-a-small-network/
- http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html
- http://www.linuxtopia.org/online_books/espaniol/centos_linux_guides/centos_linux_reference_guide/s1-samba-servers.html
- http://www.jesusda.com/docs/howtos/samba/
- http://www.ubuntu-es.org/node/178792#.Ut_GoNgyGfA
- http://echaleunvistazo.wordpress.com/2012/02/03/compartir-carpetas-con-samba/
*
page revision: 0, last edited: 22 Jan 2014 15:33