Re: [Samba] Samba as non-root?

This is a discussion on Re: [Samba] Samba as non-root? within the Samba forums, part of the Networking and Network Related category; --===============1650615728== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-ajSYkRMm++Sbm/Ha+tC7&...


Go Back   Usenet Forums > Networking and Network Related > Samba

Reload this Page Re: [Samba] Samba as non-root?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 03-16-2006
Tim Potter
 
Posts: n/a
Default Re: [Samba] Samba as non-root?

--===============1650615728==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="=-ajSYkRMm++Sbm/Ha+tC7"


--=-ajSYkRMm++Sbm/Ha+tC7
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2006-03-15 at 11:08 -0500, dan.franco@pnc.com wrote:
> I have a two-part question. Is it possible to run Samba as a non-root
> user? What we want to do, ideally, is to create a user account such as
> "samba", and let our applications people log in as the samba user, and do
> all the setup and ongoing maintenance. I looked through the stuff on
> samba.org but the answer isn't readily apparent to me. This is so they c=
an
> allow a few users the ability to view some files on a Solaris 8 server.

It's not possible to run Samba as non-root, mainly because some file
system operations that are done by a unprivileged Windows user require
root access under Unix. =20

You can use some of Samba's share level configuration parameters such as
'valid users' or 'invalid users' and 'hosts allow' or 'hosts deny' to
implement access policies based on users or network addresses.

> All the users who need read access via Samba are already in the passwd
> file. We would prefer not to use any external servers for authentication
> if we can avoid it. Can we do that? We're trying to keep this as simple
> as possible.

The tdbsam backend (default) runs without contacting any external
servers, or a ldap server listening on localhost can be used for
authentication. If you're going for simple, stick with the tdbsam
backend.


Tim.

--=-ajSYkRMm++Sbm/Ha+tC7
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQBEGNS4LjpWbwciAh4RAnwaAJ9S34n2pet597XVrlQfuE uvmkFRSwCgvtes
z4BlBZOz9sBTviLVYLYvJVQ=
=4SGe
-----END PGP SIGNATURE-----

--=-ajSYkRMm++Sbm/Ha+tC7--

--===============1650615728==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--===============1650615728==--
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:05 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0