Continuo dependendo de ajuda

[alexlabtec]

Caros amigos estou em um outro forum do mandravi e estou com problemae até mesmo postei o meu problema aqui
no forum de lá estavamos fazendo parte por parte ai o rapaz não entrou mais ou não queiz da continuidade da ajuda.
Neste forum não teve um pessoa que me deu uma ajuda até o fim nem no começo.
Primeiramente é possivel alguém me ajudar até o fim, pode ser pelo forum mesmo. Se sim me responde que ai eu posto a duvida como esta no outro forum.


Muito Obrigado.

[joseguilherme]

Saudações amigo,

Posta a dúvida aí que a gente te ajuda.

abraço

[alexlabtec]

Amigon espero poder contar com vc em me ajudar , vamos lá vou passar o meu script para vc e vc de uma olhadinha conforme postado em outro forum u amigo pediu para ser criado para aquilo que queria era mais facil criar por grupo.se tiver outra maneira melhor.
O que necessito pois bem..
Criei Uma pasta chamada server e dentro de la consta uma outra pasta arquivos e dentro dela mais tres pastas chamadas downloads, rpms, tutoriais.
E o que eu quero ?
seria assim
Acesso pasta server(sem senha)
Acesso pasta server/arquivos(sem senha)
Acesso pasta server/arquivos/downloads(senha e login)
Acesso pasta server/arquivos/rpms(senha e login)
Acesso pasta server/arquivos/tutoriais(senha e login)
Blz , agora mando o meu script smb.conf

# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#======================= Global Settings =====================================
[global]

# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = DATACONTROLWEB
netbios name = DATACONTROL
server string = Samba Server
; nt acl support = yes
; force directory mode = 0777
hosts allow = 192.168.0. 192.168.2. 127.
; keep alive = 20
; printcap name = /etc/printcap
load printers = yes
; printing = cups
; cups options = raw
; guest account = pcguest
Log file = /var/log/samba/%m.log
max log size = 50
; debug level = 1
security = user
; password server = <NT-Server-Name>
; password level = 8
; username level = 8
encrypt passwords = yes
update encrypted = yes
smb passwd file = /etc/samba/smbpasswd
; username map = /etc/samba/smbusers
; unix password sync = Yes
; passwd program = /usr/bin/passwd %u
; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
; username map = /etc/samba/smbusers
; include = /etc/samba/smb.conf.%m
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; interfaces = 192.168.12.2/24 192.168.13.2/24
; remote browse sync = 192.168.3.25 192.168.5.255
; remote announce = 192.168.1.255 192.168.2.44
local master = yes
os level = 32
domain master = yes
; security mask = 0777
; force create mode = 0777
; force security mode = 0777
; preferred master = yes
domain logons = yes
; logon script = %m.bat
; writeable = yes
; logon script = %U.bat
logon path = \\%L\Profiles\%U
; admin users = root,alexandro
; name resolve order = wins lmhosts bcast
; wins support = yes
; wins server = w.x.y.z
; wins proxy = no
dns proxy = no
; force directory security mask = 0777
; directory security mask = 0777
; time server = true
; announce as = NT Server
preferred master = yes
; directory mask = 0777
; obey pam restrictions = yes
; pam password change = yes
; preserve case = no
; short preserve case = no
; default case = lower
; case sensitive = no

#============================ Share Definitions ==============================
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = no

;[homes]
; comment = Home Directories
; read only = no
; browseable = no
; available = yes
; public = no
; writable = yes
; only user = no
; create mask = 0777
; directory mask = 0777

[netlogon]
comment = Network Logon Service
path = /home/netlogon
; browseable = yes
; guest ok = yes
writable = no
; printable = no
; public = yes
share modes = no
; write list = root

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /home/profiles
; browseable = no
; guest ok = yes


# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes

# This one is useful for people to share files
;[tmp]
; comment = Temporary file space
; path = /tmp
; read only = no
; public = yes

# A publicly accessible directory, but read only, except for people in
# the "staff" group
;[public]
; comment = Public Stuff
; path = /home/samba/publico
; browseable = yes
; writable = yes
; guest ok = yes
; public = yes
; read only = yes
; create mode = 0777
; create mask = 0777
; write list = @staff

# Other examples.
#
# A private printer, usable only by fred. Spool data will be placed in fred's
# home directory. Note that fred must have write access to the spool directory,
# wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes

# A private directory, usable only by fred. Note that fred requires write
# access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no

# a service which has a different directory for each machine that connects
# this allows you to tailor configurations to incoming machines. You could
# also use the %u option to tailor it by user name.
# The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writable = yes

# A publicly accessible directory, read/write to all users. Note that all files
# created in the directory by users will be owned by the default user, so
# any user with access can delete any other user's files. Obviously this
# directory must be writable by the default user. Another user could of course
# be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no

# The following two entries demonstrate how to share a directory so that two
# users can place files there that will be owned by the specific users. In this
# setup, the directory should be writable by both users and should have the
# sticky bit set on it to prevent abuse. Obviously this could be extended to
# as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765

;[server]
; comment = Compartilhamentos
; path = /server
; read only = no
; valid users = alexandro
; write list = alexandro
; admin user = root,alexandro
; directory mode = 0777
; guest ok = no
available = yes
; only user = yes
; browseable = yes
; public = yes
; writable = yes
; printable = no
; create mode = 0777
; create mask = 0777

[arquivos]
comment = Arquivos
path = /server/arquivos
read only = no
directory mode = 0777
browseable = yes
public = yes
create mode = 0777
create mask = 0777
[downloads]
comment = Downloads
path = /server/arquivos/downloads
read only = yes
valid users = @down
browseable = yes
public = no
force create mode = 0770
force directory mode = 0770

[rpms]
comment = rpms
path = /server/arquivos/rpms
read only = yes
valid users = @rpms,@root
browseable = yes
public = no
force create mode = 0770
force directory mode = 0770

[tutoriais]
comment = Tutoriais
path = /server/arquivos/tutoriais
read only = yes
valid users = @tutor
browseable = yes
public = no
force create mode = 0770
force directory mode = 0770


Muito Obrigado
Alexandro de Oliveira
Distro Mandriva 2007

[joseguilherme]

alexlabtec,

Não sabia como fazer isso então dei uma procurada e uma consultada com uns amigos, e encontrei uma coisa, uso de acls no sistema de arquivos junto com o samba.
Encontrei um artigo do Dicas-L que explica o uso disso:

[Linux-sbo] [Dicas-L] Dicas SAMBA

Mas basicamente, vc tem que ter no kernel na parte de sistemas de arquivos, extended atributes abilitado para o sistema de arquivos que vc usa.
Adicionar a opção "acl" na montagem da partição onde está o diretório que será compartilhado pelo samba.
No smb.conf adicionar as configurações:

map acl inherit = Yes
inherit acl = Yes
inherit permissions = Yes

Depois logando como administrador do domínio em uma máquina windows e pelo próprio explorer alterar os usuários que podem acessar aqueles 3 subdiretórios.

Se vc conseguir fazer tudo isso funcionar, posta aqui pra gente saber.
Espero ter ajudado.
Abraço

[pssgyn]

Alexlabtec, eu também imagino que se você criar os seus compartilhamentos por grupos deve funcionar.