Клиент CIFS, ведущий себя как root на сервере

Question

Клиент CIFS, ведущий себя как root на сервере

У меня есть клиент CIFS с обычным пользователем. У меня есть сервер SAMBA, где единственным пользователем является root. Я хочу, чтобы пользователь в клиентской системе имел доступ к файлам на удаленном сервере от имени пользователя root. Пока я не могу, хотя я использовал такие опции, как "uid", "setuid" и т. Д. Клиент просто видит удаленные файлы как принадлежащие "root", а "Отказано в доступе" - это все, что я получаю.

Сервер, на котором работает OpenELEC, совместно использует гостевые разрешения, поэтому решение вряд ли повлечет за собой глубокие изменения на сервере. Клиент работает под управлением Ubuntu 14.04.02.

Это файл samba.conf, который, я думаю, переопределяет smb.conf. Я взял его из шаблона и добавил только последнюю долю:

###############################################################################
#      This file is part of OpenELEC - ...
#      Copyright (C) 2009-2014 Stephan Raue (stephan@openelec.tv)
#
#  OpenELEC is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, either version 2 of the License, or
#  (at your option) any later version.
#
#  OpenELEC is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with OpenELEC.  If not, see <.../licenses/>.
################################################################################
# samba.conf

# This configuration file allows you to customize the samba shares
# available from your machine

[global]
  server string = OpenELEC
  workgroup = WORKGROUP
  netbios name = %h
  security = share
  guest account = root
  socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
  smb ports = 445
  max protocol = SMB2
  min receivefile size = 16384
  deadtime = 30
  os level = 20
  mangled names = no
  syslog only = yes
  syslog = 2
  name resolve order = lmhosts wins bcast host
  preferred master = auto
  domain master = auto
  local master = yes
  printcap name = /dev/null
  load printers = no
  browseable = yes
  writeable = yes
  printable = no
  encrypt passwords = true
  enable core files = no
  passdb backend = smbpasswd
  smb encrypt = disabled
  use sendfile = yes


# Using the following configurations as a template allows you to add
# writable shares of disks and paths under /storage

[Update]
  path = /storage/.update
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/.update

[Videos]
  path = /storage/videos
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/videos

[Music]
  path = /storage/music
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/music

[TV Shows]
  path = /storage/tvshows
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/tvshows

[Recordings]
  path = /storage/recordings
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/recordings

[Downloads]
  path = /storage/downloads
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/downloads

[Pictures]
  path = /storage/pictures
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/pictures

[Emulators]
  path = /storage/emulators
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/emulators

[Configfiles]
  path = /storage/.config
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/.config

[Userdata]
  path = /storage/.kodi/userdata
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/.kodi/userdata

[Screenshots]
  path = /storage/screenshots
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/screenshots

[Logfiles]
  path = /storage/logfiles
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/logfiles
  root preexec = createlog

[Backup]
  path = /storage/backup
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/backup

[HDD]
  path = /var/media/sda1-ata-ST9320325AS_5VEA
  available = yes
  browsable = yes
  public = yes
  writeable = yes
  force user = root
  force group = root

И это smb.conf, который появляется в файловой системе только для чтения. Опять же, я думаю, что это полностью переопределено:

################################################################################
#      This file is part of OpenELEC - ...
#      Copyright (C) 2009-2014 Stephan Raue (stephan@openelec.tv)
#
#  OpenELEC is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, either version 2 of the License, or
#  (at your option) any later version.
#
#  OpenELEC is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with OpenELEC.  If not, see <...>.
################################################################################
# samba.conf

# This configuration file allows you to customize the samba shares
# available from your machine

[global]
  server string = OpenELEC
  workgroup = WORKGROUP
  netbios name = %h
  security = share
  guest account = root
  socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
  smb ports = 445
  max protocol = SMB2
  min receivefile size = 16384
  deadtime = 30
  os level = 20
  mangled names = no
  syslog only = yes
  syslog = 2
  name resolve order = lmhosts wins bcast host
  preferred master = auto
  domain master = auto
  local master = yes
  printcap name = /dev/null
  load printers = no
  browseable = yes
  writeable = yes
  printable = no
  encrypt passwords = true
  enable core files = no
  passdb backend = smbpasswd
  smb encrypt = disabled
  use sendfile = yes


# Using the following configurations as a template allows you to add
# writable shares of disks and paths under /storage

[Update]
  path = /storage/.update
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/.update

[Videos]
  path = /storage/videos
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/videos

[Music]
  path = /storage/music
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/music

[TV Shows]
  path = /storage/tvshows
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/tvshows

[Recordings]
  path = /storage/recordings
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/recordings

[Downloads]
  path = /storage/downloads
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/downloads

[Pictures]
  path = /storage/pictures
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/pictures

[Emulators]
  path = /storage/emulators
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/emulators

[Configfiles]
  path = /storage/.config
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/.config

[Userdata]
  path = /storage/.kodi/userdata
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/.kodi/userdata

[Screenshots]
  path = /storage/screenshots
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/screenshots

[Logfiles]
  path = /storage/logfiles
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/logfiles
  root preexec = createlog

[Backup]
  path = /storage/backup
  available = yes
  browsable = yes
  public = yes
  writable = yes
  root preexec = mkdir -p /storage/backup

Файл журнала почти не существует:

[2015/05/21 09:52:27, 0] /home/stephan/projects/openelec-5.0/build.OpenELEC-RPi.arm-5.0.8/samba-3.6.25/source3/smbd/server.c: 1074 (smbd_main) запущена версия 3.6.25 smbd. Авторские права Эндрю Триджелла и Samba Team 1992-2011

0

server permissions samba cifs

Источник

Opux 21 май '15 в 00:53

1 ответ

Другие вопросы по тегам server permissions samba cifs

Opux 30 май '15 в 15:13 2015-05-30 15:13 · Answer 1 · 2015-05-30 15:13

Я нашел несколько грязное решение:

Запустить PCManFM
Перейдите к общему ресурсу smb, открыв его
Когда я использую другое приложение, которое не знает smb, я обнаруживаю, что общий ресурс доступен в файловом браузере. Вероятно, это потому, что в /run/user/1000/gvfs/

Ужасно, но это делает работу. Вероятно, есть более чистое решение с участием gvfs, которое, вероятно, получит лучший ответ.