Recommendations for SMB/CIFS file server configuration
Bryan O'Neal
Bryan.ONeal at TheONealAndAssociates.com
Mon Sep 13 21:42:27 MST 2010
ACL's or Access Control Lists show up in every corner of the digital
world Here we are looking at file ACL's which have been built in to
linux for at least half a decade (and optional well before that)
First thing you need to do is enable them by editing /etc/fstab and
appending acl to your partition mount options. For example "/dev/sda2
/home ext3 defaults" would become "/dev/sda2 /home ext3 defaults,acl"
Now you either have to remount, or restart, in order to enable them.
Once enable you can start using
getfacl to see the ACL based permissions set on a file or directory
and setfacl to change them.
For a much more comprehensive guide that is easy to read and provides
all the information you need to know to make ACL's fun check out my
reference guide (which was meant both as a quick reference and
something you can easily read from begging to end). It teaches you all
about creating users, groups, and how to use groups to organize your
permissions. All stuff you probably know from the windows world. But
it then shows you how to use them with ACL's around section 2.
http://mlwtech.blogspot.com/2010/06/using-system-acls-on-linux.html
(And yes I know I need to fix the relative links because I just
imported the OO document by having word convert it to html and word
breaks everything!)
Now are you interested in joining your linux boxes to a windows active
directory? If so I have not deon that in a few years but I am more
then willing to help and then write a how to from that :) I remember
it being really easy :)
On Mon, Sep 13, 2010 at 8:04 PM, James Dugger <james.dugger at gmail.com> wrote:
> Bryan,
> The detail would be great. I would like to learn more about ACL support.
> Thank you
>
> On Mon, Sep 13, 2010 at 7:21 PM, Bryan O'Neal
> <Bryan.ONeal at theonealandassociates.com> wrote:
>>
>> I agree with everything I have seen in this thread so far. If you are
>> a seasoned windows admin you can use Active Directory for central user
>> authentication and file level access with only about 10 -15 min worth
>> of work. Otherwise linux does not have (to the best of my knowledge)
>> easy central account management. Also if you feel frustrated by the
>> SMB permissions you can think of it like a windows share - you can
>> layer more security on top of it. With linux you just use ACL's but
>> enabling them requires editing your fstab and adding the ACL support
>> tag - and then remounting or simply rebooting.
>>
>> It is all really simple so if your interested I can go into detail.
>>
>>
>
>
>
> --
> James
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
More information about the PLUG-discuss
mailing list