last weekend I finally bought a RPi to use it as a media server/player with RaspMBC. Since nearly 4 days now, I try to figure out how to configure the samba server properly in order to fit my needs, but I couldn't get it done. I have to say that I'm really new to the linux world, and I'm unsure if it's even possible what I want to do.
At first, here's what I'm trying to do:
- Create an user "media", "movies" and "music" for use with samba
- These users should only see certain shares, so "media" will see Music and Movie shares, "music" only Music share and so on. Furthermore, they should be able to login without a password and only should have read access.
- Finally, I want to have an additional user (or use "pi") which should see every share and have full access (read/write) to them.
This is what I have done so far via ssh:
- Create user on system:
sudo useradd --no-create-home --shell /bin/false media - Add user to samba without entering a password:
sudo smbpasswd -a media
And finally, here's my smb.conf:
[global]
workgroup = WORKGROUP
security=user
encrypt passwords = yes
follow symlinks = yes
wide links = no
unix extensions = yes
lock directory = /var/cache/samba
[pi]
browsable = yes
read only = no
valid users = pi
path = /home/pi
hide unreadable = yes
[devices]
browsable = yes
read only = no
valid users = pi
path = /media
hide unreadable = yes
[Musik]
browsable = yes
read only = yes
valid users = pi media
write list = pi
read list = media
path = /media/INTENSO_MEDIA/Musik
[Filme]
browsable = yes
read only = yes
valid users = pi media
write list = pi
read list = media
path = /media/INTENSO_MOVIES/Filme
I tested it on my Mac. I am able to login as "media" without a password, however I can see every share, not only "Musik" and "Filme". But when I want to access "Musik" or "Filme", I'm getting this error: "The operation cannot be completed because the original item cannot be found". Nevertheless, logging in with "pi" works as expected.
So what am I missing here? Is it even possible to do what I want?
Kind regards, marank
EDIT: I forgot to say that "Musik" and "Filme" are folders on an external NTFS-formatted harddrive!
1 Answer 1
Verify that the new users you are creating have access to the files/directories within the filesystem itself in addition to having access described in your smb.conf.
"When client users access a Samba share, they have to pass two levels of restriction. Unix permissions on files and directories apply as usual, and configuration parameters specified in the Samba configuration file apply as well. In other words, a client must first pass Samba's security mechanisms (e.g., authenticating with a valid username and password, passing the check for the valid users parameter and the read only parameter, etc.), as well as the normal Unix file and directory permissions of its Unix-side user, before it can gain read/write access to a share." - taken from Samba.org
mediauser did you usesudo useradd --no-create-home --shell /bin/false media? This would likely cause problems, as a users config files are often stored in the home directory, and the default shell being overridden doesn't help. If you use the default shell and allow the creation of a home directory, it will likely work much better. Also, you may need an entry ofmedia's user in smb.conf - help on configuring it can be found here.piin the smb.conf. If you duplicate that, but withmediainstead ofpias the config (e.g. here), it might work.