Page 281 - DCAP602_NETWORK_OPERATING_SYSTEMS_I
P. 281

Unit 14: File Server





          valid users = @financial                                                              notes
          force group = financial
          Below is an example [FTP-Server] resource which is mapped to the root of the FTP Server (/var/
          ftp) running on the local Samba server. The share has been configured so it is publicly accessible
          to everybody on the network, but the filesystem is read only. All new files and directories will
          have the file permissions of 755.
          The “write list” directive overrides the “read only” directive, which means in this example that
          the two users (john and fred) can completely manage all the files and resources like a normal
          share.
          The “force group” and “force user” directives states that any new files or directories will be
          processed as belonging to the UNIX ftp user account. This is similar to typing “chown ftp.ftp *”
          at the command prompt and also makes the files readily accessible by the FTP server.


                 Example:
          [FTP-Server]
          comment = READ ONLY - Corp FTP Server
          path = /var/ftp
          read only = Yes
          guest ok = Yes
          browseable = Yes
          create mask = 0755
          directory mask = 0755
          write list = john, fred
          force group = ftp

          force user = ftp
          The [WEB-Server] example share is mapped to the “document root” (/var/www/html) of the
          Apache web server running on the local Samba server. The “browseable  =  No” directive
          informs the Samba server not to tell any networked workstations and clients that the resource
          is available, this requires that a connecting client must already know the resource is shared as
          “WEB-Server”. In effect the resource is available to the valid users but is hidden from view.
          The filesystem has also been marked as read only but can be fully administered by the UNIX
          user account called fred. All files and directories written to the networked share will be forced to
          belong to the root group and user accounts.

          This is a quite powerful share as the effective user (fred) will have root privileges to the filesystem
          located under the /var/www/html directory. It also allows fred (the local webmaster) to add or
          update any web pages as required.


                 Example:
          [WEB-Server]
          comment = HIDDEN - Corp Web Server

          path = /var/www/html
          read only = Yes
          guest ok = No



                                           LoveLy professionaL university                                   275
   276   277   278   279   280   281   282   283   284   285   286