1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
|
Goal: enable net usershares by default at build time, with a limit of
100, and update the corresponding documentation
Fixes: Debian bug #443230
Authors: Mathias Gug <mathiaz@ubuntu.com>,
Steve Langasek <vorlon@debian.org>
Status wrt upstream: Debian-specific
Index: samba-3.0.28a/docs/manpages/smb.conf.5
===================================================================
--- samba-3.0.28a.orig/docs/manpages/smb.conf.5
+++ samba-3.0.28a/docs/manpages/smb.conf.5
@@ -253,7 +253,7 @@
.PP
usershare path
.RS 3n
-Points to the directory containing the user defined share definitions. The filesystem permissions on this directory control who can create user defined shares.
+Points to the directory containing the user-defined share definitions. The filesystem permissions on this directory control who can create user-defined shares.
.RE
.PP
usershare prefix allow list
@@ -271,32 +271,7 @@
Names a pre-existing share used as a template for creating new usershares. All other share parameters not specified in the user defined share definition are copied from this named share.
.RE
.PP
-To allow members of the UNIX group
-foo
-to create user defined shares, create the directory to contain the share definitions as follows:
-.PP
-Become root:
-
-.nf
-
-mkdir /usr/local/samba/lib/usershares
-chgrp foo /usr/local/samba/lib/usershares
-chmod 1770 /usr/local/samba/lib/usershares
-
-.fi
-.PP
-Then add the parameters
-
-.sp
-
-.nf
-
- usershare path = /usr/local/samba/lib/usershares
- usershare max shares = 10 # (or the desired number of shares)
-
-.fi
-to the global section of your
-\fIsmb.conf\fR. Members of the group foo may then manipulate the user defined shares using the following commands.
+Members of the \fBsambashare\fR group can manipulate the user-defined shares using the following commands:
.PP
net usershare add sharename path [comment] [acl] [guest_ok=[y|n]]
.RS 3n
@@ -6964,9 +6939,9 @@
.PP
usershare path (G)
.RS 3n
-This parameter specifies the absolute path of the directory on the filesystem used to store the user defined share definition files. This directory must be owned by root, and have no access for other, and be writable only by the group owner. In addition the "sticky" bit must also be set, restricting rename and delete to owners of a file (in the same way the /tmp directory is usually configured). Members of the group owner of this directory are the users allowed to create usershares. If this parameter is undefined then no user defined shares are allowed.
+This parameter specifies the absolute path of the directory on the filesystem used to store the user-defined share definition files. This directory must be owned by root, and have no access for other, and be writable only by the group owner. In addition the "sticky" bit must also be set, restricting rename and delete to owners of a file (in the same way the /tmp directory is usually configured). Members of the group owner of this directory are the users allowed to create usershares. If this parameter is undefined then no user-defined shares are allowed.
.sp
-For example, a valid usershare directory might be /usr/local/samba/lib/usershares, set up as follows.
+For example, on Debian the default usershare directory of /var/lib/samba/usershares is set up as follows.
.sp
@@ -6974,16 +6949,16 @@
.nf
- ls -ld /usr/local/samba/lib/usershares/
- drwxrwx--T 2 root power_users 4096 2006-05-05 12:27 /usr/local/samba/lib/usershares/
+ ls -ld /var/lib/samba/usershares/
+ drwxrwx--T 2 root sambashare 4096 2006-05-05 12:27 /var/lib/samba/usershares/
.fi
.sp
-In this case, only members of the group "power_users" can create user defined shares.
+In this case, only members of the group "sambashare" can create user defined shares.
.sp
Default:
-\fB\fIusershare path\fR = NULL \fR
+\fB\fIusershare path\fR = /var/lib/samba/usershares \fR
.RE
.PP
usershare prefix allow list (G)
Index: samba-3.0.28a/docs/manpages/net.8
===================================================================
--- samba-3.0.28a.orig/docs/manpages/net.8
+++ samba-3.0.28a/docs/manpages/net.8
@@ -675,9 +675,9 @@
Store a secret for the sepcified domain, used primarily for domains that use idmap_ldap as a backend. In this case the secret is used as the password for the user DN used to bind to the ldap server.
.SS "USERSHARE"
.PP
-Starting with version 3.0.23, a Samba server now supports the ability for non-root users to add user define shares to be exported using the "net usershare" commands.
+Starting with version 3.0.23, a Samba server now supports the ability for non-root users to add user-defined shares to be exported using the "net usershare" commands.
.PP
-To set this up, first set up your smb.conf by adding to the [global] section : usershare path = /usr/local/samba/lib/usershares Next create the directory /usr/local/samba/lib/usershares, change the owner to root and set the group owner to the UNIX group who should have the ability to create usershares, for example a group called "serverops". Set the permissions on /usr/local/samba/lib/usershares to 01770. (Owner and group all access, no access for others, plus the sticky bit, which means that a file in that directory can be renamed or deleted only by the owner of the file). Finally, tell smbd how many usershares you will allow by adding to the [global] section of smb.conf a line such as : usershare max shares = 100. To allow 100 usershare definitions. Now, members of the UNIX group "serverops" can create user defined shares on demand using the commands below.
+Members of the UNIX group "sambashare" can create user-defined shares on demand using the commands below.
.PP
The usershare commands are:
.IP "" 3n
Index: samba-3.0.28a/source/param/loadparm.c
===================================================================
--- samba-3.0.28a.orig/source/param/loadparm.c
+++ samba-3.0.28a/source/param/loadparm.c
@@ -1689,7 +1689,7 @@
pstrcat(s, "/usershares");
string_set(&Globals.szUsersharePath, s);
string_set(&Globals.szUsershareTemplateShare, "");
- Globals.iUsershareMaxShares = 0;
+ Globals.iUsershareMaxShares = 100;
/* By default disallow sharing of directories not owned by the sharer. */
Globals.bUsershareOwnerOnly = True;
/* By default disallow guest access to usershares. */
Index: samba-3.0.28a/docs/htmldocs/manpages/smb.conf.5.html
===================================================================
--- samba-3.0.28a.orig/docs/htmldocs/manpages/smb.conf.5.html
+++ samba-3.0.28a/docs/htmldocs/manpages/smb.conf.5.html
@@ -164,8 +164,8 @@
their own share definitions has been added. This capability is called <span class="emphasis"><em>usershares</em></span> and
is controlled by a set of parameters in the [global] section of the smb.conf.
The relevant parameters are :
- </p><div class="variablelist"><dl><dt><span class="term">usershare allow guests</span></dt><dd><p>Controls if usershares can permit guest access.</p></dd><dt><span class="term">usershare max shares</span></dt><dd><p>Maximum number of user defined shares allowed.</p></dd><dt><span class="term">usershare owner only</span></dt><dd><p>If set only directories owned by the sharing user can be shared.</p></dd><dt><span class="term">usershare path</span></dt><dd><p>Points to the directory containing the user defined share definitions.
- The filesystem permissions on this directory control who can create user defined shares.</p></dd><dt><span class="term">usershare prefix allow list</span></dt><dd><p>Comma-separated list of absolute pathnames restricting what directories
+ </p><div class="variablelist"><dl><dt><span class="term">usershare allow guests</span></dt><dd><p>Controls if usershares can permit guest access.</p></dd><dt><span class="term">usershare max shares</span></dt><dd><p>Maximum number of user defined shares allowed.</p></dd><dt><span class="term">usershare owner only</span></dt><dd><p>If set only directories owned by the sharing user can be shared.</p></dd><dt><span class="term">usershare path</span></dt><dd><p>Points to the directory containing the user-defined share definitions.
+ The filesystem permissions on this directory control who can create user-defined shares.</p></dd><dt><span class="term">usershare prefix allow list</span></dt><dd><p>Comma-separated list of absolute pathnames restricting what directories
can be shared. Only directories below the pathnames in this list are permitted.</p></dd><dt><span class="term">usershare prefix deny list</span></dt><dd><p>Comma-separated list of absolute pathnames restricting what directories
can be shared. Directories below the pathnames in this list are prohibited.</p></dd><dt><span class="term">usershare template share</span></dt><dd><p>Names a pre-existing share used as a template for creating new usershares.
All other share parameters not specified in the user defined share definition
@@ -4509,25 +4509,25 @@
</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare owner only</code></em> = <code class="literal">True</code>
</em></span>
</p></dd><dt><span class="term"><a name="USERSHAREPATH"></a>usershare path (G)</span></dt><dd><p>This parameter specifies the absolute path of the directory on the
- filesystem used to store the user defined share definition files.
+ filesystem used to store the user-defined share definition files.
This directory must be owned by root, and have no access for
other, and be writable only by the group owner. In addition the
"sticky" bit must also be set, restricting rename and delete to
owners of a file (in the same way the /tmp directory is usually configured).
Members of the group owner of this directory are the users allowed to create
- usershares. If this parameter is undefined then no user defined
+ usershares. If this parameter is undefined then no user-defined
shares are allowed.
</p><p>
- For example, a valid usershare directory might be /usr/local/samba/lib/usershares,
- set up as follows.
+ For example, on Debian the default usershare directory of
+ /var/lib/samba/usershares is set up as follows.
</p><p>
</p><pre class="programlisting">
- ls -ld /usr/local/samba/lib/usershares/
- drwxrwx--T 2 root power_users 4096 2006-05-05 12:27 /usr/local/samba/lib/usershares/
+ ls -ld /var/lib/samba/usershares/
+ drwxrwx--T 2 root sambashare 4096 2006-05-05 12:27 /var/lib/samba/usershares/
</pre><p>
</p><p>
- In this case, only members of the group "power_users" can create user defined shares.
- </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare path</code></em> = <code class="literal">NULL</code>
+ In this case, only members of the group "sambashare" can create user defined shares.
+ </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>usershare path</code></em> = <code class="literal">/var/lib/samba/usershares</code>
</em></span>
</p></dd><dt><span class="term"><a name="USERSHAREPREFIXALLOWLIST"></a>usershare prefix allow list (G)</span></dt><dd><p>This parameter specifies a list of absolute pathnames
the root of which are allowed to be exported by user defined share definitions.
Index: samba-3.0.28a/docs/htmldocs/manpages/net.8.html
===================================================================
--- samba-3.0.28a.orig/docs/htmldocs/manpages/net.8.html
+++ samba-3.0.28a/docs/htmldocs/manpages/net.8.html
@@ -249,30 +249,10 @@
that use idmap_ldap as a backend. In this case the secret is used
as the password for the user DN used to bind to the ldap server.
</p></div><div class="refsect2" lang="en"><a name="id302073"></a><h3>USERSHARE</h3><p>Starting with version 3.0.23, a Samba server now supports the ability for
-non-root users to add user define shares to be exported using the "net usershare"
+non-root users to add user-defined shares to be exported using the "net usershare"
commands.
</p><p>
-To set this up, first set up your smb.conf by adding to the [global] section :
-
-usershare path = /usr/local/samba/lib/usershares
-
-Next create the directory /usr/local/samba/lib/usershares, change the owner to root and
-set the group owner to the UNIX group who should have the ability to create usershares,
-for example a group called "serverops".
-
-Set the permissions on /usr/local/samba/lib/usershares to 01770.
-
-(Owner and group all access, no access for others, plus the sticky bit,
-which means that a file in that directory can be renamed or deleted only
-by the owner of the file).
-
-Finally, tell smbd how many usershares you will allow by adding to the [global]
-section of smb.conf a line such as :
-
-usershare max shares = 100.
-
-To allow 100 usershare definitions. Now, members of the UNIX group "serverops"
-can create user defined shares on demand using the commands below.
+Members of the UNIX group "sambashare" can create user-defined shares on demand using the commands below.
</p><p>The usershare commands are:
</p><table class="simplelist" border="0" summary="Simple list"><tr><td>net usershare add sharename path [comment] [acl] [guest_ok=[y|n]] - to add or change a user defined share.</td></tr><tr><td>net usershare delete sharename - to delete a user defined share.</td></tr><tr><td>net usershare info [-l|--long] [wildcard sharename] - to print info about a user defined share.</td></tr><tr><td>net usershare list [-l|--long] [wildcard sharename] - to list user defined shares.</td></tr></table><p>
|
