Клиент CIFS, ведущий себя как root на сервере
У меня есть клиент CIFS с обычным пользователем. У меня есть сервер SAMBA, где единственным пользователем является root. Я хочу, чтобы пользователь в клиентской системе имел доступ к файлам на удаленном сервере от имени пользователя root. Пока я не могу, хотя я использовал такие опции, как «uid», «setuid» и т. Д. Клиент просто видит удаленные файлы как принадлежащие «root», а «Отказано в доступе» - это все, что я получаю.
Сервер, на котором работает OpenELEC , поделился с гостевыми разрешениями, поэтому решение вряд ли повлечет за собой глубокие изменения на сервере. Клиент работает под управлением Ubuntu 14.04.02.
Это файл samba.conf, который, я думаю, имеет приоритет над smb.conf. Я взял его из шаблона и добавил только последний общий ресурс:
###############################################################################
# This file is part of OpenELEC - ...
# Copyright (C) 2009-2014 Stephan Raue (stephan@openelec.tv)
#
# OpenELEC is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# OpenELEC is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with OpenELEC. If not, see <.../licenses/>.
################################################################################
# samba.conf
# This configuration file allows you to customize the samba shares
# available from your machine
[global]
server string = OpenELEC
workgroup = WORKGROUP
netbios name = %h
security = share
guest account = root
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
smb ports = 445
max protocol = SMB2
min receivefile size = 16384
deadtime = 30
os level = 20
mangled names = no
syslog only = yes
syslog = 2
name resolve order = lmhosts wins bcast host
preferred master = auto
domain master = auto
local master = yes
printcap name = /dev/null
load printers = no
browseable = yes
writeable = yes
printable = no
encrypt passwords = true
enable core files = no
passdb backend = smbpasswd
smb encrypt = disabled
use sendfile = yes
# Using the following configurations as a template allows you to add
# writable shares of disks and paths under /storage
[Update]
path = /storage/.update
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/.update
[Videos]
path = /storage/videos
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/videos
[Music]
path = /storage/music
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/music
[TV Shows]
path = /storage/tvshows
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/tvshows
[Recordings]
path = /storage/recordings
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/recordings
[Downloads]
path = /storage/downloads
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/downloads
[Pictures]
path = /storage/pictures
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/pictures
[Emulators]
path = /storage/emulators
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/emulators
[Configfiles]
path = /storage/.config
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/.config
[Userdata]
path = /storage/.kodi/userdata
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/.kodi/userdata
[Screenshots]
path = /storage/screenshots
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/screenshots
[Logfiles]
path = /storage/logfiles
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/logfiles
root preexec = createlog
[Backup]
path = /storage/backup
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/backup
[HDD]
path = /var/media/sda1-ata-ST9320325AS_5VEA
available = yes
browsable = yes
public = yes
writeable = yes
force user = root
force group = root
И это smb.conf, который появляется в файловой системе только для чтения. Опять же, я думаю, что он полностью переопределен:
################################################################################
# This file is part of OpenELEC - ...
# Copyright (C) 2009-2014 Stephan Raue (stephan@openelec.tv)
#
# OpenELEC is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# OpenELEC is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with OpenELEC. If not, see <...>.
################################################################################
# samba.conf
# This configuration file allows you to customize the samba shares
# available from your machine
[global]
server string = OpenELEC
workgroup = WORKGROUP
netbios name = %h
security = share
guest account = root
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
smb ports = 445
max protocol = SMB2
min receivefile size = 16384
deadtime = 30
os level = 20
mangled names = no
syslog only = yes
syslog = 2
name resolve order = lmhosts wins bcast host
preferred master = auto
domain master = auto
local master = yes
printcap name = /dev/null
load printers = no
browseable = yes
writeable = yes
printable = no
encrypt passwords = true
enable core files = no
passdb backend = smbpasswd
smb encrypt = disabled
use sendfile = yes
# Using the following configurations as a template allows you to add
# writable shares of disks and paths under /storage
[Update]
path = /storage/.update
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/.update
[Videos]
path = /storage/videos
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/videos
[Music]
path = /storage/music
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/music
[TV Shows]
path = /storage/tvshows
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/tvshows
[Recordings]
path = /storage/recordings
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/recordings
[Downloads]
path = /storage/downloads
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/downloads
[Pictures]
path = /storage/pictures
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/pictures
[Emulators]
path = /storage/emulators
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/emulators
[Configfiles]
path = /storage/.config
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/.config
[Userdata]
path = /storage/.kodi/userdata
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/.kodi/userdata
[Screenshots]
path = /storage/screenshots
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/screenshots
[Logfiles]
path = /storage/logfiles
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/logfiles
root preexec = createlog
[Backup]
path = /storage/backup
available = yes
browsable = yes
public = yes
writable = yes
root preexec = mkdir -p /storage/backup
Файл журнала почти не существует:
[2015/05/21 09:52:27, 0] /home/stephan/projects/openelec-5.0/build.OpenELEC-RPi.arm-5.0.8/samba-3.6.25/source3/smbd/server.c:1074(smbd_main) запущена версия smbd 3.6.25. Авторские права Эндрю Триджелл и Samba Team 1992-2011
0
задан Opux
27 May 2015 в 05:48
поделиться
1 ответ
Я нашел несколько грязное решение:
- Запускаются, PCManFM
- Перешли к доле кого-то, открывая его
- , Когда я использую другое приложение, которое не знает кого-то, я нахожу, что доля доступна в файловом браузере. Вероятно, это вызвано тем, что это находится в
/run/user/1000/gvfs/
Ужасно, но это сделало задание. Существует, вероятно, более чистое решение, включающее gvfs, который, вероятно, получил бы лучший ответ.
0
ответ дан Zanna
27 May 2015 в 05:48
поделиться