All my local Linux user accounts will be able to log in to my Samba server and access share. How do I restrict access to particular users or network subnet such as 192.168.2.1/24?
You can use TCP wrappers to limit subnet access via:
- /etc/hosts.allow - This file describes the names of the hosts which are allowed to use the local INET services, as decided by the /usr/sbin/tcpd server.
- /etc/hosts.deny - This file describes the names of the hosts which are NOT allowed to use the local INET services, as decided by the /usr/sbin/tcpd server.
For example, allow access to smbd service inside LAN only via /etc/hosts.allow:
smbd : 192.168.2.
However, samba may or may not be built to support tcp wrappers.
hosts allow: Samba Configuration
Open your smb.conf file and add the following line to [share]
[share] hosts allow = 192.168.2. 127.0.0.1
valid users: Samba Configuration
Open your smb.conf file and add the following line to [share]
[share] valid users = user1 user2 @group1 @group2
read only & write only: Samba Configuration
You can also set read and write access to set of users with the read list and write list directives.
[share]
read only = yes
write list = user1 user2 @group1 @group2
Examples
Make [sales] share read only but allow user tom and jerry to write it:
[sales]
comment = All Printers
path = /nas/fs/sales
read only = yes
write list = tom jerry
You can also configure iptables to allow access to the Samba server.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- My 10 UNIX Command Line Mistakes
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
- Email FAQ to a friend
- Download PDF version
- Printable version
- Comment RSS feed
- Last Updated: 10/16/09



{ 5 comments… read them below or add one }
Hello! Sir,
I have one question. That is “how can I share a specific file or folder in between three or four ubuntu based computer.
plz. help..
Thank you.
Use nfs server and client to share files between Linux / UNIX computers.
Hi!
I do that using acl´s, is that wrong? or not engouraged??
ACL are set on files and directory and not on share names. You can use ACL for controlling and tuning file level access.
HTH
off-topic: how connect to shared folder using IPv6 without DNS Server, I mean connect using the IP.