All my local Linux user accounts will be able to log in to my Samba server and access share. How do I restrict access to particular users or network subnet such as 192.168.2.1/24?
You can use TCP wrappers to limit subnet access via:
- /etc/hosts.allow - This file describes the names of the hosts which are allowed to use the local INET services, as decided by the /usr/sbin/tcpd server.
- /etc/hosts.deny - This file describes the names of the hosts which are NOT allowed to use the local INET services, as decided by the /usr/sbin/tcpd server.
For example, allow access to smbd service inside LAN only via /etc/hosts.allow:
smbd : 192.168.2.
However, samba may or may not be built to support tcp wrappers.
hosts allow: Samba Configuration
Open your smb.conf file and add the following line to [share]
[share] hosts allow = 192.168.2. 127.0.0.1
valid users: Samba Configuration
Open your smb.conf file and add the following line to [share]
[share] valid users = user1 user2 @group1 @group2
read only & write only: Samba Configuration
You can also set read and write access to set of users with the read list and write list directives.
[share]
read only = yes
write list = user1 user2 @group1 @group2
Examples
Make [sales] share read only but allow user tom and jerry to write it:
[sales]
comment = All Printers
path = /nas/fs/sales
read only = yes
write list = tom jerry
You can also configure iptables to allow access to the Samba server.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- My 10 UNIX Command Line Mistakes
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Want to read Linux tips and tricks, but don't have time to check our blog everyday? Subscribe to our daily email newsletter to make sure you don't miss a single tip/tricks. Subscribe to our weekly newsletter here!
- Email FAQ to a friend
- Download PDF version
- Printable version
- Comment RSS feed
- Last Updated: 10/16/09
{ 5 comments… read them below or add one }
Hello! Sir,
I have one question. That is “how can I share a specific file or folder in between three or four ubuntu based computer.
plz. help..
Thank you.
Use nfs server and client to share files between Linux / UNIX computers.
Hi!
I do that using acl´s, is that wrong? or not engouraged??
ACL are set on files and directory and not on share names. You can use ACL for controlling and tuning file level access.
HTH
off-topic: how connect to shared folder using IPv6 without DNS Server, I mean connect using the IP.