Jump to content

Per User Permissions Arch Linux

archiso
 Share
Posted

I have setup a home NAS using Samba and want to know if I can have per user permissions for the files in the folder. I'm using Arch Linux and the drive for the NAS is formatted with ext4.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Sure, filesystem permissions are still valid beneath samba.

If you give 2 users access to the samba share, but one of those doesn't have the permissions to the underlying files/folders they won't be able to access them. 

F@H
Desktop: i9-13900K, ASUS Z790-E, 64GB DDR5-6000 CL36, RTX3080, 2TB MP600 Pro XT, 2TB SX8200Pro, 2x16TB Ironwolf RAID0, Corsair HX1200, Antec Vortex 360 AIO, Thermaltake Versa H25 TG, Samsung 4K curved 49" TV, 23" secondary, Mountain Everest Max

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB SX8200Pro RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

 

Asus Zenbook UM325UA, Ryzen 7 5700u, 16GB, 1TB, OLED

 

GPD Win 2

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Kilrah said:

Sure, filesystem permissions are still valid beneath samba.

If you give 2 users access to the samba share, but one of those doesn't have the permissions to the underlying files/folders they won't be able to access them. 

How can you give users different permissions?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

With chown/chmod, and as usual you're limited to working with groups when you want to give different permission sets.

 

You can set the owner of a folder/file to be a given group, and whoever needs to be able to access that is added to the group.

F@H
Desktop: i9-13900K, ASUS Z790-E, 64GB DDR5-6000 CL36, RTX3080, 2TB MP600 Pro XT, 2TB SX8200Pro, 2x16TB Ironwolf RAID0, Corsair HX1200, Antec Vortex 360 AIO, Thermaltake Versa H25 TG, Samsung 4K curved 49" TV, 23" secondary, Mountain Everest Max

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB SX8200Pro RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

 

Asus Zenbook UM325UA, Ryzen 7 5700u, 16GB, 1TB, OLED

 

GPD Win 2

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Kilrah said:

With chown/chmod, and as usual you're limited to working with groups when you want to give different permission sets.

 

You can set the owner of a folder/file to be a given group, and whoever needs to be able to access that is added to the group.

Oh yeah.

I forgot about setting the owner of a file... 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

@KilrahOne more thing , can I have it so that files that a user doesn't have write perms to they can't see it, right now one user has no perms to a dir but they can see it in the dir tree.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

If a directory doesn't have the execute perm for the user then they can't list it, but AFAIK you can't hide specific files in a directory a user can list or the existence of the directory itself at the parent level. 

F@H
Desktop: i9-13900K, ASUS Z790-E, 64GB DDR5-6000 CL36, RTX3080, 2TB MP600 Pro XT, 2TB SX8200Pro, 2x16TB Ironwolf RAID0, Corsair HX1200, Antec Vortex 360 AIO, Thermaltake Versa H25 TG, Samsung 4K curved 49" TV, 23" secondary, Mountain Everest Max

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB SX8200Pro RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

 

Asus Zenbook UM325UA, Ryzen 7 5700u, 16GB, 1TB, OLED

 

GPD Win 2

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
28 minutes ago, Kilrah said:

If a directory doesn't have the execute perm for the user then they can't list it, but AFAIK you can't hide specific files in a directory a user can list or the existence of the directory itself at the parent level. 

ok. It's just that when I was using truenas dirs without read perms were not seen in the dir list.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It's very likely you can configure samba to do it at this level but that goes beyond my knowledge about it, best to check the doc. Seems ACLs might help.

F@H
Desktop: i9-13900K, ASUS Z790-E, 64GB DDR5-6000 CL36, RTX3080, 2TB MP600 Pro XT, 2TB SX8200Pro, 2x16TB Ironwolf RAID0, Corsair HX1200, Antec Vortex 360 AIO, Thermaltake Versa H25 TG, Samsung 4K curved 49" TV, 23" secondary, Mountain Everest Max

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB SX8200Pro RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

 

Asus Zenbook UM325UA, Ryzen 7 5700u, 16GB, 1TB, OLED

 

GPD Win 2

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Linux, macOS and Everything Not-Windows

×