Greetings !!
I use since a long time now the samba server because I have the feeling that the directive path=/shares/%u has no equivalent with nfs.
The problem is the following: there is this god ********** “x” (execute flag) that can not be removed from the file system ^^
Using NFS I have no particular issues concerning the permissions on the target file system shared this way.
But using NFS, I have to specify the different IPs for each client about to connect to their remote user space and I can not simply specify %u to drive the client to the correct folder corresponding to the refered user.
Those IPs are about to be different from classes to classes, in my lab’ we have 192.168.x.x addresses and in other schools and classes I got 10.x.x.x and 172.16.x.x addresses :{
Is there a simple way to get rid from the specific IPs of the users in the idea to connect to their specific share folder using NFS protocol ?
I could set the exports to * but how can I detect the host’s name in order to drive it to the right share (i.e: /server/students/thisuser instead of /server/students/thatuser worse: /server/students) ?
I heard about NIS, IDMAP (using samba), LDAP (for authorization) <-> must say that encryption is not required at all.
Here is the “for now” share configuration of my samba server
[ELEVES]
path = /datas1/serveur/saintmartin/élèves/%u/
read only = No
valid users = @eleves hurukan
hosts allow = 192.168.0.0/16
vfs objects = full_audit
full_audit:failure = connect
full_audit:success = connect disconnect rename unlink rmdir open
full_audit:prefix = %u-%m|%I|%S%R:%a]{%T}
full_audit:facility=LOCAL5
full_audit:priority=notice
full_audit:syslog=true
# NE PAS FAIRE COMME SOUS WINDOWS
** case sensitive = yes
preserve case = no
store dos attributes = no
nt acl support = no
map archive = no
map system = no
map hidden = no
map readonly = no
inherit acls = Yes
acl allow execute always = no**
The “global” settings related to the permissions are here:
# REGLAGES
unix extensions = Yes
#wide links = Yes
follow symlinks = Yes
strict sync = no
sync always = no
mangled names = no
The previous configuration was unix extensions = No and wide links = Yes.
But I do no use wide links anymore but some symbolic links but very rarely on this share point.