Re: GNOME-Samba interface
- From: Derek Simkowiak <dereks kd-dev com>
- To: Joe Shaw <joe off net>
- cc: Miguel de Icaza <miguel gnu org>, gnome-devel-list gnome org
- Subject: Re: GNOME-Samba interface
- Date: Sun, 27 Jun 1999 15:22:00 -0700 (PDT)
> 2) As I said before, Samba must be restarted. Until I can snag a
> Debian CD, I don't have any modern distributions to test this on other
> than Red Hat. The concern is how to restart Samba that will be happy for
> all distributions and even other UNIX flavors. Probably the easiest way
> around this is a configuration option, no? Again, it's a root problem (at
> least on Red Hat) because although /etc/rc.d/init.d/smb is world
> executeable, a regular user can't successfully execute a 'smb restart'.
Well, the more distribution-independent way would be avoid the use
of init scripts altogether and launch smbd with your own script. Then it
boils down to looking for smbd in the right places (to launch it), and
issuing a "killall smbd" to kill it.
One thing to consider: Will you also need to kill/restart nmbd for
any of the changes your program will allow the user to make?
Also, are you sure Samba must be restarted? From the Samba man
page:
-------------------------------------------------------------
The configuration file, and any files that it includes, are automatically
reloaded every minute, if they change. You can force a reload by sending a
SIGHUP to the server. Reloading the configuration file will not affect
connec- tions to any service that is already established. Either the user
will have to disconnect from the service, or smbd killed and restarted.
-------------------------------------------------------------
...so for things like adding a share, you can just send a sighup
to the server (or wait up to one minute :).
For but things like removing a share, I guess you might need to
actually restart the server to break any existing connections to that
share...Hmm.
> 3) The smb.conf file uses a similar configuration to the gnome-config
> module, only it is much less strict. It allows spaces just about anywhere
> and allows # and ; to show comments. I tried loading one into the
> gnome-config and it just quit when it came across a comment. Fortunately,
> smb.conf has an include statement so that other files can be loaded right
> in. While it would be okay for non-root users to edit a config file to be
> included in smb.conf, smb.conf itself cannot be edited by anyone except
> root, so it is not possible to change "profiles" if you are not root. And
> again, it takes root perms to force these changes into effect.
Here's a quick (disorganized) braindump:
1) Allowing a regular user to "share" a directory, ANY directory (whether
its their own or not) is a serious security risk. A cracker could
theoretically get full access to your filesystem if things are set up
improperly in your smb.conf, so allowing normal users to mess with it is
a no-no.
2) Because of (1), any user who wants to share a directory should have the
root password.
3) Because of (2), your Samba interface should probably just have a popup
dialog that says "Please enter the root password:" every time a user goes
to share a directory. It's only a minor inconvenience (you'd only have to
do it the first time you share/remove a share from the smb.conf file) and
gets around that whole root-user problem.
4) An additional feature I'd like to see in your Gnome/Samba interface is
the use of smbclient to offer "Browsing". That is, I'd like to have a
"SMB Network Neighborhood" icon that shows other SMB systems on my
network, and when I click on a system, I get a list of shares/shared
printers that I can then mount somewhere... I think this is as important
as the ability to export shares.
--Derek
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
