So i have a samba server set up in a thick jail so that i can share files to the network. It is purely only for file sharing.
The problem is that one of the smb clients (Total Commander Windows Share plugin) i use can go up one level in the directory to see names of the other shares and whatever is up that one level. I would prefer if that is not possible.
I thought it might have to do something with directory permissions and ownership, or maybe its something to do with the config but to be honest i dont know. I am still quite new to this so maybe i am doing something wrong.
Here's the directories and their permissions and ownerships
Any help would be appreciated! Thanks.
The problem is that one of the smb clients (Total Commander Windows Share plugin) i use can go up one level in the directory to see names of the other shares and whatever is up that one level. I would prefer if that is not possible.
I thought it might have to do something with directory permissions and ownership, or maybe its something to do with the config but to be honest i dont know. I am still quite new to this so maybe i am doing something wrong.
Here's the directories and their permissions and ownerships
Code:
root@bigtank:~ # jexec -l samba ls -la /srv/share_brfs2 /srv/share_mike /srv/share_oscar /srv/share_movies
/srv/share_brfs2:
total 2
drwxr-xr-x 3 root wheel 3 Mar 5 23:30 .
drwxr-xr-x 6 root wheel 6 Mar 5 20:10 ..
drwxrws--- 3 root smb_group 3 Mar 6 00:52 share
/srv/share_mike:
total 2
drwxr-xr-x 3 root wheel 3 Mar 5 23:39 .
drwxr-xr-x 6 root wheel 6 Mar 5 20:10 ..
drwxrws--- 2 root smb_group_mike 2 Mar 5 20:52 share
/srv/share_movies:
total 26
drwxr-xr-x 3 root wheel 3 Mar 5 23:31 .
drwxr-xr-x 6 root wheel 6 Mar 5 20:10 ..
drwxrws--- 3 root smb_group_movies 3 Mar 6 18:37 share
/srv/share_oscar:
total 10
drwxr-xr-x 3 root wheel 3 Mar 5 23:40 .
drwxr-xr-x 6 root wheel 6 Mar 5 20:10 ..
drwxrws--- 4 root smb_group_oscar 5 Mar 6 18:39 share
Code:
root@bigtank:~ # jexec -l samba cat /usr/local/etc/smb4.conf
[global]
log file = /var/log/samba/%m
log level = 2
server role = standalone server
server min protocol = SMB3_11
server max protocol = SMB3_11
hosts allow = 192.168.1.0/24
hosts deny = 0.0.0.0/0
security = user
smb encrypt = required
server multi channel support = yes
min receivefile size = 16384
use sendfile = yes
strict locking = no
getwd cache = yes
directory name cache size = 2048
guest ok = no
[share_brfs2]
path = /srv/share_brfs2/share
read only = no
valid users = @smb_group
write list = @smb_group
inherit permissions = yes
wide links = no
follow symlinks = yes
hide dot files = yes
[share_oscar]
path = /srv/share_oscar/share
read only = no
valid users = @smb_group_oscar
write list = @smb_group_oscar
inherit permissions = yes
wide links = no
follow symlinks = yes
hide dot files = yes
[share_mike]
path = /srv/share_mike/share
read only = no
valid users = @smb_group_mike
write list = @smb_group_mike
inherit permissions = yes
wide links = no
follow symlinks = yes
hide dot files = yes
[share_movies]
path = /srv/share_movies/share
read only = no
valid users = @smb_group_movies
write list = @smb_group_movies
inherit permissions = yes
wide links = no
follow symlinks = yes
hide dot files = yesAny help would be appreciated! Thanks.
