How to secure Samba share access

prpr

Well-Known Member
Has anyone successfully shared a path with spaces (say, /media/My Music) using the CF Samba?
This is the way things are normally set up on the HDR:
Code:
humax3 ~ # cat /mod/etc/smb-hotplug.conf
# Do not modify this file - it will be overwritten

[My Music]
   comment = My Music
   path = /mnt/hd2/My Music
   public = yes
   writable = yes
   browsable = yes
   create mask = 0644
   directory mask = 0755
   hide dot files = no

etc.
And from a 'doze box:
Code:
>net view \\humax3
Shared resources at \\humax3

Samba HDR-Fox-T2

Share name  Type  Used as  Comment

-----------------------------------------------------
Media       Disk           Media
My Music    Disk           My Music
My Photo    Disk           My Photo
My Video    Disk           My Video
The command completed successfully.
and dir "\\humax3\my video" works as you would expect.

Having said that, I've modified my other boxes to get rid of the space in the share name as I think it is stupid, and it causes other problems with things that don't understand the space.
 

rodp

Member
this is my /mod/etc/smb-hotplug.conf which I've not edited as it says it will be overwritten hence I edited the smb.conf file.

Thanks

Rodp

Code:
# Do not modify this file - it will be overwritten

[My Music]
   comment = My Music
   path = /mnt/hd2/My Music
   public = yes
   writable = yes
   browsable = yes
   create mask = 0644
   directory mask = 0755
   hide dot files = no

[My Photo]
   comment = My Photo
   path = /mnt/hd2/My Photo
   public = yes
   writable = yes
   browsable = yes
   create mask = 0644
   directory mask = 0755
   hide dot files = no

[My Video]
   comment = My Video
   path = /mnt/hd2/My Video
   public = yes
   writable = yes
   browsable = yes
   create mask = 0644
   directory mask = 0755
   hide dot files = no

[drive1]
   comment = drive1
   path = /media/drive1
   public = yes
   writable = yes
   browsable = yes
   create mask = 0644
   directory mask = 0755
   hide dot files = no
 

/df

Well-Known Member
This is the way things are normally set up on the HDR:
...
Having said that, I've modified my other boxes to get rid of the space in the share name as I think it is stupid, and it causes other problems with things that don't understand the space.
The web is full of stuff about spaces in the share name, not so good on spaces in the shared pathname in smb.conf, but your examples show that that isn't @rodp's problem. I wonder what happens with /path/with/final/space or if you accidentally leave white space at the end of the path = directive.
 

/df

Well-Known Member
this is my /mod/etc/smb-hotplug.conf which I've not edited as it says it will be overwritten hence I edited the smb.conf file.
...
I believe that file is meant to be used through an include directive in smb.conf. You could try seeing what happens if you comment out the include.
 

prpr

Well-Known Member
I wonder what happens with /path/with/final/space or if you accidentally leave white space at the end of the path = directive.
Trailing spaces get stripped off both the path name and the share name. Same with leading spaces, as you might expect.
 

prpr

Well-Known Member
I've modified my other boxes to get rid of the space in the share name as I think it is stupid, and it causes other problems with things that don't understand the space.
And for the record, here is the mod:
Diff:
humax# diff /mod/etc/mdev/z9samba~ /mod/etc/mdev/z9samba
--- /mod/etc/mdev/z9samba~
+++ /mod/etc/mdev/z9samba
@@ -12,7 +12,7 @@
 add_entry ()
 {
 cat <<EOD
-[$name]
+[${name// /}]
    comment = $name
    path = $mp
    public = yes
 

xyz321

Well-Known Member
I eventually got this to work by making a patch to the source and making the following changes to smb.conf. It has not been tried with Windows but looks promising.
Code:
Comment out: 'public = yes'
Add: 'valid users = settop'
Without the patch...
Code:
pvr# smbclient //localhost/Media -U settop
added interface ip=10.0.0.5 bcast=10.0.0.255 nmask=255.255.255.0
Password: 
Domain=[HOME] OS=[Unix] Server=[Samba 2.2.12]
tree connect failed: Call returned zero bytes (EOF)
With the patch...
Code:
smbclient //localhost/Media -U settop
added interface ip=10.0.0.5 bcast=10.0.0.255 nmask=255.255.255.0
Password: 
Domain=[HOME] OS=[Unix] Server=[Samba 2.2.12]
smb: \> ls
  .                                   D       0  Sat Jan  1 00:00:16 2000
  ..                                  D       0  Wed Apr 15 18:11:21 2020
  My Photo                            D       0  Sat Sep  2 14:09:39 2017
  My Music                            D       0  Wed Nov 27 20:37:19 2013
  My Video                            D       0  Sat Mar 27 14:05:12 2021
  drive1                              D       0  Sun Sep 24 17:38:29 2017

                62508 blocks of size 1024. 62508 blocks available
I don't have all the patches to the source code for the current release, this would be for @af123 to update.
 
  • Like
Reactions: /df

rodp

Member
Will / could this patch be provided as a package? Will this fix the issue I am seeing or at keast get me abit closer to getting it working?

Thanks

Rodp
 

xyz321

Well-Known Member
I submitted the patch for inclusion around the time of my previous post. It should appear as an updated version of the package but unfortunately some package updates can take a while at the moment.

Once it has been updated you may still have problems with Windows 10 but hopefully they can be overcome.
 
Top