Read-only and read-write Samba user possible ?

  • Hi,
    I use LE as a media server in the house, but I do not want every body in the family being able to delete one of my valuable media, even not by accident. So I have tried to set up samba with one read-only user (maybe "guest") and one read-write user (maybe "root"), but I could not manage.
    It seems that there is no user db in the compilation, guest is mapped to root (uuaahh) an when I activate the login to samba in the LE config user interface, it is exactly the on which is default as "openelec".
    I use the generic 7.90.xxx alphas of LE, everything else works fine. Has anybody managed to do this and can give me some advice??
    /BJ

  • LE is NOT a media server ;) you are better off using a proper distro that has an NFS server (if you are just using LE to play media)


    otherwise when adding sources in kodi you can specify the username/password
    Adding video sources - Official Kodi Wiki


    you might also have to adjust the default smb.conf file to get it to do what you want.

  • Quote


    LE is NOT a media server ;)


    Come-on, LE is so beautiful and the perfect fit, you don't want me to drive OMV in Docker, eh ? :D

    Quote


    otherwise when adding sources in kodi you can specify the username/password


    I am talking about LE as samba server, not as client.

    Quote


    you might also have to adjust the default smb.conf file to get it to do what you want.


    Yes thats my approach!


    I tried everything in the samba.conf, "write list", "read list", and much more. but I came to "passdb backend = smbpasswd" in the samba.conf.sample and do not understand how users are handled in LE. "smbpasswd" can be executed but fails to create new user due to readonly file system and I do not find a samba user db......


    What are the valid build-in samba users that I can use to log in and then link write/read rights to in samba.conf??
    I am confused! Somebody can help me ?


  • I tried everything in the samba.conf, "write list", "read list", and much more. but I came to "passdb backend = smbpasswd" in the samba.conf.sample and do not understand how users are handled in LE. "smbpasswd" can be executed but fails to create new user due to readonly file system and I do not find a samba user db......


    That's because LE is not designed as a multi-user system, plain and simple.



    What are the valid build-in samba users that I can use to log in and then link write/read rights to in samba.conf??
    I am confused! Somebody can help me ?


    If you want more users you'll have to compile LE yourself and change the build system to generate more users at build time.

  • ok, I see..... :( But I don`t give up.


    I searched the passwd and found it in /etc. And it contains some system user like "nobody". I can use all these users to log into the shares. Looks like samba uses the password db ?? Can I configure samba.conf to connect r/o to nobody and r/w to root ?


    Nobody tried that before?

  • @berniejonnie

    I am not active forum user, I registered only to answer you. Sorry so late :)

    My setup is:

    guest access read only - no authentication required

    auth access with write privileges - authentication required. Additionally shares are hidden, so you have to know what you are looking for.


    I set it up in this way, so in case anyone from my family catches ransomware, then files shared via LE are safe.



    .config/samba.conf



    /run/samba/samba.map <- configured via LE GUI

    Code
    nobody = root
    root = admin


    to have write access you have to auth as admin (default username - libreelec)

  • Hi,


    Yeah, didn't look into this for a while, but now that we all have more time :-( I come back to this.....

    In-between I have set up samba.conf so that the media directories can be accessed as guest with read only for alle devices in the house and those directories and including some for storing my backups need to be accessed for r/w as user root. Thats enough for my needs.


    But now I wanted to use the big disks I have in the LE box also for storing my Timemachine backup from the two iMacs I have here....!!

    No way to configure samba with e.g. "vfs objects" options. I think that this is not included in LE ?

    Anyhow I made some tests with Netatalk in a docker container and after some experiments it worked quite nice. Only difficulty was to carefully start and stop the container at boot and shutdown. The easiest way was to use a wrapper like the Linuxserver.io addons use. So I ended up with a nice add-on in a zip-file that handles everything carefully. Very handy now :-))


    /BJ