SOLVED Prevent a user from seeing a directory in a smb share

Status
Not open for further replies.
N

NasKar

Guru
Joined
Jan 8, 2016
Messages
739
I trying to prevent user1 from being able to see /parent/dir1 on a macbook. The smb share is for the /parent directory and the dataset parent is unix type. I want other users to still be able to browse the parent directory and subdirectories. I've changed the permissions on dir1 to 750 and that prevents opening the contents of the directory but I don't want them to see it. Can this be done with an ACL? If so please help me with the command. I've put user1 in the hosts deny in the smb advanced section without any benefit. Thanks.
 
Last edited:
N

NasKar

Guru
Joined
Jan 8, 2016
Messages
739
m0nkey_ said:
You probably want to to check out my Samba video's.
Click to expand...
Already watched it but will rewatch it in case I missed the solution the first time.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
You should set share permissions type to "windows", enable the zfsacl VFS module, set permissions like @m0nkey_ stated, then remove the 'read attributes' permission for the user from the directory in question.
 
N

NasKar

Guru
Joined
Jan 8, 2016
Messages
739
anodos said:
You should set share permissions type to "windows", enable the zfsacl VFS module, set permissions like @m0nkey_ stated, then remove the 'read attributes' permission for the user from the directory in question.
Click to expand...

I have the parent dataset set to windows permission type, zfsacl VFS module is enabled by default and have a user and user1 connected to a group called parent.
To remove the read attributes for the user1 from dir1
Code:
setfacl -m user:user1: dir1/
setfacl: dir1/: branding mismatch; existing ACL is NFSv4, entry to be merged is POSIX.1e

Do I have the command correct to remove read attributes for user1?
Is the error caused by the parent dir being setup as windows type permissions but the subdir of dir1 is not?
 
N

NasKar

Guru
Joined
Jan 8, 2016
Messages
739
In windows explorer I went to the security tab for the properties of dir1 and added user1 to the list. Set the user1 properties to deny all. It seems to work. Thanks
 
Status
Not open for further replies.

Similar threads

xtracold
  • Locked
CIFS user home directory access
Replies
4
Views
4K
xtracold
xtracold
onthax
  • Locked
Unable to browse a symlink over SMB
Replies
4
Views
2K
onthax
onthax
Sycobob
CIFS/SMB home share not creating user directories
Replies
15
Views
4K
Sycobob
Sycobob
S
  • Locked
mounting NFS share with the same UID and GID from a user on the client, not the user from the NAS?
Replies
8
Views
10K
grep137
G
A
  • Locked
Preventing other users from seeing directory listings
Replies
3
Views
3K
anodos
anodos
Top