Provided by: sadms_2.0.15.repack-0ubuntu2_all bug

NAME

       sadms-share - manage shares
              You  will  find below some reference data to help you fine\fB-tune the settings and
              tailor the shared spaces to your needs. Proper permissions are obtained  by  tuning
              both  the  share  level  and  the file system level and it can be very tricky. File
              system permissions are available for changes in the last tab.

              share tutorial

REFERENCE

       from Samba 3 official documentation

       invalid users
              (S)     Specifies a list of users that can connect to a share and that  should  not
              be  allowed  to login to this service. A name starting with a '@' is interpreted as
              an NIS netgroup first (if your system supports NIS), and then as a  UNIX  group  if
              the  name  was  not found in the NIS netgroup database. A name starting with '+' is
              interpreted only by looking in the UNIX group database. A name starting with '&' is
              interpreted  only  by looking in the NIS netgroup database (this requires NIS to be
              working on your system). The characters '+' and '&' may be used at the start of the
              name  in  either  order  so  the value +&group means check the UNIX group database,
              followed by the NIS netgroup database, and the value &+group means  check  the  NIS
              netgroup  database,  followed  by  the  UNIX  group  database  (the same as the '@'
              prefix).  Default: NULL, no invalid users

       valid users
              (S)     Specifies a list of users that can connect to a share and should be allowed
              to  login  to  this  service.   A name starting with a '@' is interpreted as an NIS
              netgroup first (if your system supports NIS), and then as a UNIX group if the  name
              was not found in the NIS netgroup database. A name starting with '+' is interpreted
              only by looking in the UNIX group database. A name starting with '&' is interpreted
              only  by  looking  in the NIS netgroup database (this requires NIS to be working on
              your system). The characters '+' and '&' may be used at the start of  the  name  in
              either  order so the value +&group means check the UNIX group database, followed by
              the NIS netgroup database, and the value  &+group  means  check  the  NIS  netgroup
              database, followed by the UNIX group database (the same as the '@' prefix). If this
              is empty (the default) then any user can login. If a username is in both this  list
              and  the invalid users list then access is denied for that user.  Default: NULL, no
              valid users list (allows everyone, anyone can login)

       guest ok
              If this parameter is set for a service, then no password is required to connect  to
              the service. Privileges will be those of the guest account.

       admin users
              (S)      Specifies a list of users who will be granted administrative privileges on
              the share. They will do all file operations as the super\fB-user (root). You should
              use  this  option  very  carefully,  as  any  user  in this list will be able to do
              anything they like on the share, irrespective of file permissions.  Default:  NULL,
              no admin users.

       force group
              (S)      Specifies  a  UNIX group name that will be assigned as the default primary
              group for all users connecting to  this  service.  This  option,  sometimes  called
              group,  assigns  a  static group ID that will be used on all connections to a share
              after the client has successfully authenticated. This is useful for  sharing  files
              by  ensuring that all access to files on service will use the named group for their
              permissions checking. Thus, by assigning permissions for this group  to  the  files
              and  directories  within this service the Samba administrator can restrict or allow
              sharing of these files. This assigns a specific group to each new file or directory
              created from an SMB client. Allowable values: a Unix group name. Sets the effective
              group name assigned to all users accessing a  share.  Used  to  override  a  user's
              normal  group  memberships.  In  Samba  2.0.5 and above this parameter has extended
              functionality in the following way. If  the  group  name  listed  here  has  a  '+'
              character  prepended  to  it then the current user accessing the share only has the
              primary group default assigned to this group if they  are  already  assigned  as  a
              member  of  that  group. This allows an administrator to decide that only users who
              are already in a particular group will create files with  group  ownership  set  to
              that  group.  This  gives a finer granularity of ownership assignment. For example,
              the setting force group = +sys means that only users who are already in  group  sys
              will  have  their  default  primary group assigned to sys when accessing this Samba
              share. All other users will retain their ordinary primary group. If  the  parameter
              is  also set the group specified in force group will override the primary group set
              in force user.  Default: NULL, no forced group

       force user
              (S)     Specifies a UNIX user name that will be assigned as the  default  user  for
              all  users connecting to this service. This is useful for sharing files. You should
              also use it carefully as using it incorrectly  can  cause  security  problems.  The
              force  user option assigns a static user ID that will be used on all connections to
              a share after the client has successfully authenticated. This user name  only  gets
              used  once  a  connection  is  established. Thus clients still need to connect as a
              valid user and supply a valid password. Once connected, all file operations will be
              performed  as  the  "forced user", no matter what username the client connected as.
              This assigns a specific user to each new file or  directory  created  from  an  SMB
              client.  In  Samba  2.0.5 and above this parameter also causes the primary group of
              the forced user to be used as the primary group for all  file  activity.  Prior  to
              2.0.5  the primary group was left as the primary group of the connecting user (this
              was a bug).  Default: NULL, no forced user

       read list
              (S)     List of users that are given read\fB-only  access  to  a  service.  If  the
              connecting user is in this list then they will not be given write access, no matter
              what the option is set to. The list  can  include  group  names  using  the  syntax
              described in the parameter. Default: read list = <empty string>

       write list
              (S)      List  of  users  that  are given read\fB-write access to a service. If the
              connecting user is in this list then they will be given  write  access,  no  matter
              what  the  option  is  set  to.  The  list can include group names using the @group
              syntax. Note that if a user is in both the read list and the write list  then  they
              will be given write access. Default: write list = <empty string>

       (S) The current servicename is substituted for %S

                                        February 02, 2008                          sadms-share(1)