快捷搜索:  as  test  1111  test aNd 8=8  test++aNd+8=8  as++aNd+8=8  as aNd 8=8

和记娱乐在线官网:用NT的安全对话框来观察和改变Unix权限



Viewing and changing UNIX permissions using the NT security dialogs in Samba

2.0.4

在samba顶用NT的安然对话框来察看和改变UNIX权限。

Jeremy Allison, Samba Team

12th April 1999

Table of Contents

Viewing and changing UNIX permissions using the NT security dialogs

用NT的安然对话框来察看和改变UNIX权限

New in the Samba 2.0.4 release is the ability for Windows NT clients to use their native security settings dialog box to view and modify the underlying UNIX permissions.

这项smba 2.0.4版本提出的新功能可以使NT客户用他们本地的安然设定对话框来察看和修 改根本的UNIX权限。

Note that this ability is careful not to compromise the security of the UNIX host Samba is running on, and still obeys all the file permission rules that a Samba administrator can set.

留意小心应用这项功能不会危及正在运行samba的UNIX主机安然,它仍旧屈服所有的samba 治理员设定的文件权限规则。

In Samba 2.0.4 and above the default value of the parameter "nt acl support" has been changed from "false" to "true", so manipulation of permissions is turne和记娱乐在线官网d on by default.

samba 2.0.4及以上版本已经把"nt acl support"参数的默认值从“false”改成了“true ”,以是说默认环境下权限操作已经被容许了。

How to view file security on a Samba share

若何来察看samba共享文件的安然性

From an NT 4.0 client, single-click with the right mouse button on any file or directory in a Samba mounted drive letter or UNC path. When the menu pops-up, click on the Properties entry at the bottom of the menu. This brings up the normal file properties dialog box, but with Samba 2.0.4 this will have a new tab along the top marked Security. Click on this tab and you will see three buttons, Permissions, Auditing, and Ownership. The Auditing button will cause either an error message "A requested privilege is not held by the client" to appear if the user is not the NT Administrator, or a dialog which is intended to allow an Administrator to add auditing requirements to a file if the user is logged和记娱乐在线官网 on as the NT Administrator. This dialog is non-functional with a Samba share at this time, as the only useful button, the Add button will not currently allow a list of users to be seen.

措施是:NT客户用鼠标右键单击任何位于samba共享设备符或UNC路径上的文件或目录,在 弹出的菜单底部点击“属性”项,这时会呈现通俗文件属性对话框,而samba 2.0.4会在 安然性标记的顶部给出一个新的表项。单击这个表项可以看到三个按钮,Permissions, Auditing, 和 Ownership。点击Auditing按钮,假如用户并不是NT治理员的话将会呈现一 个差错信息:“客户没有足够权限”;假如用户以治理员身份登录的话会呈现一个对话框 容许治理员对文件加入审核信息。此时,对话框中关于samba共享资本的部分将无效,因 为仅有的可用按钮“Add”会不容许查看一份用户列表。

Viewing file ownership

查看文件属主

Clicking on the "Ownership" button brings up a dialog box telling you who owns the given file. The owner name will be of the form :

点击“Ownership”按钮你可以查看给出文件的属主。属主名称以下面的形式列出:

"SERVERuser (Long name)"

Where SERVER is the NetBIOS name of the Samba server, user is the user name of the UNIX user who owns the file, and (Long name) is the discriptive string identifying the user (normally found in the GECOS field of the UNIX password database). Click on the Close button to remove this dialog.

此处的SERVER是samba办事器的NetBIOS名,user是拥有这个文件的UNIX用户名,而(Long name)是用来识别用户的描述字串(平日这部分内容可以在UNIX口令数据库的GECOS字段找 到)。这时在Close按钮上点击可以关闭这个对话框。

If the parameter "nt acl support" is set to "false" then the file owner will be shown as the NT user "Everyone".

假如把"nt acl support"参数设为“false”则文件属主将以NT用户“Everyone”来显示 。

The Take Ownership button will not allow you to change the ownership of this file to yourself (clicking on it will display a dialog box complaining that the user you are currently logged onto the NT client cannot be found). The reason for this is that changing the ownership of a file is a privilaged operation in UNIX, available only to the root user. As clicking on this button causes NT to attempt to change the ownership of a file to the current user logged into the NT client this will not work with Samba at this time.

Take Ownership按钮并不能把文件的属主转变成你自己(在这个按钮上点击的话将显示一 个对话框看护你当前登录的身份并没有找到,也便是和文件属主身份不匹配)。缘故原由是在 UNIX中只有root有权进行改变文件属主的操作。点击这个按钮将使NT考试测验把文件的属主改 成当前登录的用户身份,此时samba并不会进行这样的操作。

There is an NT c和记娱乐在线官网hown command that will work with Samba and allow a user with Administrator privillage connected to a Samba 2.0.4 server as root to change the ownership of files on both a local NTFS filesystem or remote mounted NTFS or Samba drive. This is available as part of the Seclib NT security library written by Jeremy Allison of the Samba Team, available from the main Samba ftp site.

有一个chown敕令可以和samba一路应用应用户可以治理员权限联接到samba 2.0.4并用 root身份改变位于本地NTFS文件系统或可映射的远程NTFS及samba资本设备上的文件属主 。当然这个由samba开拓组成员Jeremy Allison写的Seclib NT安然库部件可以从samba的 主FTP站点得到。

Viewing file or directory permi和记娱乐在线官网ssions

查看文件或目录的权限

The third button is the "Permissions" button. Clicking on this brings up a dialog box that shows both the permissions an和记娱乐在线官网d the UNIX owner of the file or directory. The owner is displayed in the form :

对话框中第三个按钮是“Permissions”按钮。点击它可以显示文件或目录的权限及UNIX 属主。属主的显示形式象下面这样:

"SERVERuser (Long name)"

Where SERVER is the NetBIOS name of the Samba server, user is the user name of the UNIX user who owns the file, and (Long name) is the discriptive string identifying the user (normally found in the GECOS field of the UNIX password database).

此处的SERVER是samba办事器的NetBIOS名,user是拥有这个文件的UNIX用户名,而(Long name)是用来识别用户的描述字串(平日这部分内容可以在UNIX口令数据库的GECOS字段找 到)。

If the parameter "nt acl support" is set to "false" then the file owner will be shown as the NT user "Everyone" and the permissions will be shown as NT "Full Control".

假如把"nt acl support"参数设为“false”则文件属主将以NT用户“Everyone”来显示 ,同时权限将显示NT的“Full Control”。

The permissions field is displayed differently for files and directories, so I'll describe the way file permissions are displayed first.

文件和目录显示的权限字段有些差别。以是我先先容一下文件权限的环境。

File Permissions

文件权限

The standard UNIX user/group/world triple and the correspinding "read", "write", "execute" permissions triples are mapped by Samba into a three element NT ACL with the 'r', 'w', and 'x' bits mapped into the corresponding NT permissions. The UNIX world permissions are mapped into the global NT group Everyone, followed by the list of permissions allowed for UNIX world. The UNIX owner and group permissions are displayed as an NT user icon and an NT local group icon respectively followed by the list of permissions allowed for the UNIX user and group.

UNIX标准的user/group/world三项和“read”,“write”,“execute”三个权限可以由 samba映射到NT存取节制表ACL中响应的“r”,“w”“x”位以对应NT的标准权限项。 UNIX的world权限被映射到NT全局组Everyone以跟接UNIX的world对应的权限列表。UNIX的 owner和group权限在NT平分手以用户图标及本地组图标来显示并跟接UNIX中user和group 对应的权限列表。

As many UNIX permission sets don

免责声明:以上内容源自网络,版权归原作者所有,如有侵犯您的原创版权请告知,我们将尽快删除相关内容。

您可能还会对下面的文章感兴趣: