Pinned Hide Shared Folders that a User can't access (workaround for access based share enum)

    • OMV 2.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Hide Shared Folders that a User can't access (workaround for access based share enum)

      "Well... lately this forum has become support for everything except omv" [...] "And is like someone is banning Google from their browsers"

      Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.

      Upload Logfile via WebGUI/CLI
      #openmediavault on freenode IRC | German & English | GMT+1
      Absolutely no Support via PM!

      I host parts of the Repository, the OpenMediaVault Live Demo and the pre-built PXE Images. If you want you can take part and help covering the costs by having a look at my profile page.
    • Great guide by TechSmurf. This is exactly what I was looking for to not display shares a user cannot access.

      I think I'm about 99% there, but I ran into a snag. The %U variable (as in "include = /etc/samba/.browseable/ShareName.%U.conf") isn't being substituted in properly.

      The variable %U is supposed to substitute in the user's home directory name, but I think the substitution isn't occurring properly. If I manually substitute in the user's name it works correctly and I can see the shares list properly.

      Prior to trying this I had home directories disable. As this relies on home directories I enabled the setting in SMB and then I created a 'homes' shared folder and turned on 'User home directory' and I used 'homes' as the location. I think the home directories are now setup properly, but the %U variable still isn't working.

      I tried turning on log level 10 in the smb.conf file, but it didn't show any errors that I could identify. Does anyone know what setting I'm missing for %U to work correctly?
    • Correction for my statement above:
      %u = Current Unix username
      %U = Requested client username (not always used by Samba)

      Also solved it. It was that my user names started with a capital letter. When I changed them to all lower-case letters it worked perfectly. Although it was tricky viewing this from Windows. To flush settings and view it with different users I had to do the following:
      1) Close any open explorer windows showing the network location.
      2) net use \\OPENMEDIAVAULT /delete
      3) net use \\OPENMEDIAVAULT * /user:reed

      I could then cycle through the accounts and confirm each saw only the shares for which they had permissions.

      I noticed and fixed a small oversight in the original shell script. It would fail because .browseable doesn't initially exist. I made a small modification adding in a check/creation of the directory:

      Source Code

      1. browse_dir=/etc/samba/.browseable
      2. if [ ! -d "$browse_dir" ]; then
      3. mkdir $browse_dir
      4. fi