無心插柳柳橙汁
2005-02-23, 08:04 AM
各位大大好!
小弟的 server OS 跑的是 RH7.3
Samba 版本是2.2.7
client 都是 windows XP pro sp2
global 端 security 設為 share
除了 Public 以外,還有個分享資源設為:
===========================================
[Tony]
comment = Tony Only
path = /home/tony/Tony
read only = no
valid users = tony
browsable = no
create mask = 0777
===========================================
也就是說,只有 tony 這個使用者可以用 smbpassword 登入並取得所有權限,運作也沒有問題
只是...
當 tony 到任何一部電腦登入 \\server name\Tony 後,關閉網芳視窗再開啟一次,還是可以看到資料...
也就是說,除非登出 windows 或關機重開,否則別人可以不需要 tony 的密碼就能取得 tony 的資料
後來看了一下 man smb.conf ,有這樣一個參數:
===========================================
deadtime (G)
The value of the parameter (a decimal integer) represents the number of minutes of inactivity before a connection is considered dead, and it is disconnected. The deadtime only takes effect if the number of open files is zero.
This is useful to stop a server's resources being exhausted by a large number of inactive connections.
Most clients have an auto-reconnect feature when a connection is broken so in most cases this parameter should be transparent to users.
Using this parameter with a timeout of a few minutes is recommended for most systems.
A deadtime of zero indicates that no auto-disconnection should be performed.
Default: deadtime = 0
Example: deadtime = 15
===========================================
於是就在 global 端設定
deadtime = 3
怎奈...沒起任何作用(關掉網芳視窗,且沒開啟任何檔案),3分鐘後照樣可以自由進出存取檔案...
唯一有效果的,是用 netstat -na 看連線時,3分鐘後這個 port139 的連線會成為 time wait 然後斷掉
小弟在想...
1. 會不會是 security 不可以為 share 呢?
2. 有沒有可能是 windows 端的問題?
3. 還是小弟根本搞錯參數,還有別的參數可以達成?
有勞各位大大給個提示!謝謝!
小弟的 server OS 跑的是 RH7.3
Samba 版本是2.2.7
client 都是 windows XP pro sp2
global 端 security 設為 share
除了 Public 以外,還有個分享資源設為:
===========================================
[Tony]
comment = Tony Only
path = /home/tony/Tony
read only = no
valid users = tony
browsable = no
create mask = 0777
===========================================
也就是說,只有 tony 這個使用者可以用 smbpassword 登入並取得所有權限,運作也沒有問題
只是...
當 tony 到任何一部電腦登入 \\server name\Tony 後,關閉網芳視窗再開啟一次,還是可以看到資料...
也就是說,除非登出 windows 或關機重開,否則別人可以不需要 tony 的密碼就能取得 tony 的資料
後來看了一下 man smb.conf ,有這樣一個參數:
===========================================
deadtime (G)
The value of the parameter (a decimal integer) represents the number of minutes of inactivity before a connection is considered dead, and it is disconnected. The deadtime only takes effect if the number of open files is zero.
This is useful to stop a server's resources being exhausted by a large number of inactive connections.
Most clients have an auto-reconnect feature when a connection is broken so in most cases this parameter should be transparent to users.
Using this parameter with a timeout of a few minutes is recommended for most systems.
A deadtime of zero indicates that no auto-disconnection should be performed.
Default: deadtime = 0
Example: deadtime = 15
===========================================
於是就在 global 端設定
deadtime = 3
怎奈...沒起任何作用(關掉網芳視窗,且沒開啟任何檔案),3分鐘後照樣可以自由進出存取檔案...
唯一有效果的,是用 netstat -na 看連線時,3分鐘後這個 port139 的連線會成為 time wait 然後斷掉
小弟在想...
1. 會不會是 security 不可以為 share 呢?
2. 有沒有可能是 windows 端的問題?
3. 還是小弟根本搞錯參數,還有別的參數可以達成?
有勞各位大大給個提示!謝謝!