Hello, I need a n00b-proof way to ssh into my book live 1tb to change permissions in order to allow a IP camera to record to the NAS via Samba.
I have already understood how to enable ssh, after loging in to the dash, changing the address to http://mybooklive/UI/ssh with credentials root/welc0me…
Then I assume putty would be the way to do it, but can you. lease, provide the script line to give a specific user the concrete 766 rights to all of mybook live or a specific directory?
I see you’re trying to crack a peanut with a pneumatic hammer!
Just create a user, assign the new user a password and define a network share on the NAS. Tell the IP camera to store it’s stuff to that network share. From what you’ve written there no need to do anything directly on the Linux OS within the NAS.
I have naturally tried to do this several ways: creating a share for each camera and let each cam record into the root folder of the given share, into a subfolder created i the share, but all I get are folders of a given date, containing folders od a given hour, which are empty, and zero sized .3gp files in the root folder, (where the date folders are). test .txt had been succesfully sent on the mount of the NAS from IP camera also to the root folder.This happened only when I let the cameras record with the default admin provileges. as soon as i tried to mount the NAS with another accout, I got errors all the time.
vivoteks tech support:
That’s because SAMBA permission of the WD NAS server is 666, ourcamera can’t support such NAS and write file to the server. Currently IP7330 only supports NAS server which has SAMBA permission(766).
WD techsupport:
You will have to edit the permissions through SSH. We currently to do support editing through SSH into any WD NAS drive…
so thats what brought me here in the first place… I already read a little about rights, but its not easy to get (prefferably) a step by step guide… so lets try and error
create mask (S)
When a file is created, the necessary permissions are calculated according to the mapping from DOS modes to UNIX permissions, and the resulting UNIX mode is then bit-wise 'AND'ed with this parameter. This parameter may be thought of as a bit-wise MASK for the UNIX modes of a file. Any bit not set here will be removed from the modes set on a file when it is created.
The default value of this parameter removes the 'group' and 'other' write and execute bits from the UNIX modes.
Following this Samba will bit-wise 'OR' the UNIX mode created from this parameter with the value of the force create mode parameter which is set to 000 by default.
This parameter does not affect directory modes. See the parameter directory mode for details.
Note that this parameter does not apply to permissions set by Windows NT/2000 ACL editors. If the administrator wishes to enforce a mask on access control lists also, they need to set the security mask.
Default: create mask = 0744
Example: create mask = 0775
… and …
force create mode (S)
This parameter specifies a set of UNIX mode bit permissions that will always be set on a file created by Samba. This is done by bitwise 'OR'ing these bits onto the mode bits of a file that is being created or having its permissions changed. The default for this parameter is (in octal) 000. The modes in this parameter are bitwise 'OR'ed onto the file mode after the mask set in the create mask parameter is applied.
The example below would force all created files to have read and execute permissions set for 'group' and 'other' as well as the read/write/execute bits set for the 'user'.
Default: force create mode = 000
Example: force create mode = 0755
force directory mode (S)
This parameter specifies a set of UNIX mode bit permissions that will always be set on a directory created by Samba. This is done by bitwise 'OR'ing these bits onto the mode bits of a directory that is being created. The default for this parameter is (in octal) 0000 which will not add any extra permission bits to a created directory. This operation is done after the mode mask in the parameter directory mask is applied.
The example below would force all created directories to have read and execute permissions set for 'group' and 'other' as well as the read/write/execute bits set for the 'user'.
Default: force directory mode = 000
Example: force directory mode = 0755
force directory security mode (S)
This parameter controls what UNIX permission bits can be modified when a Windows NT client is manipulating the UNIX permission on a directory using the native NT security dialog box.
This parameter is applied as a mask (OR'ed with) to the changed permission bits, thus forcing any bits in this mask that the user may have modified to be on. Essentially, one bits in this mask may be treated as a set of bits that, when modifying security on a directory, the user has always set to be 'on'.
If not set explicitly this parameter is 000, which allows a user to modify all the user/group/world permissions on a directory without restrictions.
Note
Users who can access the Samba server through other means can easily bypass this restriction, so it is primarily useful for standalone "appliance" systems. Administrators of most normal systems will probably want to leave it set as 0000.
Default: force directory security mode = 0
Example: force directory security mode = 700
The samba configuration can be found in /etc/samba. In the configuration file, called smb.conf, I see the lines:
“create mask = 0664” and “directory mask = 0775”. I think you just want to change the numbers to 0766.
If you like, you could instead do “chmod -R 0766 /shares” but it isn’t as sensible a solution as changing the samba setting. For one thing, changing the configuration file is likely to be permanent, whereas chmod… wont be.
