coolgrafix
Registered
Many users wish to be able to collaborate with their fellow users by sharing files hosted on a central workstation or server. With Mac OS X this isn't as easy as it may sound due to multi-user permission safeguards. This HOW-TO shows how to set up a Mac OS X 10.2.3 workstation to have it's Shared folder available to any user in the "staff" group, whether they log into the machine remotely for file sharing or if they log into the machine directly. This HOW-TO assumes that the machine is a new installation and that the Shared folder is empty.
- All users who expect to have access to /Users/Shared/ must be in the "staff" group. They will be members of this group by default if added as OS X users through the GUI.
- /Users/Shared/ must be owned by the group "staff". To make this change, execute the following command from the Terminal:
sudo chgrp staff /Users/Shared
- /Users/Shared/ must have Read and Write access for its group "staff". By default it has "Read only" access for its group. This change must be made from the Terminal. To make this change, execute the following command from the Terminal:
sudo chmod g+w /Users/Shared
- /Users/Shared/ must have the "sticky bit" turned off. To make this change, execute the following command from the Terminal:
sudo chmod u-t /Users/Shared
- Each file by default needs to have group write permissions. This is not the way Mac OS X 10.2.3 ships. To change this default behavior, do the following:
a) You'll need to edit the /etc/rc file by executing the following command from the Terminal:
sudo pico /etc/rc
b) This will bring up the PICO text editor in your Terminal. You may need to provide an administrator password if prompted for one.
c) Next, scroll to the bottom of the file using PICO's built-in shortcut, Control-V. The end of the document will look something like this:
d) You need to add the following command after the line with "export LANGUAGE". Use the arrow keys to move as needed and hit return to insert some lines:Code:# Set language from CDIS.custom - assumes this is parse-able by sh . /var/log/CDIS.custom export LANGUAGE SystemStarter -g ${VerboseFlag} ${SafeBoot} exit 0
umask 002
The resulting file will have an ending similar to this:
It's important to have the "umask" line directly before the "SystemStarter" line.Code:# Set language from CDIS.custom - assumes this is parse-able by sh . /var/log/CDIS.custom export LANGUAGE umask 002 SystemStarter -g ${VerboseFlag} ${SafeBoot} exit 0
e) Now you need to save the file. Hit Control-O to save the file. You'll have to confirm the name by hitting return.
f) Next, hit Control-X to leave the program.
- If you wish to share /Users/Shared with Windows users via SMB/CIFS (Windows file sharing) you'll need to set up /Users/Shared for SMB sharing and also enable group access for that share. To make this change, do the following:
a) You'll need to edit /etc/smb.conf by executing the following command from the Terminal:
sudo pico /etc/smb.conf
b) This will bring up the PICO text editor in your Terminal. You may need to provide an administrator password if prompted for one.
c) Next, scroll to the part of this file that begins with "[global]". It will look something like this:
d) You need to add the following command after the line with "encrypt passwords = yes". Use the arrow keys to move as needed and hit return to insert some lines:Code:[global] client code page = 437 coding system = utf8 guest account = unknown encrypt passwords = yes
create mask = 0774
The resulting change will look similar to this:
e) Next, you need to set up the shared folder itself. Add the following code after the "create mask" line:Code:[global] client code page = 437 coding system = utf8 guest account = unknown encrypt passwords = yes create mask = 0774
[Shared]
writeable = Yes
path = /Users/Shared
guest ok = Yes
The resulting change will look similar to this:
Code:[global] client code page = 437 coding system = utf8 guest account = unknown encrypt passwords = yes create mask = 0774 [Shared] writeable = Yes path = /Users/Shared guest ok = Yes
Note: The name of the Windows share will be "Shared" in this case because that's how we declared it with "[Shared]".
e) Optionally, you could apply a variety of settings at this point to your smb.conf file's [global] section. Here are a few to consider:
Code:veto files = Temporary Items/Desktop */TheFindByContentFolder/\ TheVolumeSettingsFolder/Network */ hide files = /.*/DesktopFolderDB/TrashFor%m/resource.frk/Icon*/ hide dot files = yes workgroup = WORKGROUP netbios name = NETBIOSNAME server string = MyServer
Substitute your own values for WORKGROUP, NETBIOSNAME, and MyServer. Note that the \ character acts as a line continuation. See http://us1.samba.org/samba/docs/man/smb.conf.5.html for complete documentation of these directives.
f) Now you need to save the file. Hit Control-O to save the file. You'll have to confirm the name by hitting return.
g) Next, hit Control-X to leave the program.
h) Enable Windows file sharing (if not already on) in the Sharing preference panel of System Preferences.
- You may wish at this point to set certain users' home directories to be /Users/Shared/ itself, thus preventing confusion when logging in through file sharing.* This can be done from the GUI with the NetInfo Manager utility, found in /Applications/Utilities/. This is not advised, as problems can arise if one of the users logged in at the workstation itself; the users would all be sharing the same home directory, preferences, etc. However, if interested, follow the following steps from NetInfo Manager:
a) If the lock icon is closed, click it and provide an administrator password.
b) You will be presented with a four-paned window: three panes across the top, and across the bottom. In the upper left-most pane, click the slash symbol ("/") if it is not already selected.
c) A list will appear in the upper middle pane. Click the "users" item from this list.
d) A list of users will appear in the upper right-most pane. Select a user to modify by clicking the user's name.
e) A list of properties and values will appear in the bottom pane. Scroll down the list until you see the "home" property. Double-click on home's value, which should be in the form "/Users/username".
f) Change this value to "/Users/Shared", omitting the quotes.
g) Save these changes by hitting Command-S, or choosing Save Changes under the Domain menu at the top of the screen.
h) You will be asked to confirm the modification. Click "Update this copy" to continue.
i) Repeat steps d - h for each user you wish to modify.
j) Click the lock to insure no further changes are made.
* NOTE: A preferred method would be to install a second hard drive, or repartition an existing one, and set up the new drive in a similar manner as /Users/Shared/. In this case, each user would keep their separate home directories. The new volume would appear in their file sharing volume selection screen.
- Restart the machine.[/list=1]
To read up on all this yourself, check out the following links, provided by gatorparrots:
http://forums.osxfaq.com/viewtopic.php?t=3313
http://forums.osxfaq.com/viewtopic.php?t=3338
http://forums.osxfaq.com/viewtopic.php?t=1909
Comments, corrections, and improvements welcomed.
