You are not logged in.
I follow the instruction in ArchWiki.
[global]
security = user
map to guest = bad user
guest account = guest
[guest]
comment = guest
path = /home/<my_user_name>/<the_directory>
public = yes
only guest = yes
writable = yes
printable = no
[my_personal_stuff]
path = /home/<my_user_name>/<other_directory>
writable = yes
browseable = yes
create mask = 0664
directory mask = 2775
force create mode = 0664
force directory mode = 2775I still can't access to that directory with anonymous, I have to log in to be able to see the files inside.
It's hard to hide my porns while trying to share videos with my family.
Last edited by laichiaheng (2022-05-10 09:37:48)
Offline
Do you have an actual Linux user named "guest", and does that user have file system access to /home/<my_user_name>/<the_directory>?
When you log in anonymously, are you using an invalid username or the actual guest password (which is set separately from the Linux guest user password, unless you also specify unix password sync = yes)?
It may be better to use map to guest = bad password instead, so you can lock the password of the guest account with
$ sudo passwd -l guestThat way, you'll always use a bad password and be mapped to guest. The security implications are that anybody trying to gain access as any user with a wrong password, will get access as guest (which they easily can, anyway), and also that it may be confusing for you, in the sense that you'll get unsuspected problems if you are unaware that you used a wrong password on your normal account (e.g. no porn
).
Last edited by Ferdinand (2022-05-10 12:06:29)
Offline
Do you have an actual Linux user named "guest", and does that user have file system access to /home/<my_user_name>/<the_directory>?
When you log in anonymously, are you using an invalid username or the actual guest password (which is set separately from the Linux guest user password, unless you also specify unix password sync = yes)?
It may be better to use map to guest = bad password instead, so you can lock the password of the guest account with
$ sudo passwd -l guestThat way, you'll always use a bad password and be mapped to guest. The security implications are that anybody trying to gain access as any user with a wrong password, will get access as guest (which they easily can, anyway), and also that it may be confusing for you, in the sense that you'll get unsuspected problems if you are unaware that you used a wrong password on your normal account (e.g. no porn
).
I followed ArchWiki to create a nologin user
useradd guest -s /bin/nologinHow to make it able to access to my home directory?
Last edited by laichiaheng (2022-05-10 15:34:08)
Offline
"Not" - use a bind mount.
Offline
Ah, yes - that sounds like a clean and unmessy way of doing it - but the permissions issue doesn't change?
The guest user still needs permissions to read the files, either through group membership, or the files must be readable by all?
https://man.archlinux.org/man/mount.8#B … _operation
https://wiki.archlinux.org/title/File_p … attributes
Edit: Uhm.. I think I was a bit quick; if you bind mount through fstab to sumewhere guest have access it should work. I'll learn soon enough I guess ![]()
Last edited by Ferdinand (2022-05-10 16:29:46)
Offline
The bind mount will inherit the permissions of the bound directory.
You however avoid having to opening the traversal route (ie. make $HOME executable for everyone or at least a group including the guest user) what means you'll have to maintain all the permissions from that node on instead of shielding your $HOME at its root.
(And since irrc the default umask is still 022, you'll probably have world-wide read access on ~/MyFiles/.totallynotporn)
Offline