Authorised write & anonymous read on cifs & nfs shares

[duckman]

Hi, newbie here.

I have done a bit of searching, but can't quite find out what I'm after (if I've missed it, a link would be great thanks).

I have freenas 8.03 32bit, freshly installed.
A ZFS volume called "Data" which is at /mnt/Data
A dataset called "Music" on Data
A dataset called "Photos" also on Data
A dataset called "Scratch" also on Data

I haven't changed any permissions or added any users or anything.

What I want to do is to allow my wife & I full access to a share called "Music" which points to the Music dataset. We have a laptop each, both running linux.
I also want anonymous read only access to that share (so I can point a "media player" at the cifs share)
I want to share it via both CIFS and also NFS, exact same permissions whichever method I use to connect.

With Photos, I just want full access to auth'd users, no anonymous at all.

With Scratch, I want to allow anonymous read & write (basically no restrictions, a dumping ground).

I'm not sure how to proceed though - Ideally I'd like only one username/password for both me and the wife (ie we'd connect via cifs/nfs using one shared username/password).

So: Create a freenas user with a password? Change ownership of Music folder to him, what other permissions should I give (to allow anonymous read)?
How would I configure the CIFS and NFS shares to allow authenticated read/write and also anonymous read?
Or, should I create a user for both me and the wife, and create a group for them both?
How do I make sure files I later create on the shares 9as an auth'd user) are still readable to anonymous access?

Thank you in advance!

 

[duckman]

So, replying to my own post:

I created a user (pingu) and a group (igloo).
user pingu's main group is igloo

I made the owner of "Music" pingu and the group of Music igloo. Permissions on Music are owner rwx, group rwx, other rx

I shared Music via cifs:
inherit owner: yes
inherit permissions: yes
browseable: yes
guest account: nobody
allow guest: yes
guest only: no

If I browse to smb://nas/Music (KDE, dolphin) I am allowed in with no authorisation dialogue & I can see everything in there. I can't delete or create or edit

If I disable allow guest on the share, I get asked for a username/password (pingu), and I am then allowed to write to the share.
On the client machine, the files show up as owned by me (james) and group users
On the freenas via console, the owner & group of the file I created are pingu & igloo (as expected & wanted).

Can the two coexist? How do I force my client to connect as user pingu, and not use the default anonymous/guest access?

Further, I added two users (james & wife) and a group (common). james & wife have their primary group as common
changed owner of "Music" to root and group to common, permissions: owner rwx, group rwx, others rx
Changed the share to not allow anonymous access.
Visited smb://nas/Music & got asked for a username password. Provided user james & the password, and got access denied. Is this because the share has inherit owner & permissions set on it?

Sorry :( I'm familiar with unix permissions and such, but not really clued up on how those permissions affect cifs shares...

 

[duckman]

I followed the howto guide (http://forums.freenas.org/showthrea...ommon-folder-amp-have-private-personal-folder)

This seems to work fine, except for one thing: If I enable anonymous access I can't access the share from the client as anything other than anonymous - I can't get it to authenticate. Without anonymous access it's all fine (requires username & pass).

eg: smb://james@nas/Music I would expect to be asked for james's password but I am not. I get anonymous access instead.

Is this fixable?