[SOLVED] Help needed with file sharing configuration on GL-AR750S

I would like to have a flash card installed with folders that are available on the LAN but also have a folder (or preferably a partition) that is not available or visible on the LAN. The second folder (partition) would be used for storage of system (backup etc.) files. It would be nice to be able to access the system files using samba, but access using ssh is OK.

From my experimentation so far, it appears that all partitions (mount points) on all attached devices are mounted in the same way (as set in the GUI) at system boot. I can use the luci interface after boot to change the access on each mount point, but these changes are not retained after a reboot.

The best I have been able to do is to create a sub-folder owned by root, and restrict its permissions to only the root user. This folder is visible on the LAN but its contents can not be seen or modified by others. I can only access it using ssh or scp.

Is there a better way to do what I want? I am a Linux user, but this is my first experience with OpenWRT/luci.

You can specify which path you want to share on samba.

Thank you for the link that led me to the configuration file. Part of my problem seems to be that the config is changed on every boot up. I was then able to find the script /etc/hotplug.d/block/50-samba which makes the configuration changes. I am working on that file to get my desired operation. Being able to customize the router operation is a great feature.

It seems that if i put any user in the “Allowed users” field, I can not mount the share. I have created a user on the router to try and restrict access to a mount point. I also can only mount the user’s home folder by checking the Allow guests" box. Is there something I can do to correct this?

Does it work?

Thank you for your suggestion, but it does not work for me. I have found that if I use the option users ’username’ either directly by editing /etc/config/samba or the Luci interface I get an error when I try to mount the share. The error occurs if the option guest_ok is ‘no’ or even ‘yes’. If I set the option guest_ok to ‘yes’ and do not use the option users I can mount the share. I have tried mounting with Apple OSX, Linux, and Android clients. I do not have a MS Windows computer available to use at this time. These same machines can mount user shares on other Linux computers running samba.

I have also found that using the default samba template I can mount the /root folder as a guest when it is not specified as a mount point. I believe this is because the [global] options for "Share home-directories” is checked by default. All that is needed is for the client computer to specify smb://GL-AR750S/root as the mount point and use guest account. The mount is read only. As /root is a known folder, I believe this is an undesirable situation and I have changed guest_ok to ’no’ in the template.

I have also changed the file /etc/hotplug.d/block/50-samba line "uci delete samba.@sambashare[$i]” to “exit” so that existing "config sambashare” sections are not changed if they are mounted when the router is rebooted.

I have edited my reply to correct spell-check errors. Hope it is more understandable.

I forgot to ask if you are able to create and use a mount with a valid user required? If so, how did you create the newuser on the router. The adduser command does not seem to exist so I created the newuser manually. I was able to log in as newuser with his password, and I was able to mount the user /home/newuser folder when specified as a guest only mount point. I could not use the newuser as a valid user to mount any folder, nor could I access his home folder other than with the guest account.


The final change was to modify the Template line:
security = share
security = user

I also found and added the package “shadow-useradd” and used the useradd command to add the desired username and /home/username folder. I had already added the /home folder. Used (as root) “passwd username” to set the shadow password, and “smbpasswd -a username” to add a samba password.

I am not sure if all the above was needed, but I now can mount the username home folder and specify username as a “Valid user” on a share and mount it with the username and password.

Thank you for your help.

1 Like

That’s great! Thank you for letting us know.