Creating a limited user for samba shares

[drr]

I used adduser -d /nonexistent to create a new user for samba shares, and I was prompted to specify a home directory for this user with default suggested as '/nonexistent/<username>'. I chose to proceed with the default and no user home directory was created under '/home' as expected. However, I was able to login as this new user, with its home directory shown as '/nonexistent/<username>'. I am trying to understand if this is the expected behaviour and if '/nonexistent/<username>' is a dummy folder that does not actually exist.

I have limited experience with samba and networking in general, and my intention is to have a dedicated user for samba which does not have any other permissions on the system, other than access to the samba shares as specified in /usr/local/etc/smb4.conf with the password set up using pdbedit. I think I would not want this user to have login permission to the system either. Please advise if I am going about this the right way. Thanks.

 

[cmoerz]

I haven't set up samba in a while - doesn't that offer you the option to choose between different "security" modes? By default, it relies on the local accounts database, so you do need a local user to be able to access a share.

However, you could set the user's shell to /bin/false, though this might break the user for samba?

 

[drr]

doesn't that offer you the option to choose between different "security" modes

I will look into this. thanks. However, I vaguely remember instructions from elsewhere (probably in linux) to set up a local user specifically for samba, without login, home folder, etc. using pw, if I remember correctly. Handbook recommends adduser to create a user.