Peter Baldwin wrote:
There are five types of groups in ClearOS:
1) Built-in groups - there's just one right now: "allusers"
2) User-defined groups
3) Windows groups
4) App groups (e.g. pptpd_plugin is a group that holds all the users permitted to use the PPTP server)
5) System groups (stuff /etc/groups)
Right now, only the first two types are shown in Flexshare, but all five types could be shown instead (well, I'm not 100% sure about system groups, but certainly the first four). Perhaps we should make this a tunable option?
I have a use case where I create a Samba (flex)share that is owned by the Domain Admins group with RW permissions. If the Domain Admins group isn't available, I can't pull it off, at least not as easily as I can do in 5.2 SP1.
I create the (flex)share, say appsrw
, and then I add (hack) an include to /etc/samba/hack.conf
which defines a new appsro
looks like this:
path = /var/flexshare/shares/appsrw
comment = Apps - read only
browseable = Yes
guest ok = No
directory mask = 775
create mask = 664
valid users = @"%D\domain_users", @"%D\domain_admins"
veto files = /.flexshare*/
This way, I can have a (flex)share which is RO for regular users, and RW for admin users (namely winadmin
) - useful when I have to deploy a new version of a C/S app.
Some Windows Update tweaks were added to squid.conf, but it looks like more could be done. Is it working for you?
I just reviewed /etc/squid/squid.conf
in 6.2b3 and I believe it is fine (I'm not running it in production, just on a VM at home), but the way it's configured now it just means that all clients have access to Windows Update and some (not all) of the files downloaded from WU will be cached - my config goes further.
at just 10 MB means Squid won't cache large update files, like .NET updates. I crank it all the way up to 500 MB so that Windows and Office updates, including Service Packs, will be cached.
Second, the custom refresh_pattern
) lines tell Squid to keep Windows Update files for longer, so that they will always (mostly) be prompty available. When installing a new Windows machine, or simply updating one that was just (re)deployed, this makes a big difference, chiefly when the WAN link is slow. Antivirus updates also benefit from this - Symantec update files are HUGE. Same goes for files from other vendors.
Keep the great work! Regards,