Created CIFS workgroup (matching Win 10 workgroup name), added 3 users, created 3 subdirs, created 3 shares. Associated user1 to share_1 on subdir1, ....2...2, 3...3
Name: Share SubDir: ShareType Settings apply to
user1 share1 /subdir1 CIFS+FTP Only This Specific Drive
user2 share2 /subdir2 CIFS+FTP Same Partition any USB
user3 share3 /subdir3 CIFS+FTP Only This Specific Drive
Set PC SW firewall to trust the LAN address range. (192.168.1.1 to 192.168.1.20)
Connect to Windows 10 PC, open Windows file explorer, click Network, select computer, I can see all 3 shares. Click on share1, pop-up ask me to login, logged in as user1 and I can r/w all 3 shares share1, share2, and share3 even though subdir2 I set to readonly.
Logout windows, log in again, open file explorer, click Network, select computer, I can see all 3 shares.
Click on share 2, pop-up ask me to login, logged in as user2 and I can again r/w all 3 shares share1,share2, and share3.
Same if I log in as user3. As long as I logged in I can enter into all shares and read/write to all folders. Don't think this is normal
SSH into the router, checked the /etc/samba/smb.conf, the create mask and directory mask is always = 0777 (no matter RO or R/W) and the 3 subdirs /tmp/usb_mount/dev_sda1/subdirX are always root:root
Comparing with setting up Samba server in Linux PC and connected to Win10 client, the directory should be R or W according to the desired setting and user should not be allowed to enter other's share unless the user is the member of the Group (group1=user1,user11) the share allows (read list = @group1, @group2, write list = @group1) , mask should not be 0777 all time.
Hope our expert coders here can help to fix this I will be most grateful. So I can plonk a portable HD to the USB socket and I have a low power NAS (instead of having a FREENAS on another motherboard and PSU, cooling, etc.etc)