LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-04-2008, 01:35 AM   #1
TalkingMarble
Member
 
Registered: May 2008
Location: Deventer, The Netherlands
Distribution: CentOS 5.0
Posts: 50

Rep: Reputation: 17
Samba share permissions


Hello,

I have made a samba share on a linux machine accessable through windows explorer. I can create a file on the samba share, but get an "access denied" when i want to read the created file. Also when i delete the created file on the samba share through windows explorer it seems to be deleted, but when i refresh windows explorer the deleted file still appears as if it has never been deleted. Reading and deleting this created file in a linux shell works as expected, so the problem seems to be the samba permissions.


I am using the following smb.conf file:

[global]
workgroup = DOMAIN
netbios name = servername
realm = FQDN
preferred master = no
server string = Samba file server
security = ADS
excrypt password = yes
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
printcap name = cups
printing = cups
idmap uid = 0-1000000
idmap gid = 0-1000000

[backups]
comment = Backup share
path = /backups
browseable = yes
read only = no
writeable = yes
directory mask = 0770
force directory mode = 0770
create mask = 0660
force security mode = 0660


Linux permissions:
-Directory permissions: 0770
-File permissions: 0660
-umask 022

I changed the linux and samba permissions for both directory/files to 0777 but that didn't solve anything.

I red several threads on this forum and other websites, but i still can't figure it out. Maybe i'm overlooking something, i don't know.

Any help to solve my "little problem" will be appreciated.

TIA
 
Old 07-04-2008, 02:02 AM   #2
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
What are the permissions on /backups?

Do you run SELinux?
 
Old 07-04-2008, 02:15 AM   #3
TalkingMarble
Member
 
Registered: May 2008
Location: Deventer, The Netherlands
Distribution: CentOS 5.0
Posts: 50

Original Poster
Rep: Reputation: 17
The permissions on the /backups directory are 0770.

I'm using Centos 5.0. I don't know if this OS uses SElinux by default. Is there a way i can check this?
 
Old 07-04-2008, 03:13 AM   #4
TalkingMarble
Member
 
Registered: May 2008
Location: Deventer, The Netherlands
Distribution: CentOS 5.0
Posts: 50

Original Poster
Rep: Reputation: 17
After some googling, i checked my system and noticed that SElinux is running. I changed /etc/SElinux/config from enforcing mode to permissive mode and rebooted the system. I'm now able to read/modify and delete the files through windows explorer. So SElinux in enforcing mode is causing the problem.

I will dive into the SElinux documention in order to make some changes to the roles (http://www.engardelinux.org/doc/guid...de/index.shtml).

Thanks for pointing me in the right direction.
 
Old 07-04-2008, 05:51 AM   #5
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
I just disable SELinux for samba with "setsebool -P smbd_disable_trans 1"

Note that from the smb.conf

Quote:
# SELINUX NOTES:
#
# If you want to use the useradd/groupadd family of binaries please run:
# setsebool -P samba_domain_controller on
#
# If you want to share home directories via samba please run:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory you want to share you should mark it as
# "samba-share_t" so that selinux will let you write into it.
# Make sure not to do that on system directories as they may already have
# been marked with othe SELinux labels.
#
# Use ls -ldZ /path to see which context a directory has
#
# Set labels only on directories you created!
# To set a label use the following: chcon -t samba_share_t /path
#
# If you need to share a system created directory you can use one of the
# following (read-only/read-write):
# setsebool -P samba_export_all_ro on
# or
# setsebool -P samba_export_all_rw on
#
# If you want to run scripts (preexec/root prexec/print command/...) please
# put them into the /var/lib/samba/scripts directory so that smbd will be
# allowed to run them.
# Make sure you COPY them and not MOVE them so that the right SELinux context
# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts
#
#--------------
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba Share Help (Permissions) carlosinfl Linux - Server 2 02-08-2008 07:36 AM
samba share permissions irvken Linux - Networking 1 02-08-2008 06:07 AM
samba share permissions keisinger Linux - Enterprise 1 08-13-2006 08:56 AM
Samba share permissions anorman Linux - Software 1 10-22-2005 02:49 AM
Samba Share Permissions stever Linux - Newbie 4 05-17-2003 02:26 AM


All times are GMT -5. The time now is 12:23 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration