Unable to access Samba share on CentOS 5.4 from windows XP or Vista
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Unable to access Samba share on CentOS 5.4 from windows XP or Vista
I can't be the first one with this problem. What am I missing?
I have setup Samba servers in the past, just none under SELinux. The last one I configured was a couple years ago, so I wouldn't doubt I'm a bit rusty.
---- Environment summary:
Clean server install of CentOS 5.4 includes SELinux
- lets call this 'server'
- updated samba to 3.0.33-3.15.el5_4.1
Client1 - Windows XP sp4 - WINS configuration uses 'server' noted above
Client2 - Windows Vista - WINS configuration uses 'server' noted above
---- What works / what doesn't ------
Clients can see the server (XP and vista) in network neighborhood.
The following does not work from windows (xp or vista)
net view
net view \\server
net view \\server-ip
net view \\server\share
This does work on the server
smbclient -L \\server
smbclient -L \\server --user validuser
smbclient -L \\client1 --user validuser
---- What I have configured and tried (config/output below) --------
firewall ports for samba are open
SELinux enforcing or permissive
file context is set on share
samba booleans are set
***firewall
-A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.0.0/24 -m state --state NEW -m tcp -p udp --dport 139 -j ACCEPT
***SELinux mode/booleans
# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: enforcing
Policy version: 21
Policy from config file: targeted
# getsebool -a | grep smb
allow_smbd_anon_write --> off
smbd_disable_trans --> on
# getsebool -a | grep samba
samba_domain_controller --> on
samba_enable_home_dirs --> on
samba_export_all_ro --> off
samba_export_all_rw --> off
samba_share_fusefs --> off
samba_share_nfs --> off
use_samba_home_dirs --> on
virt_use_samba --> off
Sorry forgot that part.
XP is Pro SP4
Vista is Home.
Also as a new note.... I disabled the firewall and can get through now. What rules do I need then to get Samba working? I vaguely remember doing this about 11 years ago. Now if I can only dust off the system which is sitting in my basement with the server running samba, Apache and a router..... Now if I can only remember the root password....
Somewhat on topic. I have noticed errors in the XP pro systems log indicating an error when the CentOS server attempts to become the browse master for the workgroup.
--- names changed to protect the innocent ----
The master browser has received a server announcement from the computer SERVER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AAAABBBB-EEEE-EEEE-. The master browser is stopping or an election is being forced.
Here is an update...
I disabled the firewall and everything started to work. It turns out I added the firewall rules in iptables after the -DENY rule. Once I moved the Samba rules before the DENY rule, everything worked fine. Silly mistake on my part. I know better than that. Thanks for the help.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
