Samba permission problem (probably)

pingu · 10-31-2005, 08:32 AM

I'm setting up a samba-server, got a strange problem:
Samba-server is FC4, smbusers set up with password.
Problem: I can't export a mounted partition (including subdirs)
The two shares I want are /shares/elever and /shares/larare = partition 7 & 8
Here's what I get trying to mount them:

Code:

root@2[~]# mount -t cifs -o username=larare,passwd=larare 172.16.1.6:/elever /mnt/tf
retrying with upper case share name
mount error 6 = No such device or address

Using konqueror, the shares shows up - but trying to access elever or larare I get (after entering username & password) "file or directory does not exist".
I can share any directory belonging to the root-partition, but not a mount-point for other partitions.

I really believed this should be an easy fix - it can't be uncommon to export a partition - but can't even find one single question about it?? Nor anything in man-pages, O'reilly's, Yahoo...
I guess I'm overlooking something extremely simple...

Here are some facts if needed:

Code:

 Logfile on Samba-server:
[2005/10/28 16:20:35, 0] smbd/service.c:make_connection_snum(615)
  '/shares/elever' does not exist or is not a directory, when connecting to [elever]

 From /etc/fstab:
/dev/ida/c0d0p7         /shares/elever  ext3    auto,users        1 2
/dev/ida/c0d0p8         /shares/larare  ext3    defaults        1 2

 Are they mounted?
[root@ugglan ~]# df
Filsystem             1K-block    AnvÃ€nt TillgÃ€ngl Anv% Monterat pÃ¥
/dev/ida/c0d0p9        5770900   1726524   3985748  31% /
/dev/ida/c0d0p8        9614132     32848   9483612   1% /shares/larare
/dev/ida/c0d0p7        4806920     32840   4725244   1% /shares/elever

 Permissions:
[root@ugglan ~]# ls -l /shares/
totalt 8
drwxr-xr-x  5 larare root 4096  5 okt 13.12 elever
drwxrwx---  6 larare root 4096 31 okt 12.39 larare

 Checking from workstation:
[~]# smbclient -L 172.16.1.6 -U larare
Password:
Domain=[UGGLAN] OS=[Unix] Server=[Samba 3.0.14a-2]

        Sharename       Type      Comment
        ---------       ----      -------
        elever          Disk      Elevuppgifter
        larare          Disk      Lärares A+E
        pchome          Disk      PC Directories
        tmp             Disk      Temporary file space
        IPC$            IPC       IPC Service (Samba Server)
        ADMIN$          IPC       IPC Service (Samba Server)
Domain=[UGGLAN] OS=[Unix] Server=[Samba 3.0.14a-2]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------
        PERSONAL

Finally, smb.conf:

Code:

[global]
	workgroup = personal
	server string = Samba Server
   hosts allow = 172.16.1.1/24 10.0.4.1/23 127.
invalid users = mail, deamon, atd
	log file = /var/log/samba/%m.log
   log file = /var/log/samba/log.smbd
	max log size = 500
	smb passwd file = /etc/samba/smbpasswd
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	interfaces = 172.16.1.0/24 10.0.4.0/23
   local master = no
	dns proxy = no
#======= Share Definitions ==============================
	idmap uid = 16777216-33554431
	idmap gid = 16777216-33554431
	template shell = /bin/false
	winbind use default domain = no
	username map = /etc/samba/smbusers
	guest ok = no
;	guest account = nobody

[elever]
	comment = Elevuppgifter
	path = /shares/elever
	writeable = yes
	browseable = yes
	public = yes
	valid users = elever larare

[larare]
	comment = Lärares A+E
	path = /shares/larare/
	writeable = yes
  	public = yes
	browseable = yes
	valid users = larare 

[pchome]
  comment = PC Directories
  path = /shares/larare/%u
  public = no
  writable = yes

# This one is useful for people to share files
[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes

pingu · 11-01-2005, 02:10 AM

...sigh...
seems I always have very strange problems nowadays.... no answers ...

Well, it's getting more and more weird:
I erased smb.conf and users and started all over again.
Problem is now that I can't access anything: "mount error 13 = permission denied"
Turning on more verbose logging I get:

Code:

  startsmbfilepwent_internal: failed to set 0600 permissions on password file /etc/samba/smbpasswd. Error was Permission denied
  .Unable to open passdb database.
.............
[2005/11/01 09:08:08, 3] auth/auth_sam.c:check_sam_security(257)
  check_sam_security: Couldn't find user 'larare' in passdb.

"Unable to set 0600 permissions.." ???

Code:

[root@ugglan ~]# ls -l /etc/samba/
totalt 84
-rw-r--r--  1 root root   20  2 maj 21.49 lmhosts
-rw-------  1 root root 8192  5 okt 13.18 secrets.tdb
-rw-r--r--  1 root root 8902  1 nov 08.56 smb.conf
-rw-------  1 root root  313  1 nov 08.53 smbpasswd
-rw-r--r--  1 root root  127 28 okt 15.41 smbusers
[root@ugglan ~]# cat /etc/samba/smbpasswd
larare:503:40966753AAD3B435B51406E13FA5CA6269E298A9E229:[U       ]:LCT-43671EF8:
elever:502:7584248B435B51404EEC2ECAAC768C47C729904:[U       ]:LCT-434CD664:

pingu · 11-01-2005, 03:05 AM

HAAAA!!!

It was an "easy" fix!
I only didn't think of SE-Linux, only checked iptables and system-config-security-tui!
Turning off nmbd & smbd in SE-Linux and everything works fine!

crispytwo · 01-26-2010, 01:23 AM

Thank you!

I've been beating my head over this for a few hours now!

If anyone knows, how can we adjust SELinux to have proper settings for Samba? Forcing it to be 'permissive' isn't a the best solution, I would guess.

It didn't occur to me that SELinux would be blocking access to the system for Samba.