Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have made a samba share on a linux machine accessable through windows explorer. I can create a file on the samba share, but get an "access denied" when i want to read the created file. Also when i delete the created file on the samba share through windows explorer it seems to be deleted, but when i refresh windows explorer the deleted file still appears as if it has never been deleted. Reading and deleting this created file in a linux shell works as expected, so the problem seems to be the samba permissions.
I am using the following smb.conf file:
[global]
workgroup = DOMAIN
netbios name = servername
realm = FQDN
preferred master = no
server string = Samba file server
security = ADS
excrypt password = yes
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
printcap name = cups
printing = cups
idmap uid = 0-1000000
idmap gid = 0-1000000
[backups]
comment = Backup share
path = /backups
browseable = yes
read only = no
writeable = yes
directory mask = 0770
force directory mode = 0770
create mask = 0660
force security mode = 0660
Linux permissions:
-Directory permissions: 0770
-File permissions: 0660
-umask 022
I changed the linux and samba permissions for both directory/files to 0777 but that didn't solve anything.
I red several threads on this forum and other websites, but i still can't figure it out. Maybe i'm overlooking something, i don't know.
Any help to solve my "little problem" will be appreciated.
After some googling, i checked my system and noticed that SElinux is running. I changed /etc/SElinux/config from enforcing mode to permissive mode and rebooted the system. I'm now able to read/modify and delete the files through windows explorer. So SElinux in enforcing mode is causing the problem.
I just disable SELinux for samba with "setsebool -P smbd_disable_trans 1"
Note that from the smb.conf
Quote:
# SELINUX NOTES:
#
# If you want to use the useradd/groupadd family of binaries please run:
# setsebool -P samba_domain_controller on
#
# If you want to share home directories via samba please run:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory you want to share you should mark it as
# "samba-share_t" so that selinux will let you write into it.
# Make sure not to do that on system directories as they may already have
# been marked with othe SELinux labels.
#
# Use ls -ldZ /path to see which context a directory has
#
# Set labels only on directories you created!
# To set a label use the following: chcon -t samba_share_t /path
#
# If you need to share a system created directory you can use one of the
# following (read-only/read-write):
# setsebool -P samba_export_all_ro on
# or
# setsebool -P samba_export_all_rw on
#
# If you want to run scripts (preexec/root prexec/print command/...) please
# put them into the /var/lib/samba/scripts directory so that smbd will be
# allowed to run them.
# Make sure you COPY them and not MOVE them so that the right SELinux context
# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts
#
#--------------
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.