Samba and SELinux issue on a Fedora 9 box.
Hi friends,
I have a server on my network running samba and I want this to share /samba/ftp/ on my network as a read write folder. The server is running Fedora 9 with SELinux in enforcing mode. I've allowed all Samba ports through the firewall and changed the permissions of the directories by: chmod o+rw /samba and chmod o+rw /samba/ftp/ However, when I'm trying to connect to this folder through my network by doing ftp://<server-ip> the page shows that it has failed to connect. Also, from Windows Vista machines on my network as well, the connection fails. Other linux systems on the network have the same problems, none can connect. However, from the server, doing ftp://<server_name> shows a directory index which is empty but should not be since I did manually put some files in the folder to ensure that the setup was ok. I've checked the permissions of the folder by writing to it as different non root users and it's ok. I've also labeled the folders to be shared as samba_share_t. Connecting from all the machines on the network fails, while connecting from the server itself using the server name works - but only through firefox. Using the ip address of the server does not work. Here's my smb.conf: Code:
workgroup = WORKGROUP |
Did you check any of your logs for potential clues? (/var/log/messages, /var/log/samba)
|
First step is to rule SELinux out. Try "setenforce 0" and see if you can connect. If you can it's an SELinux issue, it you can't, it's not.
setenforce 1 to turn it back on |
My log.smbd file shows:
Quote:
Quote:
But this does not explain why I'm unable to access the folder. There are no messages about permissions being denied to samba for the folders it wants access to. I tried with SELinux off by setenforce 0 but it still didn't work. Can anyone please tell me whats going on here? PS - Now my windows machines can see the server on the network, but I'm getting SELinux alerts: Code:
Summary: Code:
Summary: |
Can you post the full config?
|
Code:
#======================= Global Settings ===================================== |
Huh? .
|
Yet another AVC Denial:
Code:
|
Can anyone please clarify?
|
Quote:
- You can generate a local policy module to allow this access - You can disable SELinux which is not recommended. * And you should file a bug report against this package. For allowing acces you just follow what's outlined for generating a local policy module. Just try it. If it doesn't work tell us what you did and what happened. |
All times are GMT -5. The time now is 09:10 PM. |