problem accessing samba shared folders

Hi Experts,

I have a fedora core3 machine as my dns and database host.
The Database is hosted on mysql.  the following folders are shared on the linux box so we could access them from the windows and add them for our tape and remote backup systems.
to show the more clear picture i have uploaded the samba configuration file to assist about the problem.

on my windows machine i type
\\webserver and press enter
it shows me the two shared folders ( www & mysql) and shared printers.
when i double click to go into the shared folder i can go from one machine which was setup by the guy who created this linux box. and it doesn't ask for any password.
but once i try the same this \\webserver it shows me the same folders but when i double click the folder to explore it always shows guest into user name which is always blank and prompts me for the password only. but strangley on his old machine when i try to login it does login without even asking user name and password.

could you please help me out to solve this problem.


[root@webserver samba]# cat smb.conf
#======================= Global Settings =====================================
[global]
        max log size = 1
        username map = /etc/samba/smbusers
        server string = Linux Web server
        smb passwd file = /etc/samba/smbpasswd
        log file = /var/log/samba/%m.log
        workgroup = impex
        interfaces = eth0 lo
        browseable = yes
        os level = 20
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        guest account = bilal
        password level = 20
        winbind enable local accounts = no
        write list = bilal
        security = share
        load printers = no
        allow hosts = 192.168.0. 127.0.0.1
 
[mysql]
        comment = To take backup of database
        path = /var/lib/mysql
        browseable = yes
        valid users = alig
;       guest ok = yes
[www]
        comment = all file of web sites
        browseable = yes
        path = /var/www
        valid users = alig
;       guest ok = yes
 
 
[root@webserver samba]# cat smb.conf.original
#======================= Global Settings =====================================
[global]
        password level = 20
        smb passwd file = /etc/samba/smbpasswd
        load printers = no
        log file = /var/log/samba/%m.log
        winbind enable local accounts = no
        username map = /etc/samba/smbusers
        security = share
        max log size = 1
        encrypt passwords = yes
        os level = 20
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        browseable = yes
        server string = Linux Web server
        interfaces = eth0 lo
        workgroup = impex
        allow hosts = 192.168.0. 127.0.0.1
 
[mysql]
        comment = To take backup of database
        read only = yes
        path = /var/lib/mysql
        browseable = yes
        valid users = alig
;       guest ok = yes
[www]
        comment = all file of web sites
        browseable = yes
        path = /var/www
        read only = yes
        valid users = alig
;       guest ok = yes

Open in new window

ImpexAsked:
Who is Participating?
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
The fact that you can access the files from one system without a password is "accidental" -- the username on that local system is apparently "alig", and either the passwords are the same, or there is no password setup for that user.

Given that the shares are read-only, I would limit the access to your systems that run the backups by IP address and just make them "public"... see below:

[global]
        password level = 20
        smb passwd file = /etc/samba/smbpasswd
        load printers = no
        log file = /var/log/samba/%m.log
        winbind enable local accounts = no
        username map = /etc/samba/smbusers
        security = share
        max log size = 1
        encrypt passwords = yes
        os level = 20
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        browseable = yes
        server string = Linux Web server
        interfaces = eth0 lo
        workgroup = impex
        allow hosts = 192.168.0.x 192.168.0.y 192.168.0.z 127.0.0.1
 
[mysql]
        comment = To take backup of database
        read only = yes
        path = /var/lib/mysql
        browseable = yes
       only guest = yes        guest ok = yes
[www]
        comment = all file of web sites
        browseable = yes
        path = /var/www
        read only = yes
       only guest = yes        guest ok = yes

Not the MOST secure options in the world, but it should work for your purposes!

I hope this helps!

Dan
IT4SOHO

0
 
ImpexAuthor Commented:
Hi Dan
Thanks for your help. The last administrator who set this system up used to do the task with his machine. when he was leaving he setup the access to another machine which we only use once we have to make some changes to the database and then upload into the live database.
problem is that i can see the folders but i can't copy anything from them.
problem is that to take the backup for remote servers i need to be able to copy the data. at the moment its read only. can you please configure permissions so i could take the data as well.
I dont have to worry about the security because its behind the firewall.
i would really appreciate if you could do help me out with this.
Many Thanks
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
My reading of your initial question was that you wanted a Windows system to be able to access the web & MySQL folders so that the Windows system could back them up... so the read-only attribute should stay...

However, it is entirely possible that the "guest" user won't have access to either folder... you may need to create a user that has access (other than root) -- my guess is that the user alig will work just fine...

So, let's try this config: (don't forget to reload SAMBA when you're done -- (# pkill -HUP smbd ; pkill -HUP nmbd)

[global]
        password level = 20
        smb passwd file = /etc/samba/smbpasswd
        load printers = no
        log file = /var/log/samba/%m.log
        winbind enable local accounts = no
        username map = /etc/samba/smbusers
        security = share
        max log size = 1
        encrypt passwords = yes
        os level = 20
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        browseable = yes
        server string = Linux Web server
        interfaces = eth0 lo
        workgroup = impex
        allow hosts = 192.168.0.x 192.168.0.y 192.168.0.z 127.0.0.1
 
[mysql]
        comment = To take backup of database
        read only = yes
        path = /var/lib/mysql
        browseable = yes
      force user = alig

[www]
        comment = all file of web sites
        browseable = yes
        path = /var/www
        read only = yes
        force user = alig

One note of caution here... you will have to connect using a valid username/password for samba. Create a new samba username (must also be a UNIX username) with the smbpasswd command:

# Create Usersmbpasswd -a user# Set user passwordsmbpasswd user
I hope this helps!

Dan
IT4SOHO

0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
ImpexAuthor Commented:
thank you for your reply.
problem still remains same. i can browse to the www.directory, but when i double click on the sql share folder it says permission denied,
0
 
Morne LateganCommented:
You have to determine what user mysql runs as, and what user apache runs as.

Do ls -l /var/lib/mysql and see what the ownership is. The sub-directories usually belongs to the user that mysql runs as. Change the "force user =" bit of the mysql share to that user.

Do the same for the www share, substituting the user for the user apache runs as.

Alternatively you can let alig belong to the group mysql and the group www-data (or whatever your apache group is) and then give the group read permissions on all the content of these folders.
0
 
ImpexAuthor Commented:
Many Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.