?
Solved

Why samba can share one directory but not another?

Posted on 2009-04-26
14
Medium Priority
?
5,852 Views
Last Modified: 2013-12-02
I setup samba and it can share /home/share but not /filestor002/share (which is a mounted hard drive)

As you can see by the log file, I can connect to the share "home/share" but it fails for "filestor002/share"

The permissions are the same for the directory trees.

Any help would be very much appreciated. As I am stuck!
Log file:
 
[2009/04/26 17:10:22,  1] smbd/service.c:make_connection_snum(1194)
  __ffff_192.168.1.16 (::ffff:192.168.1.16) connect to service home/share initially as user nobody (uid=99, gid=99) (pid 2351)
[2009/04/26 17:11:00,  1] smbd/service.c:close_cnum(1405)
  __ffff_192.168.1.16 (::ffff:192.168.1.16) closed connection to service home/share
[2009/04/26 17:11:07,  0] smbd/service.c:make_connection_snum(1016)
  canonicalize_connect_path failed for service filestor002/share, path /filestor002/share
 
smb.conf file:
 
[global]
        log file = /var/log/samba/log.%m
        guest account = nobody
        socket options = TCP_NODELAY
        encrypt passwords = yes
        passdb backend = tdbsam
        allow hosts = 127. 192.168.1.
        interfaces = lo, eth0
        wins support = true
        name resolve order = wins lmhosts hosts bcast
        dns proxy = no
;       cups options = raw
        netbios name = linux01
        writeable = yes
        wide links = no
        delete readonly = yes
        default = global
        workgroup = linuxgroup
        os level = 65
        invalid users = root
        security = share
        create mode = 777
        max log size = 50
;       revalidate = yes
;       client lanman auth = yes
;       lanman auth = yes
        domain master = yes
;       smb ports = 139
 
[home/share]
        comment = No Comment
        path = /home/share
        writable = no
        read only = yes
        browsable = yes
        available = yes
        guest ok = yes
 
[filestor002/share]
        comment = No comment
        path = /filestor002/share
        writable = no
        read only = yes
        browsable = yes
        available = yes
        guest ok = yes

Open in new window

0
Comment
Question by:dr34m3rs
  • 8
  • 4
  • 2
14 Comments
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24237716
In which way does it fail?
0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24237729

[root@linux01 share]# smbclient //linux01/home/share
Enter your password: 
Domain=[LINUXGROUP] OS=[Unix] Server=[Samba 3.2.11-0.28.fc9]
Server not using user level security and no password supplied.
smb: \>
 
[root@linux01 share]# smbclient //linux01/filestor002/share
Enter your password: 
Domain=[LINUXGROUP] OS=[Unix] Server=[Samba 3.2.11-0.28.fc9]
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_BAD_NETWORK_NAME
 
 
from log file:
canonicalize_connect_path failed for service filestor002/share, path /filestor002/share

Open in new window

0
 
LVL 16

Expert Comment

by:ai_ja_nai
ID: 24237847
can you display the permissions of those folders?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:Morne Lategan
ID: 24237860
Hi there,

Can you please post the output of these four commands:

ls -ld /filestor002
ls -ld /filestor002/share
ls -ld /home
ls -ld /home/share

0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24238053
Hi thank you for any help on this.

I actually moved the folder /home/share to /share because I was curious what would happen.

I am able to access the folder with `smbclient //linux01/share` however I am not able to list files (it was the same when it was /home/share). I receive an SELinux policy block. That is another issue, but I wanted to mention in case these are connected somehow. I listed the policy block in the code snippet section. I attempted the fix "setsebool -P samba_enable_home_dirs=1" but it was unsuccessful. You can see where it attempts to read "/share/test.txt" and is blocked.

So it seems I can access folders shared on my / partition, but any other disk partition I am not able to share folders with samba. Is that strange? Because it seems strange to me. Could it be simply that "filestor002" is more than 8 characters long and so not a valid network name?

Everything else is still the same but the /home/share part of smb.conf now reads:

[share]
        comment = No Comment
        path = /share
        writable = no
        read only = yes
        browsable = yes
        available = yes
        guest ok = yes


Again. THANK YOU for any help. Samba is driving me crazy!
Output from commands
 
ls -ld /filestor002
ls -ld /filestor002/share
ls -ld /share
 
[root@linux01 /]# ls -ld /filestor002
drwxr-xr-x 4 root root 4096 2009-04-26 17:07 /filestor002
[root@linux01 /]# ls -ld /filestor002/share
drwxr-xr-x 3 root root 4096 2009-04-26 17:07 /filestor002/share
[root@linux01 /]# ls -ld /share
drwxr-xr-x 2 root root 4096 2009-04-26 17:30 /share
 
 
------------------------------------------------------------------
SELinux Summary:
 
SELinux is preventing the samba daemon from reading users' home directories.
 
Detailed Description:
 
SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals a intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)
 
Allowing Access:
 
If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
 
Fix Command:
 
setsebool -P samba_enable_home_dirs=1
 
Additional Information:
 
Source Context                unconfined_u:system_r:smbd_t:s0
Target Context                unconfined_u:object_r:home_root_t:s0
Target Objects                /share/test.txt [ file ]
Source                        smbd
Source Path                   /usr/sbin/smbd
Port                          <Unknown>
Host                          linux01
Source RPM Packages           samba-3.2.11-0.28.fc9
Target RPM Packages           
Policy RPM                    selinux-policy-3.3.1-131.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   samba_enable_home_dirs
Host Name                     linux01
Platform                      Linux linux01 2.6.27.21-78.2.41.fc9.i686 #1 SMP
                              Mon Mar 23 23:45:58 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Sun 26 Apr 2009 07:03:01 PM EDT
Last Seen                     Sun 26 Apr 2009 07:03:01 PM EDT
Local ID                      941c1133-485e-4bfd-a41c-f13d223c7dd1
Line Numbers                  
 
Raw Audit Messages            
 
node=linux01 type=AVC msg=audit(1240786981.759:1363): avc:  denied  { getattr } for  pid=5770 comm="smbd" path="/share/test.txt" dev=sda2 ino=53460998 scontext=unconfined_u:system_r:smbd_t:s0 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=file
 
node=linux01 type=SYSCALL msg=audit(1240786981.759:1363): arch=40000003 syscall=195 success=no exit=-13 a0=b7f88118 a1=bff3f62c a2=102cff4 a3=bff3f62c items=0 ppid=3437 pid=5770 auid=500 uid=0 gid=0 euid=99 suid=99 fsuid=99 egid=99 sgid=99 fsgid=99 tty=(none) ses=1 comm="smbd" exe="/usr/sbin/smbd" subj=unconfined_u:system_r:smbd_t:s0 key=(null)

Open in new window

0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24239492
Ok I set SELinux to permissive mode. Now I can list the files in the directories.

Thanks for any help with the directory issue.
0
 
LVL 7

Expert Comment

by:Morne Lategan
ID: 24240207
The permissions seem fine on the share directory if reading it is all you want to do. Is /filestor002 a mounted local disk, what filesystem? And do you mount it manually, or through an entry in /etc/fstab? Please post either the mount command, or the fstab entry. Maybe the mount options is preventing user nobody from reading it.
0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24245393
Yesterday I had 5 hard drives setup something like:

sda: /                   1tb
sdb: filestor000   1tb
sdc: filestor001   1tb
sdd: filestor002  1tb
sde: filestor003   1tb

Now filestor001 and 002 seem to me missing from fstab. I am a hard drive mounting noob so I set them up automatically at fedora 9 install.

The disks seem to exists, just not sure how to put them back into my fstab file... and not sure how they were removed.

Thank you for all the help on this!!!
UUID=9c202944-1337-440e-8a01-e4ef05fef1d4 /                      ext3    defaults        1 1
UUID=bde28fee-8253-4287-9cb4-d6a788be8c05 /filestor003            ext3    defaults        1 2
UUID=452be888-9972-4576-8380-7d5489847a7e /filestor000            ext3    defaults        1 2
UUID=98227acf-dc66-4bce-bb2e-f381fe5066a5 /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
UUID=4612ff3f-b68d-4ce3-8e15-0be8d2574ac0 swap                    swap    defaults        0 0
 
 
[root@linux01 /]# df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/sda2            961235404   6757796 905649648   1% /
/dev/sde1            961432072    204580 912389492   1% /filestor003
/dev/sdb2            957305004 188788928 719887724  21% /filestor000
/dev/sda1               194442     23652    160751  13% /boot
tmpfs                   906076       440    905636   1% /dev/shm
[root@linux01 /]# fdisk -l
 
Disk /dev/sda: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x000e1237
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          25      200781   83  Linux
/dev/sda2              26      121601   976559220   83  Linux
 
Disk /dev/sdb: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x000cfa12
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1   *           1         522     4192933+  82  Linux swap / Solaris
/dev/sdb2             523      121601   972567067+  83  Linux
 
Disk /dev/sdc: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x000af4df
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1   *           1         522     4192933+  82  Linux swap / Solaris
/dev/sdc2             523      121601   972567067+  83  Linux
 
Disk /dev/sdd: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x648b4923
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sdd1   *           1      121601   976760001   83  Linux
 
Disk /dev/sde: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x58da1a86
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sde1   *           1      121601   976760001   83  Linux

Open in new window

0
 
LVL 7

Accepted Solution

by:
Morne Lategan earned 2000 total points
ID: 24245774
The mount configuration is fine as is. Its ext3 filesystems, so the actual Linux permissions on the files will apply without any special mount options. Which rules that option out. To add the missing drives, run:

blkid

It will show you all the uuid's of all the filesystems. Add the missing uuids in fstab the same way the others were added and then run

mount -a

to mount all the missing ones.

I'm taking a wild guess now. Have you tried not calling the shares [homeshare] instead of [home/share] ? I have never seen it used like you use it before.
0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24246065
You are the master, Uberpappa!

I was able to fix the disk mounting issue! Thank you so much for showing me that!!

I also changed my share name from [filestor002/share] to [filestor002]

I am now able to run the command `smbclient //linux01/filestor002 and it mounts /filestor002/share and I can read the files within. Now I am having an issue with windows not seeing the shares...  but I think I have to reboot my xp computer (this computer). I will let you know the outcome. Thank you so much!
0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24246071
Actually you solved the scope of this issue more than enough. If I continue to have issues with windows not seeing samba I will create another question. Thanks again. :)
0
 
LVL 1

Author Closing Comment

by:dr34m3rs
ID: 31574749
Yaay!
0
 
LVL 7

Expert Comment

by:Morne Lategan
ID: 24248747
Glad that did it :)

You can try from your Windows host to work with the IP address of the server instead of the name. It might be a network discovery issue, in which case, if the Linux machine is the only server on the network, that is: If you don't have some other Windows domain controller, I'd suggest you configure wins on the clients. You already run a wins server on the Linux box (wins support = yes), so all you have to do is to go into the client's IP configuration and set the wins to the Linux box's IP address under advanced.

0
 
LVL 1

Author Comment

by:dr34m3rs
ID: 24255849
I tried to add wins support to my network connections in windows (advanced tcp/ip settings). I still cannot connect or see the shares from windows xp.

I have continued this with the following question:

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Samba/Q_24363681.html

Thanks for the help!
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Fine Tune your automatic Updates for Ubuntu / Debian
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month15 days, 14 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question