fosiul01
asked on
selinux + samba +home directory Permission problem
HI
I want to share user's home directory from windows xp computer .
Samba installed.
from Network manager->share , i can see the home directory (Please check the picture)
So when i click the home directory .. its always ask for user name and password... i provide the user name and password, its does not work..
anyway.. i know its selinux.. becuase i am seing selinux related error :
'/home/administrator' does not exist or permission denied when connecting to [ADMINISTRATOR] Error was Permission denied
Mar 19 16:45:30 linuxftp kernel: type=1400 audit(1300553130.049:103): avc: denied { search } for pid=6290 comm="smbd" name="home" dev=dm-0 ino=1703937 scontext=root:system_r:smb d_t:s0 tcontext=system_u:object_r :home_root _t:s0 tclass=dir
I have run bellow command
setsebool -P samba_enable_home_dirs 1
also
chcon -t samba_share_t /var/eng
as bellow is the selinux context ..
drwx------ administrator administrator user_u:object_r:samba_shar e_t administrator
but it will not allow me to enter this user's home directory
which means, i am missing something .. can any one please give me some light ...
selinux.GIF
I want to share user's home directory from windows xp computer .
Samba installed.
from Network manager->share , i can see the home directory (Please check the picture)
So when i click the home directory .. its always ask for user name and password... i provide the user name and password, its does not work..
anyway.. i know its selinux.. becuase i am seing selinux related error :
'/home/administrator' does not exist or permission denied when connecting to [ADMINISTRATOR] Error was Permission denied
Mar 19 16:45:30 linuxftp kernel: type=1400 audit(1300553130.049:103):
I have run bellow command
setsebool -P samba_enable_home_dirs 1
also
chcon -t samba_share_t /var/eng
as bellow is the selinux context ..
drwx------ administrator administrator user_u:object_r:samba_shar
but it will not allow me to enter this user's home directory
which means, i am missing something .. can any one please give me some light ...
selinux.GIF
one other thing, did you use smbpasswd to add the user to the linux system with the same username/password as their windows login?
Or does your setup involve AD integration for linux?
Or does your setup involve AD integration for linux?
ASKER
Helloooooo Arnold!!
long time .. how are u man ??
you know what you are damm right!!!
the right command its
setsebool -P samba_enable_home_dirs on
just checked the smb.conf file , its saying
setsebool -P samba_enable_home_dirs on
i was reading RHCE exam book , auther michael jang.. and i was following him.. in their its saying
setsebool -P samba_enable_home_dirs 1
and it did not work
its works now ..
long time .. how are u man ??
you know what you are damm right!!!
the right command its
setsebool -P samba_enable_home_dirs on
just checked the smb.conf file , its saying
setsebool -P samba_enable_home_dirs on
i was reading RHCE exam book , auther michael jang.. and i was following him.. in their its saying
setsebool -P samba_enable_home_dirs 1
and it did not work
its works now ..
ASKER
tell me something pls
you have a directory on /
drwxr-xr-x 2 root root 4096 Mar 19 19:31 newshare
now , i want only user call fosiul to allow read and write on to this directory via Samba ..
so
[newshare]
path = /newshare
writeable = yes
; browseable = yes
valid users = fosiul
Now....
dont you have to change the directory permission of /newshare to allow user fosiul to write on that file via samba ??
because... from windows or linux , i can mount that directory by using user fosiul..
example :
# mount.cifs //linuxftp/project /mnt -o username=fosiul,password=x xx
but it will not allow me to write onto that directory
as soon as i am changing the directory permission as
chown root:fosiul /newshare/
[root@linuxftp /]# ls -al | grep newshare
drwxr-xr-x 2 root fosiul 4096 Mar 19 19:31 newshare
[root@linuxftp /]# chmod 775 newshare/
[root@linuxftp /]# ls -al | grep newshare
drwxrwxr-x 2 root fosiul 4096 Mar 19 19:31 newshare
Now it will allow me to write into that direcotry
is not the right way ???
because if i follow the books, its does not tel anything about changing the directory permission, hence i am bit confused ...
you have a directory on /
drwxr-xr-x 2 root root 4096 Mar 19 19:31 newshare
now , i want only user call fosiul to allow read and write on to this directory via Samba ..
so
[newshare]
path = /newshare
writeable = yes
; browseable = yes
valid users = fosiul
Now....
dont you have to change the directory permission of /newshare to allow user fosiul to write on that file via samba ??
because... from windows or linux , i can mount that directory by using user fosiul..
example :
# mount.cifs //linuxftp/project /mnt -o username=fosiul,password=x
but it will not allow me to write onto that directory
as soon as i am changing the directory permission as
chown root:fosiul /newshare/
[root@linuxftp /]# ls -al | grep newshare
drwxr-xr-x 2 root fosiul 4096 Mar 19 19:31 newshare
[root@linuxftp /]# chmod 775 newshare/
[root@linuxftp /]# ls -al | grep newshare
drwxrwxr-x 2 root fosiul 4096 Mar 19 19:31 newshare
Now it will allow me to write into that direcotry
is not the right way ???
because if i follow the books, its does not tel anything about changing the directory permission, hence i am bit confused ...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
setsebool -P samba_enable_home_dirs on
not sure whether 1 is a valid/equivalent parameter