selinux + samba +home directory Permission problem


I want to share user's home directory from windows xp computer .

Samba installed.

from Network manager->share , i can see the home directory (Please check the picture)

So when i click the home directory .. its always ask for user name and password... i provide the user name and password, its does not work..

anyway.. i know its selinux.. becuase i am seing selinux related error :

  '/home/administrator' does not exist or permission denied when connecting to [ADMINISTRATOR] Error was Permission denied
Mar 19 16:45:30 linuxftp kernel: type=1400 audit(1300553130.049:103): avc:  denied  { search } for  pid=6290 comm="smbd" name="home" dev=dm-0 ino=1703937 scontext=root:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir

I have run bellow command

setsebool -P samba_enable_home_dirs 1

chcon -t samba_share_t /var/eng

as bellow is the selinux context ..

drwx------  administrator administrator user_u:object_r:samba_share_t    administrator

but it will not allow me to enter this user's home directory

which means, i am missing something .. can any one please give me some light ...

LVL 29
Who is Participating?
arnoldConnect With a Mentor Commented:
Hey, hope all is well with your various setups.

Some reference:

While samba is an interface that grants a windows system access to a local filesystem object, the UNIX file permissions still apply.  Your example only owner (root) had write rights to this directory.

Often the shares in the examples are perhaps the example from deals with using the create mask which sets the correct access mask on the directory/files.
ls -lZ / | grep newshare what context is selinux reporting for it?
within /etc/samba/smb.conf it tells you what you need to run for selinux settings.
setsebool -P samba_enable_home_dirs on
not sure whether 1 is a valid/equivalent parameter
one other thing, did you use smbpasswd to add the user to the linux system with the same username/password as their windows login?
Or does your setup involve AD integration for linux?
fosiul01Author Commented:
Helloooooo Arnold!!

long time .. how are u man ??

you know what you are damm right!!!

the right command its

setsebool -P samba_enable_home_dirs on

just checked the smb.conf file , its saying

setsebool -P samba_enable_home_dirs on

i was reading RHCE exam book , auther michael jang.. and i was following him.. in their its saying

setsebool -P samba_enable_home_dirs 1
and it did not work

its works now ..

fosiul01Author Commented:
tell me something pls

you have a directory on  /

drwxr-xr-x    2 root root      4096 Mar 19 19:31 newshare

now , i want only user call fosiul to allow read and write on to this directory via Samba ..


        path = /newshare
        writeable = yes
;       browseable = yes
        valid users = fosiul


dont you have to change the directory permission of /newshare to allow user fosiul to write on that file via samba ??

because... from windows or linux , i can mount that directory  by using user fosiul..

example :

# mount.cifs //linuxftp/project /mnt -o username=fosiul,password=xxx

but it will not allow me to write onto that directory

as soon as i am changing the directory permission as

chown  root:fosiul /newshare/
[root@linuxftp /]# ls -al | grep newshare
drwxr-xr-x    2 root fosiul    4096 Mar 19 19:31 newshare
[root@linuxftp /]# chmod 775 newshare/
[root@linuxftp /]# ls -al | grep newshare
drwxrwxr-x    2 root fosiul    4096 Mar 19 19:31 newshare

Now it will allow me to write into that direcotry

is not the right way ???

because if i follow the books, its does not tel anything about changing the directory permission, hence i am bit confused ...

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.