FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-25-2011, 08:49 AM
Alexander Farber
 
Default Samba can't access dir - SELinux problem?

Hello,

I was using CentOS 5.5 as a "playground" VM at my WinXP notebook
and now I'm migrating to a new CentOS 5.6 install
and everything has worked well - except samba.

I have this very permissive config to export my ~/src dir:

# cat /etc/samba/smb.conf
[global]
guest ok = yes
guest account = afarber
security = share
hosts allow = 172.16.6. 127.0.0.1

[src]
path = /home/afarber/src
public = yes
writable = yes
printable = no

But in the new install it has stopped working and prints:

# tail /var/log/samba/smbd.log
[2011/04/25 01:36:37, 0] smbd/service.c:make_connection_snum(1013)
'/home/afarber/src' does not exist or permission denied when
connecting to [src] Error was Permission denied

I've checked permissions and installed rpms -
they're all the same
(and smbd runs as "root", doesn't it?)

Is this maybe a SELinux setting problem?

# tail /var/log/audit/audit.log (only at the new VM)
type=AVC msg=audit(1303720863.712:53): avc: denied { search } for
pid=6737 comm="smbd" name="/" dev=sda3 ino=2
scontext=user_u:system_r:smbd_t:s0
tcontext=system_ubject_r:home_root_t:s0 tclass=dir

type=SYSCALL msg=audit(1303720863.712:53): arch=c000003e syscall=4
success=no exit=-13 a0=2b79380c9620 a1=7fff35dfe9f0 a2=7fff35dfe9f0
a3=ea items=0 ppid=6543 pid=6737 auid=500 uid=500 gid=0 euid=500
suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) ses=2
comm="smbd" exe="/usr/sbin/smbd" subj=user_u:system_r:smbd_t:s0
key=(null)

# ls -aldZ /home/afarber/src (same result at both old and new VMs)
drwxrwxr-x afarber afarber user_ubject_r:user_home_t /home/afarber/src

# ls -aldZ /home/afarber/
drwx------ afarber afarber user_ubject_r:user_home_dir_t /home/afarber/

Does anybody please know a magic command here?

Thank you
Alex
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-25-2011, 08:58 AM
Alexander Farber
 
Default Samba can't access dir - SELinux problem?

# chcon -R -t samba_share_t src

hasn't helped either
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-25-2011, 09:02 AM
"John R. Dennison"
 
Default Samba can't access dir - SELinux problem?

On Mon, Apr 25, 2011 at 10:58:26AM +0200, Alexander Farber wrote:
> # chcon -R -t samba_share_t src
>
> hasn't helped either

Take a look at the front of /etc/samba/smb.conf; there is a blurb there
about selinux and samba.




John

--
Normal is getting dressed in clothes that you buy for work and driving
through traffic in a car that you are still paying for -- in order to get
to the job you need to pay for the clothes and the car, and the house you
leave vacant all day so you can afford to live in it.

-- Ellen Goodman (1941-), American journalist and
Pulitzer Prize-winning syndicated columnist



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-25-2011, 11:39 AM
Ned Slider
 
Default Samba can't access dir - SELinux problem?

On 25/04/11 09:49, Alexander Farber wrote:
> Hello,
>
> I was using CentOS 5.5 as a "playground" VM at my WinXP notebook
> and now I'm migrating to a new CentOS 5.6 install
> and everything has worked well - except samba.
>
> I have this very permissive config to export my ~/src dir:
>
> # cat /etc/samba/smb.conf
> [global]
> guest ok = yes
> guest account = afarber
> security = share
> hosts allow = 172.16.6. 127.0.0.1
>
> [src]
> path = /home/afarber/src
> public = yes
> writable = yes
> printable = no
>
> But in the new install it has stopped working and prints:
>
> # tail /var/log/samba/smbd.log
> [2011/04/25 01:36:37, 0] smbd/service.c:make_connection_snum(1013)
> '/home/afarber/src' does not exist or permission denied when
> connecting to [src] Error was Permission denied
>
> I've checked permissions and installed rpms -
> they're all the same
> (and smbd runs as "root", doesn't it?)
>
> Is this maybe a SELinux setting problem?
>
> # tail /var/log/audit/audit.log (only at the new VM)
> type=AVC msg=audit(1303720863.712:53): avc: denied { search } for
> pid=6737 comm="smbd" name="/" dev=sda3 ino=2
> scontext=user_u:system_r:smbd_t:s0
> tcontext=system_ubject_r:home_root_t:s0 tclass=dir
>
> type=SYSCALL msg=audit(1303720863.712:53): arch=c000003e syscall=4
> success=no exit=-13 a0=2b79380c9620 a1=7fff35dfe9f0 a2=7fff35dfe9f0
> a3=ea items=0 ppid=6543 pid=6737 auid=500 uid=500 gid=0 euid=500
> suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) ses=2
> comm="smbd" exe="/usr/sbin/smbd" subj=user_u:system_r:smbd_t:s0
> key=(null)
>
> # ls -aldZ /home/afarber/src (same result at both old and new VMs)
> drwxrwxr-x afarber afarber user_ubject_r:user_home_t /home/afarber/src
>
> # ls -aldZ /home/afarber/
> drwx------ afarber afarber user_ubject_r:user_home_dir_t /home/afarber/
>
> Does anybody please know a magic command here?
>
> Thank you
> Alex

Alex,

Try the following command, and make sure it's set to "on" to allow users
home dirs to be shared by samba:

$ /usr/sbin/getsebool -a | grep samba_enable_home_dirs
samba_enable_home_dirs --> on

If not, you can turn it on with:

setsebool -P samba_enable_home_dirs on


See here for more information:

http://wiki.centos.org/HowTos/SELinux
http://wiki.centos.org/TipsAndTricks/SelinuxBooleans



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-25-2011, 02:23 PM
Alexander Farber
 
Default Samba can't access dir - SELinux problem?

Thank you!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 08:48 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org