Problem sharing /srv folder via samba

Hi,

I recently installed openSUSE 11.4 on a new machine. I have successfully got Samba woirking on a share from my home directory, but I also want to share /srv so I can copy files to the web server on the machine. Although I can connect to this share, I cannot see any of the files on it. I have tried forcing the user to root, and I can see that the share is connected as root, but when I look through the Samba logs after trying to do a ‘dir’ of the share from my windows machine, I get can see that the ‘OpenDir’ call is failing. I have tried opening up the permissions to /srv to 777 (still owned by root, root), but this did not help. I have also tried various settings like “acl check permissions” to “No” and “nt acl support” to “No” but this has not helped either.

The relevent section from smb.conf is below …

path = /srv
valid users = mark, root
admin users = mark, root
write list = mark, root
force user = root
force group = root
acl check permissions = No
guest ok = Yes
nt acl support = No
hide dot files = No
delete readonly = Yes

Can anybody tell me what I am missing ?

Cheers,

Mark

Actually this is much safer (but still dangerous):

[srv]
path = /srv
valid users = mark
force user = root
read only = no

And add mark to the samba user database with: smbpasswd -a mark

so I’ve actually deleted my first response/post.

On Sun March 4 2012 08:16 am, lich uk wrote:

>
> Hi,
>
> I recently installed openSUSE 11.4 on a new machine. I have
> successfully got Samba woirking on a share from my home directory, but I
> also want to share /srv so I can copy files to the web server on the
> machine. Although I can connect to this share, I cannot see any of the
> files on it. I have tried forcing the user to root, and I can see that
> the share is connected as root, but when I look through the Samba logs
> after trying to do a ‘dir’ of the share from my windows machine, I get
> can see that the ‘OpenDir’ call is failing. I have tried opening up the
> permissions to /srv to 777 (still owned by root, root), but this did not
> help. I have also tried various settings like “acl check permissions”
> to “No” and “nt acl support” to “No” but this has not helped either.
>
> The relevent section from smb.conf is below …
>
> path = /srv
> valid users = mark, root
> admin users = mark, root
> write list = mark, root
> force user = root
> force group = root
> acl check permissions = No
> guest ok = Yes
> nt acl support = No
> hide dot files = No
> delete readonly = Yes
>
> Can anybody tell me what I am missing ?
>
>
> Cheers,
>
> Mark
>
Mark;

Can you please post all of /etc/samba/smb.conf? If you have any sensitive
items just comment them out.

For testing purposes only, can you report back what happens when these three
parameters are commented out:


# valid users = mark, root
# admin users = mark, root
# write list = mark, root


P. V.
“We’re all in this together, I’m pulling for you.” Red Green

Thanks - mark was already added. Thanks for you concern re: safety, but don’t worry, this is not a live web server!

Hi, thanks for looking at it - here is the smb.conf:

Samba config file created using SWAT

from UNKNOWN (<myip>)

Date: 2012/03/05 07:04:56

[global]
workgroup = <myworkgroup>
map to guest = Bad Password
passdb backend = tdbsam:/etc/samba/passdb.tdb
username map = /etc/samba/smbusers
printcap name = cups
logon path = \%L\profiles.msprofile
logon drive = P:
logon home = \%L%U.9xprofile
os level = 65
dns proxy = No
wins server = <mywinsserverip>
usershare max shares = 100
usershare owner only = No
idmap uid = 10000-20000
idmap gid = 10000-20000
hosts allow = <mysubnet>
cups options = raw

[profiles]
comment = Network Profiles Service
path = %H
read only = No
create mask = 0600
directory mask = 0700
store dos attributes = Yes

[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/

[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes

[printers]
comment = All Printers
path = /var/tmp
create mask = 0600
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin, root
force group = ntadmin
create mask = 0664
directory mask = 0775

[markhome]
path = /home/mark/
read only = No
guest ok = Yes
hide dot files = No

[srv]
path = /srv
valid users = mark, root
admin users = mark, root
write list = mark, root
force user = root
force group = root
acl check permissions = No
guest ok = Yes
nt acl support = No
hide dot files = No
delete readonly = Yes

I tried removing the users entries and write list as you suggested but it still fails (even after restarting smb).

On Mon March 5 2012 01:16 am, lich uk wrote:

>
> venzkep;2445795 Wrote:
<snip>
>> P. V.
>> “We’re all in this together, I’m pulling for you.” Red Green
>
> Hi, thanks for looking at it - here is the smb.conf:
>
> # Samba config file created using SWAT
> # from UNKNOWN (<myip>)
> # Date: 2012/03/05 07:04:56
>
> [global]

<snip>
>
> [profiles]
<snip>
>
> [markhome]
> path = /home/mark/
> read only = No
> guest ok = Yes
> hide dot files = No
>
> [srv]
> path = /srv
> valid users = mark, root
> admin users = mark, root
> write list = mark, root
> force user = root
> force group = root
> acl check permissions = No
> guest ok = Yes
> nt acl support = No
> hide dot files = No
> delete readonly = Yes
>
>
>
>
> I tried removing the users entries and write list as you suggested but
> it still fails (even after restarting smb).
>
Mark;

  1. Is AppArmor running on this machine? If yes, what is the result when
    AppArmor is turned off. Is anything logged here: /var/log/apparmor

  2. It sounds like you are authenticating properly but to just check add the
    following parameter to the global section of /etc/samba/smb.conf:


log level = 1 auth:3

Restart samba:


su -
rcsmb restart
exit

You can then observe authentication in /var/log/samba/log.smbd
Be sure the above parameter is removed when you are done testing.

  1. Finally, make sure smb and nmb are set to start at boot. (YaST runlevel
    editor)

    P. V.
    “We’re all in this together, I’m pulling for you.” Red Green

Duh ! AppArmour was running - although I was sure I had disabled it !

Thanks - Problem solved!

Cheers,

Mark

On Mon March 5 2012 01:46 pm, lich uk wrote:

<snip>
>
>
> Duh ! AppArmour was running - although I was sure I had disabled it !
>
> Thanks - Problem solved!
>
> Cheers,
>
> Mark
>
Mark;

Glad to help.


P. V.
“We’re all in this together, I’m pulling for you.” Red Green