Samba Access Denied Error

English Network/Internet
1

Hi there
I have searched high and low to my problem and although I have seen many forums threads with a similar title as my own, I have yet to fix my problem…

I am running SLES9 64bit and want to access (through winXP) files that are located on the SAN. The SAN drive is mounted as /data and this is the folder I want to share.

I have configured Samba to share 2 folders following a HOW-TO guide to creating Samba shares. /data and /tmp

If I map these 2 shares in Windows XP, giving the usernames I have created on Linux and using smbpasswd -a … I can view the contents of the /tmp directory but I get the Access Denied error for the /data share.

I have given both folders the same ownership/group and chmod 777 just to keep things simple.

I have posted the smb.conf file below…

[global]
passdb backend = smbpasswd
wins server =
wins support = no
workgroup = ourwork
encrypt passwords = yes
map to guest = Bad User
username map = /etc/samba/smbusers
security = user
[data]
browseable = yes
comment = data
path = /data/
[test]
comment =
path = /tmp/
writeable = yes
browseable = yes

Out of curiosity I have tried changing the /data share to every other folder in the root of the server but only /tmp is the one that is accessible. This is driving me mad.

Any help or pointing out any glaring errors and mistakes would be appreciated.

Cheers
Andy

2

Here is my smb.conf FYI
Not sure if it will help but it works with read/write access in Win XP.

The folder for “movies” is 0755, owned by the linux user “badger_fruit” and group is “users”.

[global]
printing = cups
printcap name = cups
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \%L\profiles.msprofile
logon home = \%L%U.9xprofile
logon drive = P:
usershare allow guests = Yes
netbios name = bgrsvrx
workgroup = badgergroup
server string = “Badger Server X”

[movies]
comment = movies
path = /home/badger_fruit/movies
guest ok = yes
read only = no
force user = badger_fruit

3

[data]
browseable = yes
comment = data
path = /data/

try this

[sharename]
path = /home/user/dir_name
read only = no
force user = username
valid users = users who access the share

note: users must be members of samba dbas

user must own the dir

smbpasswd -a username

hope this helps

this is what i use…to cater windows clients and opensuse also…heheheheheh

4

from of course my idol sir SWERDNA

5

Hi again

Thanks for the replies. Ive had a chance to try badger_fruits example and the share works to the home directories, but as the /data directory is the mount to the 2TB data store that we need access to, sharing the home folders doesnt get me what I need :’(

I have kept all the global settings the same and just changed the path location to /data (and restarted services) but it still says access denied.

I would guess that kcampilans example would also work as it too shares /home… but again this doesnt give me what I need.

I am fairly new to Linux and am wondering if theres anything different (special?) between the permissions of the /home and /tmp directories to any other directory at / level?!

6

hmm, sorry it’s not working; you can do a “ls -l” to see permissions on folders:-

eg


login as: root
Using keyboard-interactive authentication.
Password:
Last login: Wed Sep 10 11:26:16 2008 from 192.168.1.244
Have a lot of fun...
bgrsvrx:~ # ls -l /
total 16337
drwxr-xr-x   2 root root     4096 Aug 25 16:29 axigen-6.0.0
-rwxr--r--   1 root root 16608740 Aug 25 16:14 axigen-6.0.0.i386.rpm.tar.gz
drwxr-xr-x   2 root root     4096 Jul 28 15:28 bin
drwxr-xr-x   4 root root     1024 Jul 18 11:10 boot
drwxr-xr-x  13 root root     6700 Sep 12 23:03 dev
drwxr-xr-x  90 root root    12288 Sep  5 11:08 etc
drwxr-xr-x   5 root root     4096 Aug  9 14:55 home
drwxr-xr-x  10 root root     4096 Jul 18 11:07 lib
drwx------   2 root root    16384 Mar 29 21:18 lost+found
drwxr-xr-x   2 root root     4096 Mar 30 00:30 media
drwxr-xr-x   2 root root     4096 Sep 21  2007 mnt
drwxr-xr-x   4 root root     4096 Aug 25 16:27 opt
dr-xr-xr-x 114 root root        0 Aug 31 22:59 proc
drwx------  13 root root     4096 Sep  4 22:05 root
drwxr-xr-x   3 root root    12288 Sep  3 12:00 sbin
drwxr-xr-x   5 root root     4096 Mar 29 22:58 srv
drwxr-xr-x  11 root root        0 Aug 31 22:59 sys
drwxrwxrwt  13 root root    12288 Sep 17 14:00 tmp
drwxr-xr-x  12 root root     4096 Mar 29 21:24 usr
drwxr-xr-x  14 root root     4096 Mar 29 21:27 var
bgrsvrx:~ # ls -l /home/
total 28
drwxr-xr-x 33 badger_fruit users  4096 Sep  5 11:10 badger_fruit
drwx------  2 root         root  16384 Mar 29 21:23 lost+found
drwxr-xr-x  8 nagios       users  4096 Aug  9 14:55 nagios
bgrsvrx:~ #

post your ls -l and perhaps we can offer some more help :slight_smile:

7

Ok Here goes…

bl-central-l1:/home # ll /home
total 11
drwxr-xr-x 18 root root 440 Aug 27 12:47 .
drwxr-xr-x 31 root root 744 Sep 17 10:13 …
drwxr-xr-x 15 andys sas 1152 Sep 17 10:11 andys

bl-central-l1:/home # ll /
total 219
drwxr-xr-x 31 root root 744 Sep 17 10:13 .
drwxr-xr-x 31 root root 744 Sep 17 10:13 …
drwxr-xr-x 25 sas sas 3952 Aug 14 16:13 SASTEMP
drwxr-xr-x 2 root root 2864 Apr 15 16:52 bin
drwxrwxrwx 2 andys sas 48 Aug 27 12:08 data
drwxr-xr-x 18 root root 440 Aug 27 12:47 home

I have increased the log level in samba and there are entries in the log file…

dfs_redirect: Not redirecting \bl-central-l1\data*.
[2008/09/17 14:55:32, 3, pid=31153] smbd/msdfs.c:dfs_redirect(697)
dfs_redirect: Path \bl-central-l1\data* converted to non-dfs path *
[2008/09/17 14:55:32, 3, pid=31153] smbd/error.c:error_packet_set(61)
error packet at smbd/trans2.c(2064) cmd=50 (SMBtrans2) NT_STATUS_ACCESS_DENIED

Cannot seem to find anything definitive as to what this means.:bad:

8

andysmalls wrote:

>
> Hi there
> I have searched high and low to my problem and although I have seen
> many forums threads with a similar title as my own, I have yet to fix my
> problem…
>
> I am running SLES9 64bit and want to access (through winXP) files that
> are located on the SAN. The SAN drive is mounted as /data and this is
> the folder I want to share.
>
> I have configured Samba to share 2 folders following a HOW-TO guide to
> creating Samba shares. /data and /tmp
>
> If I map these 2 shares in Windows XP, giving the usernames I have
> created on Linux and using smbpasswd -a … I can view the contents of
> the /tmp directory but I get the Access Denied error for the /data
> share.
>
> I have given both folders the same ownership/group and chmod 777 just
> to keep things simple.
>
> I have posted the smb.conf file below…
>
> [global]
> passdb backend = smbpasswd
> wins server =
> wins support = no
> workgroup = ourwork
> encrypt passwords = yes
> map to guest = Bad User
> username map = /etc/samba/smbusers
> security = user
> [data]
> browseable = yes
> comment = data
> path = /data/
> [test]
> comment =
> path = /tmp/
> writeable = yes
> browseable = yes
>
> Out of curiosity I have tried changing the /data share to every other
> folder in the root of the server but only /tmp is the one that is
> accessible. This is driving me mad.
>
> Any help or pointing out any glaring errors and mistakes would be
> appreciated.
>
> Cheers
> Andy
>
>
Andy;
It is not clear to me if you have resolved this or not. Here are my
suggestions:

Edit (as root) /etc/samba/smb.conf as follows:
[global]
workgroup = <your workgroup>
map to guest = Bad User
name resolve order = bcast host lmhosts
username map = /etc/samba/smbusers
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
os level = 65
preferred master = Yes
host msdfs = No
usershare allow guests = Yes
[data]
comment = Public Directory
path = /data
force group = users
read only = No
inherit acls = Yes
force create mode = 0775
force directory mode = 02775
guest ok = yes

Make the owner of /data “nobody” and the group “users” with mode 0777 This
should create a share in which everyone has read/write access.

You should also look at the following tutorial(s):
http://www.swerdna.net.au/linux.html
or
http://www.pcc-services.com/sles/samba.html
for additional help.

P. V.
Cogito cogito ergo cogito sum.

9

PV wrote:

> andysmalls wrote:
>
>>
>> Hi there
>> I have searched high and low to my problem and although I have seen
>> many forums threads with a similar title as my own, I have yet to fix my
>> problem…
>>
>> I am running SLES9 64bit and want to access (through winXP) files that
>> are located on the SAN. The SAN drive is mounted as /data and this is
>> the folder I want to share.

>
> Make the owner of /data “nobody” and the group “users” with mode 0777 This
> should create a share in which everyone has read/write access.
>
> You should also look at the following tutorial(s):
> http://www.swerdna.net.au/linux.html
> or
> http://www.pcc-services.com/sles/samba.html
> for additional help.
Addendum:

Make sure apparmor is not getting in your way!

P. V.
Cogito cogito ergo cogito sum.

10

PV

I had not got it working, but I do now thanks to you. Apparmor was the culprit. Never even knew about this software. Cannot believe something as simple as ticking a disable checkbox would be the answer!

Thanks for all of your replies and drinks are on me. :smiley:

Cheers
Andy

11

andysmalls wrote:

>
> PV
>
> I had not got it working, but I do now thanks to you. Apparmor was the
> culprit. Never even knew about this software. Cannot believe something
> as simple as ticking a disable checkbox would be the answer!
>
> Thanks for all of your replies and drinks are on me. :smiley:
>
> Cheers
> Andy
>
>
Andy;

Glad you have it working. SLES/SLED have their own forums at forums.novell.com;
in the future you might have better luck posting there. These forums are aimed
at OpenSuse.

P. V.
Cogito cogito ergo cogito sum.

12

Thanks andysmalls! I am very happy I ran into this forum, I was having the same problem and when I unchecked AppArmor this fixed my issue as well!