[Samba] Existing files don't show up in share, new files do (Solved!)

Rubin Bennett rbennett at thatitguy.com
Wed May 21 20:12:02 GMT 2008 

Glad to hear it!  Damn SELinux *grumble*.

I shoulda thought of that too :)

Rubin

On Wed, 2008-05-21 at 17:20 +0200, Pepijn Schmitz wrote:
> I got it. SELinux was causing the problem. Grmbl... I don't know why I 
> didn't think to check before, but I took a look in my syslog and saw 
> entries like these:
> 
> May 21 16:21:29 roadrunner kernel: audit(1211379689.340:4629): avc:  
> denied  { getattr } for  pid=13682 comm="smbd" 
> path="/mnt/data/multimedia/XXX" dev=sdb1 ino=28066343 
> scontext=system_u:system_r:smbd_t:s0 tcontext=user_u:object_r:file_t:s0 
> tclass=dir
> 
> I did a ls -Z on /mnt/data/multimedia with the following result:
> 
> drwxrwxr-x  pepijn pepijn system_u:object_r:file_t:s0      Audio
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> DIRK_GENTLY'S_HOLISTIC_DETECTIVE_AGENCY.TXT
> lrwxrwxrwx  pepijn pepijn user_u:object_r:file_t:s0        Fotos -> Foto's
> drwxrwxr-x  pepijn pepijn system_u:object_r:file_t:s0      Foto's
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> HITCHHIKER'S_GUIDE_TO_THE_GALAXY.TXT
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> LAST_CHANCE_TO_SEE.TXT
> drwxrwxr-x  pepijn pepijn system_u:object_r:file_t:s0      Martijn
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> MOSTLY_HARMLESS.TXT
> drwxrwxr-x  pepijn pepijn system_u:object_r:file_t:s0      recycled
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> RESTAURANT_END_OF_THE_UNIVERSE.TXT
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> STARSHIP_TITANIC.TXT
> drwxrwxr-x  pepijn pepijn system_u:object_r:file_t:s0      temp
> -rw-rw-r--  pepijn pepijn system_u:object_r:samba_share_t:s0 test2.txt
> -rw-rw-r--  pepijn pepijn system_u:object_r:samba_share_t:s0 test.txt
> drwxrwxr-x  pepijn pepijn system_u:object_r:file_t:s0      Video
> -rw-rw-r--  pepijn pepijn user_u:object_r:file_t:s0        volumeid.zbx
> drwxrwxr-x  pepijn pepijn user_u:object_r:file_t:s0        XXX
> -rw-rw-r--  pepijn pepijn system_u:object_r:file_t:s0      
> YOUNG_ZAPHOD_PLAYS_IT_SAFE.TXT
> 
> The existing files have a different security context (file_t) than the 
> new ones (samba_share_t). I have no idea how or why this has happened, 
> and frankly I don't feel like spending any more time to find out 
> (although I'm still interested if someone knows more about how this 
> could happen). Since the server is now just an internal file server I 
> decided just to turn off SELinux. Now the share works perfectly again!
> 
> Thanks everyone for your time and patience!
> 
> Kind regards,
> Pepijn Schmitz
> 
> Pepijn Schmitz wrote:
> > I tried commenting out the write list = pepijn line and adding a guest 
> > ok = yes line, but it made no difference, both when logging in as 
> > pepijn or when logging in as guest.
> >
> > Kind regards,
> > Pepijn Schmitz
> >
> > Jason Waters wrote:
> >> Remove any restrictions on the shares.  Like valid user and that sort of
> >> thing.
> >>
> >> Jason Waters
> >>
> >>
> >> -----Original Message-----
> >> From: Pepijn Schmitz [mailto:captain at chaos.demon.nl] Sent: Wednesday, 
> >> May 21, 2008 10:08 AM
> >> To: Rubin Bennett
> >> Cc: Jason Waters; samba at lists.samba.org
> >> Subject: Re: [Samba] Existing files don't show up in share, new files do
> >>
> >> I'm slightly closer to finding the cause of this problem. I set the 
> >> smbd log level to 7 and found the following entries when trying to 
> >> list the contents of the share:
> >>
> >> [2008/05/21 15:27:05, 5] smbd/uid.c:change_to_user(273)
> >>   change_to_user uid=(500,500) gid=(0,500)
> >> [2008/05/21 15:27:05, 3] smbd/trans2.c:call_trans2findfirst(1704)
> >>   call_trans2findfirst: dirtype = 16, maxentries = 1366, 
> >> close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 
> >> 0x104, max_data_bytes = 16644
> >> [2008/05/21 15:27:05, 5] smbd/filename.c:unix_convert(147)
> >>   unix_convert called on file "*"
> >> [2008/05/21 15:27:05, 5] smbd/filename.c:unix_convert(246)
> >>   unix_convert begin: name = *, dirpath = , start = *
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:call_trans2findfirst(1769)
> >>   dir=./, mask = *
> >> [2008/05/21 15:27:05, 5] smbd/dir.c:dptr_create(392)
> >>   dptr_create dir=./
> >> [2008/05/21 15:27:05, 3] smbd/dir.c:dptr_create(515)
> >>   creating new dirptr 256 for path ./, expect_close = 1
> >> [2008/05/21 15:27:05, 4] smbd/trans2.c:call_trans2findfirst(1837)
> >>   dptr_num is 256, wcard = *, attr = 22
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
> >>   get_lanman2_dir_entry found ./. fname=.
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
> >>   get_lanman2_dir_entry found ./.. fname=..
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./Audio] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat 
> >> [./DIRK_GENTLY'S_HOLISTIC_DETECTIVE_AGENCY.TXT] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./Foto's] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat 
> >> [./HITCHHIKER'S_GUIDE_TO_THE_GALAXY.TXT] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./LAST_CHANCE_TO_SEE.TXT] 
> >> (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./Martijn] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./MOSTLY_HARMLESS.TXT] 
> >> (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./recycled] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat 
> >> [./RESTAURANT_END_OF_THE_UNIVERSE.TXT] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./STARSHIP_TITANIC.TXT] 
> >> (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./temp] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./Video] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat 
> >> [./YOUNG_ZAPHOD_PLAYS_IT_SAFE.TXT] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./Fotos] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./.Trash-pepijn] (Permission
> >> denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./.Trash-500] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./volumeid.zbx] (Permission 
> >> denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221)
> >>   get_lanman2_dir_entry:Couldn't stat [./XXX] (Permission denied)
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
> >>   get_lanman2_dir_entry found ./test.txt fname=test.txt
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255)
> >>   get_lanman2_dir_entry found ./test2.txt fname=test2.txt
> >> [2008/05/21 15:27:05, 5] smbd/trans2.c:call_trans2findfirst(1890)
> >>   call_trans2findfirst - (2) closing dptr_num 256
> >> [2008/05/21 15:27:05, 4] smbd/dir.c:dptr_close_internal(238)
> >>   closing dptr key 256
> >>
> >> The "Permission denied"s correspond exactly to the files and 
> >> directories that are missing. As you can see, it somehow can't stat 
> >> (whatever that is) the existing files, but it can the new files. 
> >> Which is bizarre, since their permissions are the same. We need a 
> >> real Samba internals guru. What exactly is it trying to stat, and how 
> >> is it possible for that to succeed for some files but fail for others 
> >> while having the same permissions?
> >>
> >> Kind regards,
> >> Pepijn Schmitz
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
Rubin Bennett
RB Technologies
http://thatitguy.com
rbennett at thatitguy.com
(802)223-4448

"They that can give up essential liberty to obtain a little
temporary security deserve neither liberty nor safety"
  --Benjamin Franklin, Historical Review of Pennsylvania, 1759

More information about the samba mailing list