[Samba] ARGH... once again samba causes "permission" errors. SOLVED
jeffw at csun.edu
Sun May 30 19:24:49 MDT 2010
Ok, I was able to fix both of my problems and they are both related
to SELinux problems
First: I am assuming that you are like me and that you have an excellent
background in systems administration (I teach it at a university for a
living.) So you've configured chmod permissions and chown user and
group ownerships on directories and files to correctly allow the desired
access. You have configured samba to force a reasonable user or group
or you have logged in with reasonable user credentials.
But you're still not able to create file/folder or maybe you can't map
certain paths. You've probably been frustrated by the endless
posts and suggestions telling you to fix the fundamental things described
in the previous paragraph.
If you have taken care of the fundamental permission items but\
you are seeing either of the following:
A) You can map a share but whenever you try to create a new
folder or file windows pops up an error dialog (Try again).
B) You can map certain paths but now others (particularly a path
equivalent to a mount point (XFS/Raid5 filesystem in my case.
Well, I'm running CentOS 5.5 and it has SELinux enabled by default
but the context on the share path is probably not allowing samba.
you can check the context of the path with the -Z switch ls:
[root at nas samba]# ls -ldZ /mnt
drwxr-xr-x root root system_u:object_r:mnt_t /mnt
In this case the context is "mnt_t", you need to change the
context to samba_share_t
[root at nas samba]# chcon -t samba_share_t /mnt/nas
[root at nas samba]# ls -adZ /mnt/nas
drwxr-x--- nas nas system_u:object_r:samba_share_t /mnt/nas
Now your share should both mount and allow the creation/deletion
Warning: I am old, I learned system administration and practiced
it for a decade in industry before SELinux was even invented. I do
not pretend to begin to understand this [possibly overly] complicated
More information about the samba