[Samba] Why my dir is not available ?
Pierre Couderc
pierre at couderc.eu
Tue Mar 15 07:49:06 UTC 2016
On 03/14/2016 10:05 AM, Rowland penny wrote:
> On 13/03/16 18:59, Pierre Couderc wrote:
>>
>>
>> On 03/13/2016 10:36 AM, Rowland penny wrote:
>>> On 12/03/16 21:58, Pierre Couderc wrote:
>>>>
>>>>
>>>> On 03/12/2016 08:24 PM, Rowland penny wrote:
>>>>> On 12/03/16 18:28, Pierre Couderc wrote:
>>>>>>
>>>>>> On 03/12/2016 06:45 PM, Rowland penny wrote:
>>>>>>> On 12/03/16 17:37, Pierre Couderc wrote:
>>>>>>>> I have a samba server with a "var" share.
>>>>>>>>
>>>>>>>> I have 2 client computers which mount this share each one with
>>>>>>>> each (identical) /etc/fstab: :
>>>>>>>>
>>>>>>>> //192.168.163.1/var /mnt/var cifs
>>>>>>>> _netdev,username=xxxx,password=yyyy
>>>>>>>>
>>>>>>>> On a first client, I try to ls :
>>>>>>>>
>>>>>>>> ls /mnt/var/www
>>>>>>>>
>>>>>>>> and I get well the contents of www
>>>>>>>>
>>>>>>>> On the second client, I get :
>>>>>>>> ls: cannot open directory /mnt/var/www: Permission denied
>>>>>>>>
>>>>>>>> How it is possible ? where to look for ?
>>>>>>>>
>>>>>>>> please note that, on the 2 clients, if I ls :
>>>>>>>>
>>>>>>>> ls /mnt/var gives me correct results !!
>>>>>>>>
>>>>>>>>
>>>>>>>> Thank you for any help.
>>>>>>>>
>>>>>>>> PC
>>>>>>>>
>>>>>>>
>>>>>>> Hi, can you post a bit more info, how are you running Samba ?
>>>>>>> Can you post the smb.conf files from the two machines ?
>>>>>>>
>>>>>>> Rowland
>>>>>>>
>>>>>>>
>>>>>> Thank you.
>>>>>> Yes, I can. And I will if it is useful.
>>>>>
>>>>> Yes
>>>>>
>>>>>> But will it help you to help me ?
>>>>>
>>>>> Possibly
>>>>>
>>>>>>
>>>>>> I suppose have a correct samba configuration, as it works with
>>>>>> many customer computers (since years...).
>>>>>> Ma question 1 : Is it possible that I am wrong on this point ?
>>>>>
>>>>> Well, until we see the smb.conf, we will not know.
>>>> Thank you, please see below.
>>>>>
>>>>>>
>>>>>> My question 2 : what can make a difference between these 2
>>>>>> clients ?
>>>>>> There is a small difference : the "good" customer is Ubuntu, and
>>>>>> the "bad" one is debian...
>>>>>
>>>>> There shouldn't, in principal, be any difference.
>>>>>
>>>>>>
>>>>>> Please note that I cannot send the 2 smb.conf because I have only
>>>>>> one ! It is on the server.
>>>>>> There are no smb.conf on the clients.
>>>>>
>>>>> Hang on, what are you running on the Unix clients, where do they
>>>>> auth to ?
>>>> Mmm, I run standard cifs client, mounted in /etc/fstab as described
>>>> above, and without any smb.conf.
>>>> Something like
>>>> https://wiki.samba.org/index.php/Mounting_samba_shares_from_a_unix_client
>>>>
>>>> ------------------------------------------
>>>> Server smb.conf, I have removed a few more share, but all global
>>>> parameters are here :
>>>>
>>>> [global]
>>>>
>>>> workgroup = TOL
>>>>
>>>> server string = %h server (Samba, Ubuntu)
>>>> wins support = yes
>>>> dns proxy = no
>>>> interfaces = 127.0.0.0/8 eth0
>>>> log file = /var/log/samba/log.%m
>>>> max log size = 1000
>>>> syslog = 0
>>>> panic action = /usr/share/samba/panic-action %d
>>>> security = user
>>>> encrypt passwords = true
>>>> passdb backend = tdbsam
>>>> obey pam restrictions = yes
>>>> unix password sync = yes
>>>> passwd program = /usr/bin/passwd %u
>>>> passwd chat = *Enter\snew\s*\spassword:* %n\n
>>>> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>>>> pam password change = yes
>>>> map to guest = bad user
>>>> guest account = nous
>>>> usershare allow guests = yes
>>>>
>>>> #======================= Share Definitions =======================
>>>>
>>>> [printers]
>>>> ....
>>>>
>>>> [print$]
>>>> ....
>>>>
>>>> [var]
>>>> comment = var(V:)
>>>> writable = yes
>>>> public = yes
>>>> path = /var/
>>>> valid users = xxxx
>>>>
>>>>
>>>>
>>>>
>>>
>>> OK, it appears that you are running a workgroup called 'TOL'. This
>>> means that all your users and groups need to exist on all machines
>>> and all passwords need to be in sync.
>>>
>>> Have you checked that user 'xxxx' has the same password on all
>>> machines ?
>>> Does the share actually get mounted on the machine you are denied
>>> access to ?
>>> If it does get mounted, who actually owns the mounted share ?
>> Thank you very much.
>> Please note that that not only the shares are mounted but they work,
>> as explained in my first mail.
>> if on ALL my systems I :
>>
>> ls /mnt/var
>> It works.
>>
>> The problem is with :
>> ls /mnt/var/www
>>
>>
>> Thank you again.
>> PC
>
> So what you are saying is that you can mount ls /var from the server
> on any machine, but, on a particular machine, you cannot enter a dir
> under /var as a user that you think should be able to.
Yes, exactly !
>
> Do all client machines use the same version of cifs-mount ?
> is 'acl' & 'attr' installed on all client machines ?
Sorry, I do not know how to do, but samba is installed by standard
debian jessie package (the "bad" computer) , and by standard ubuntu
14.04 LTS package (the "good" computer).
> if you run 'getfacl /mnt/var/www' on both machines, do you get the
> same results ?
Yes, I get the same result :
nous at pcouderc:~$ getfacl /mnt/var/www
getfacl: Removing leading '/' from absolute path names
# file: mnt/var/www
# owner: root
# group: www-data
user::rwx
group::rwx
other::---
nous at pcouderc:~$ ls /mnt/var/www (on the "bad" computer)
ls: cannot open directory /mnt/var/www: Permission denied
and the user is member of www-data group :
nous at tolsupport:~$ cat /etc/group | grep www-data
www-data:x:33:nous,postgres
(("nous" is the "true" name of the user in /etc/fstab, instead of XXXX))
Thank you very much for your precious help.
PC
More information about the samba
mailing list