Sounds like the permissions are too tight. Instead of messing with shares in your home dirs, you may want to create a new directory for that purpose and open up the perms some.
I've just installed FC5 and I'm trying to get Samba working so my fiance's win2k laptop can see my linux shares.
Well, I've set it up using system-config-samba as well as tinkered with the smb.conf file etc etc but can't seem to get past the following stage:
smbd is up and running, windows machine can see the linux machine, and when I "open" the linux machine under windows networking, I can see the share but when I try to connect to it I get "\\Linuxbox\home is not accessible. The network name cannot be found." error.
Looking at the samba log files I see the following:
[2006/04/24 23:58:21, 2] lib/access.c:check_access(324)
Allowed connection from (10.0.0.5)
[2006/04/24 23:58:21, 0] smbd/service.c:make_connection_snum(663)
'/home' does not exist or permission denied when connecting to [home] Error was Permission denied
Any idea what the problem is here? How can I figure it out?
many thanks in advance
Yes, I'm guessing from the logfile message that it is permissions somewhere, but I'm not sure where?
I wanted to share the whole /home directory so I set the permissions on this and all subdirectories to be rwxrwxr-x which I thought was quite lenient. And I'm trying to connect with the same username on windows and password as my unix username and password so I really would think there would be no problem.
So is it the permissions on the directory and files themselves or in the smb.conf file or somewhere else? I don't know how to test for these possibilities.
Perhaps I could somehow set up a share with very relaxed permissions just to see if it works and then tighten up until the error occurs?
How would I go about this? Allow a guest account or set permissions on the directory to rwxrwxrwx ? Or set security level to something other than user? Any suggestions?
Well, I got the first problem figured out. Basically, I tried setting up a similar share in /tmp and that worked as expected. So I searched a bit more on google and discovered it was a security / firewall thing.
Using system-config-security I was able to determine that there was a setting (under the samba section) that prevented sharing home directories via samba. Since the share I created (/home/share) was on the /home filesystem it was affected by this setting.
So I disabled that setting and now was able to browse my /home/share directory from the windoze boxes.
BUT... I can't create directories from windoze! I can create files, delete files, open files and browse directories but I can't create them. When I try I get a "cannot create folder... access denied" or something like that error in Windows. Samba log files don't really help... they just say something about a permissions problem as well.
Is there some sort of setting somewhere that controls this?
I suppose I must setup my /tmp share again and see if I can do it there. It may well also be a problem with permissions on the /home filesystem.
Maybe it would just be easier for all concerned if I created a new filesystem /share .... but I would like to get to the bottom of this rather than work around it.
Any suggestions very welcome.
I am now able to create directories and do everything I need to do but only because I disabled SELinux. I presume this is not a clever thing to do?
But I can't figure out the individual setting on SELinux that would allow me to create directories under a /home subdirectory without disabling the entire SELinux. Any ideas?
How critical is SELinux to security?
When I turn it back on it says it may have to "relabel" a whole lot of files or something so I haven't done this yet, not knowing what it all means?