Samba vs. Firewall and/or SELinux
Hi all. I created a smb-share on my el6 for all windows-pcs in my home-network (I'm the only Linux-User in my family) for sharing all the stuff we have, like music and videos and documents. The share will be shown on the other pcs (Windows XP), but they can't open it. The error-message ist Share not found on our preferred language of course! SELINUX-CONFIG sh-4.1# cat /etc/selinux/targeted/contexts/files/file_contexts.local # This file is auto-generated by libsemanage # Do not edit directly. /data(/.*)?system_u:object_r:samba_share_t:s0 FIREWALL-CONFIG (Port 901 is for SWAT) sh-4.1# cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Thu Dec 20 17:28:14 2012 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p tcp -m state --state NEW -m tcp --dport 901 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 138 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 137 -j ACCEPT COMMIT # Completed on Thu Dec 20 17:28:14 2012 SAMBA Alice im Wunderland is the testfile I uploaded with disabled Firewall and disabled SELinux sh-4.1# testparm Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Processing section [public] Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions [global] workgroup = NETZWERK server string = Samba Server Version %v security = SHARE log file = /var/log/samba/log.%m max log size = 50 cups options = raw [public] comment = hier kannn reinkopiert werden path = /data/public read only = No create mask = 0777 guest only = Yes guest ok = Yes sh-4.1# cat /etc/samba/smbusers # Unix_name = SMB_name1 SMB_name2 ... root = administrator admin nobody = guest pcguest smbguest sh-4.1# ls -lisah /data/public total 144M 1703938 12K drwxrwxrwx. 4 nobody users 12K Dec 27 13:39 . 1703937 4.0K drwxr-xr-x. 3 root root 4.0K Dec 22 19:43 .. 1706985 144M -rwxrw-rw- 1 nobody nobody 144M Dec 27 13:39 Disney_ Alice im Wunderland (1951).mp4
Re: Samba vs. Firewall and/or SELinux
Nico Kadel-Garcia wrote: What do your family members see with \\ipaddress\, where ipaddress is the IP address of the Samba server? And are you using the built-in Samba, or a hand-compiled one? I'm using the samba rpms from the official repo, installed with yum. On \\ip they can see my share named public, but they can't open it with activated SELinux and activated firewall. They have writable access to this share with deactivated firewall and disabled SELinux. So it must be a problem with the firewall and/or SELinux. I think SELinux isn't correctly configured. Not relevant with SELinux disabled. Not relevant with firewall turned off temporarily. I want to offer this share with activated firewall and enabled SELinux consider using the system-config-firewall tool to manage these, rather than doing them manually. I opened the ports in the frontend, but it won't help! -- Ibrahim Arastirmacilar Yurtseven 2.6.32-279.19.1.el6.i686
