Samba - rrrrr, can't get out... (or in)

Morgan Read mstuff at read.org.nz
Fri Jan 20 10:56:03 UTC 2006 

Hi

Basically, sambas working and I can browse in my box etc, but I can't get in
or out.

I've written a detailed follow-up (post #5) to a Samba howto for fc2 re fc4:
<http://www.fedoraforum.org/forum/showthread.php?p=88288&mode=linear#post88288>

If anybody could point me in the right direction it'd be much appreciated,
either here (and I'll follow-up at fedoraforum) or there.

Copied below is the follow-up.

Thanks,
Morgan.

Here, below, is my terminal output with some annotations (###). (Skip to the
bottom for the conclusion.) So far I've got to running samba and accessing
the share from within my box, but all I get from out side my box are issues
at point 9... Also, I can't access external shares from inside my box (on
two windoze boxes that can see each other). So, I guess there's something
blocking samba access in and out of my box? Follow-ups much appreciated.

Perhaps a text file with this set-up (corrected) for fc5 could be placed on
the desktop of every account - might save a few novices a lot of hours?

######################
[root at morgansmachine ~]# useradd -c “Network Filestore” -m -g users -p
secret netfiles
Usage: useradd [options] LOGIN

Options:
-b, --base-dir BASE_DIR base directory for the new user account
home directory
...
-u, --uid UID force use the UID for the new user account
### Not an auspicious start. After some discussion with my local lug I fell
back to...
[root at morgansmachine ~]# useradd -c “Network Filestore” -m -g users netfiles
Usage: useradd [options] LOGIN

Options:
-b, --base-dir BASE_DIR base directory for the new user account
home directory
...
-u, --uid UID force use the UID for the new user account
### And then fell back to...
[root at morgansmachine ~]# useradd -m netfiles
### After which I used the gui (Desktop -> System Settings -> Users and
Groups) for the <-c “Network Filestore” -g users> bit, and then did...
[root at morgansmachine ~]# passwd netfiles
Changing password for user netfiles.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root at morgansmachine ~]# mkdir /home/export
[root at morgansmachine ~]# chmod u+rwx, g+rx, o+rx /home/export
chmod: cannot access `g+rx,': No such file or directory
chmod: cannot access `o+rx': No such file or directory
### Well clearly I can't expect to highlight and past into my terminal...
There's no space between the commas, but I just did...
[root at morgansmachine ~]# chmod u+rwx /home/export
[root at morgansmachine ~]# chmod g+rx /home/export
[root at morgansmachine ~]# chmod o+rx /home/export
[root at morgansmachine ~]# chown netfiles,users /home/export
chown: `netfiles,users': invalid user
### Oops, not again...
[root at morgansmachine ~]# chown netfiles, users /home/export
chown: `netfiles,': invalid user
### And, again...
[root at morgansmachine ~]# chown netfiles,users /home/export
chown: `netfiles,users': invalid user
### And, again...
[root at morgansmachine ~]# chown netfiles, users /home/export
chown: `netfiles,': invalid user
### All right, that's enough!
[root at morgansmachine ~]# chown netfiles:users /home/export
### And, that's more like it!
[root at morgansmachine ~]# smbpasswd -a netfiles
New SMB password:
Retype new SMB password:
Added user netfiles.
### Here, following point 6 I added to /etc/samba/smb.conf this:
[global]
workgroup = 19CLARKEROAD
netbios name = MORGANSMACHINE
security = SHARE

[netfs]
comment = Network Filestore on morgansmachine
path = /home/export
force user = netfiles
force group = users
read only = No
guest ok = Yes
###
[root at morgansmachine ~]# smbclient -L MORGANSMACHINE
Password:
Domain=[19CLARKEROAD] OS=[Unix] Server=[Samba 3.0.14a-2]

Sharename Type Comment
--------- ---- -------
netfs Disk Network Filestore on morgansmachine
IPC$ IPC IPC Service (Samba 3.0.14a-2)
ADMIN$ IPC IPC Service (Samba 3.0.14a-2)
Domain=[19CLARKEROAD] OS=[Unix] Server=[Samba 3.0.14a-2]

Server Comment
--------- -------
MORGANSMACHINE Samba 3.0.14a-2

Workgroup Master
--------- -------
19CLARKEROAD MORGANSMACHINE
[root at morgansmachine ~]#
######################

Hooray, got there! Not so fast... At this point I ran into the problem at
point 9, except I'd opened the ports in iptables... Couldn't even browse my
network from within my own box at this stage... But hang on, there's that
new (a bit old by now) tab to the "Security Level" gui... So, I've turned on
all the SELinux Samba access options - any follow-ups on what can be safely
turned back off?

Now, I can browse my Samba shares from with in my box - reliably my share is
alway there at "Computer -> Network -> MORGANSMACHINE -> netfs (or via
Computer -> Network -> Windows Network -> 19clarkeroad ->
MORGANSMACHINE...). Also, I can see Morgansmachine from the windoze boxes
but trying to access them results in errors as per point 9 (but, the
firewall ports have been opened and all the SELinux Samba access options
have been enabled). A bit deflating.

Clearly, I've missed something obvious. If someone could point me in the
right direction with a follow-up it'd be much appreciated.
-- 
Morgan Read
NEW ZEALAND
<mailto:mstuffATreadDOTorgDOTnz>

get a life; GET FIREFOX!
<www.getfirefox.com>
WHY ME?  Read on:
<http://www.theregister.co.uk/2004/06/28/cert_ditch_explorer/>
<http://www.theregister.co.uk/2004/09/13/german_ie_jitters/>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20060120/86875e1b/attachment-0002.bin

More information about the users mailing list