FedoraCore 6 smbd /write acces problem

Anne Wilson cannewilson at tiscali.co.uk
Tue Feb 6 17:35:02 UTC 2007 

On Tuesday 06 February 2007 16:39, Andrada Meda Felegean wrote:
> Hello to All,
>
>     I have installed Fedora Core 6 (Zod) on a machine meant to sustain the
> WinMentor database for an internal network. I have configured smb.conf and
> tested it with testparm and everything went OK. [root at CIEmentor usr]#
> testparm
>         Load smb config files from /etc/samba/smb.conf
>         Processing section "[CIEWinMentor]"
>         Loaded services file OK.
>         Server role: ROLE_STANDALONE
>         Press enter to see a dump of your service definitions
>         [root at CIEmentor usr]#
>
> Here is my smb.conf file:
> #======================= Global Settings
> ===================================== [global]
>    workgroup = MATRICON
>    server string = Mentor Server
>    security = share
>    hosts allow = 192.168.0.
>    guest account = root
>    log file = /var/log/samba/%m.log
>    max log size = 50
>    local master = no
>    os level = 33
>    preferred master = no
>    dns proxy = no
>   add machine script = /usr/sbin/adduser -n -g machines -c Machine -d
> /dev/null -s /bin/false %u #============================ Share Definitions
> ============================== [CIEWinMentor]
>    comment = CIE WinMentor Databases
>    path = /usr/mentor
>    guest ok = yes
>    writable = yes
>    create mask = 777
>    sync always = yes
>    hosts allow = 192.168.0.9 192.168.0.10
>    public = yes
>
> The problem is that when i try to create a new file or folder from the
> browser, my acces is denied. I am able to see and access the folders/files
> that i have already copied on the Hdd, i am able to copy data and create
> new directories via ssh connection, but i have no write access from the
> browser. The error that i receive is:
>
> [root at CIEmentor usr]# tail -f /var/log/messages
> Feb  6 15:54:49 CIEmentor kernel: audit(1170770089.930:70): avc:  denied  {
> write } for  pid=12486 comm="smbd" name="mentor" dev=dm-0 ino=7791439
> scontext=root:system_r:smbd_t:s0 tcontext=root:object_r:usr_t:s0 tclass=dir
> Feb  6 15:54:49 CIEmentor kernel: audit(1170770089.934:71): avc:  denied  {
> write } for  pid=12486 comm="smbd" name="mentor" dev=dm-0 ino=7791439
> scontext=root:system_r:smbd_t:s0 tcontext=root:object_r:usr_t:s0 tclass=dir
> Feb  6 15:54:49 CIEmentor kernel: audit(1170770089.934:72): avc:  denied  {
> write } for  pid=12486 comm="smbd" name="mentor" dev=dm-0 ino=7791439
> scontext=root:system_r:smbd_t:s0 tcontext=root:object_r:usr_t:s0 tclass=dir
> Feb  6 15:54:49 CIEmentor kernel: audit(1170770089.938:73): avc:  denied  {
> write } for  pid=12486 comm="smbd" name="mentor" dev=dm-0 ino=7791439
> scontext=root:system_r:smbd_t:s0 tcontext=root:object_r:usr_t:s0 tclass=dir
>
> What can go wrong?
>
/usr/anything is not considered a good place for shared directories.  Take a 
look at

ls -l /usr/

Also, I wouldn't be happy with the line

guest account = root

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20070206/99923eaf/attachment-0002.bin

More information about the users mailing list