SAMBA: mounted device on Server - no access in Windows

Issues related to configuring your network
Post Reply
z.petersen1
Posts: 10
Joined: 2017/11/21 06:58:19

SAMBA: mounted device on Server - no access in Windows

Post by z.petersen1 » 2017/11/21 07:18:44

Hi there,

I've got a problem and dont have no ideas anymore...

I'm running samba server on my CENTOS-Machine.
All is fine, when I try to connect a share (e.g. /mnt/Share1) in Windows, it works.
But when I mount a device to this share (e.g. mount /dev/sdb1 /mnt/Share1), Windows says that I have no access...
The rights are OK (i tried 777 too). Username is the same then in Windows.
I can connect from Windows to the samba-server an browse to all shares.

Whan can here be wrong??

I hope for any ideas ;-)

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SAMBA: mounted device on Server - no access in Windows

Post by TrevorH » 2017/11/21 08:02:05

Read the top portion of /etc/samba/smb.conf and see if that helps:

Code: Select all

# Security-Enhanced Linux (SELinux) Notes:
#
# Turn the samba_domain_controller Boolean on to allow Samba to use the useradd
# and groupadd family of binaries. Run the following command as the root user to
# turn this Boolean on:
# setsebool -P samba_domain_controller on
#
# Turn the samba_enable_home_dirs Boolean on if you want to share home
# directories via Samba. Run the following command as the root user to turn this
# Boolean on:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory, such as a new top-level directory, label it
# with samba_share_t so that SELinux allows Samba to read and write to it. Do
# not label system directories, such as /etc/ and /home/, with samba_share_t, as
# such directories should already have an SELinux label.
#
# Run the "ls -ldZ /path/to/directory" command to view the current SELinux
# label for a given directory.
#
# Set SELinux labels only on files and directories you have created. Use the
# chcon command to temporarily change a label:
# chcon -t samba_share_t /path/to/directory
#
# Changes made via chcon are lost when the file system is relabeled or commands
# such as restorecon are run.
#
# Use the samba_export_all_ro or samba_export_all_rw Boolean to share system
# directories. To share such directories and only allow read-only permissions:
# setsebool -P samba_export_all_ro on
# To share such directories and allow read and write permissions:
# setsebool -P samba_export_all_rw on
#
# To run scripts (preexec/root prexec/print command/...), copy them to the
# /var/lib/samba/scripts/ directory so that SELinux will allow smbd to run them.
# Note that if you move the scripts to /var/lib/samba/scripts/, they retain
# their existing SELinux labels, which may be labels that SELinux does not allow
# smbd to run. Copying the scripts will result in the correct SELinux labels.
# Run the "restorecon -R -v /var/lib/samba/scripts" command as the root user to
# apply the correct SELinux labels to these files.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

z.petersen1
Posts: 10
Joined: 2017/11/21 06:58:19

Re: SAMBA: mounted device on Server - no access in Windows

Post by z.petersen1 » 2017/11/21 09:17:38

Hello,

thanks.

the "chcon -t samba_share_t /path/to/directory" dont work when the share ist mounted to /dev/sdb1
So the "access denied" appears on...

-zoran-

z.petersen1
Posts: 10
Joined: 2017/11/21 06:58:19

Re: SAMBA: mounted device on Server - no access in Windows

Post by z.petersen1 » 2017/11/21 09:31:24

OK, I disabled SELINUX temporarely.

then it works.
can it be, that I must mount the share with special options for SELINUX?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SAMBA: mounted device on Server - no access in Windows

Post by TrevorH » 2017/11/21 10:30:54

the "chcon -t samba_share_t /path/to/directory" dont work when the share ist mounted to /dev/sdb1
Did you run that with the /dev/sdb1 device mounted on /path/to/directory? Also, if you don't tell it to then chcon doesn't operate recursively...
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

z.petersen1
Posts: 10
Joined: 2017/11/21 06:58:19

Re: SAMBA: mounted device on Server - no access in Windows

Post by z.petersen1 » 2017/11/21 10:45:01

Hi,

I tried it unmounted first.
"chcon -t samba_share_t /mnt/serverplatte2"
No error message.
But when I mount it
"mount -o uid=1000,gid=1000 /dev/sdb1 /mnt/serverplatte2"
and set the command
"chcon -t samba_share_t /mnt/serverplatte2"
then I got an error-message: "chcon: Contex from "/mnt/serverplatte2" could not changed to "system_u:object_r:samba_share_t:s0". Operation not supported."

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SAMBA: mounted device on Server - no access in Windows

Post by TrevorH » 2017/11/21 10:50:11

There's no point in running it with the filesystem unmounted.

What filesystem is on the drive?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

z.petersen1
Posts: 10
Joined: 2017/11/21 06:58:19

Re: SAMBA: mounted device on Server - no access in Windows

Post by z.petersen1 » 2017/11/21 11:12:46

vfat. Becaust I will it read on Windows too.
Ist this the problem?

z.petersen1
Posts: 10
Joined: 2017/11/21 06:58:19

Re: SAMBA: mounted device on Server - no access in Windows

Post by z.petersen1 » 2017/11/21 11:17:08

OK, I've found the TRICK !

mounting via fstab whith this options:

/dev/sdb1 /mnt/serverplatte2 vfat context="system_u:object_r:samba_share_t:s0",rw,uid=1000,gid=1000,umask=0000,defaults

Now it works!

Great Hera ;-)
That's all other than easy...

Post Reply