truename
2016-Dec-07 09:08 UTC
[CentOS] You have not permission to view content of this location
OS: CentosOS 7
I have installed samba + openldap + smbldap-tools + pam by:
yum --enablerepo=extras install -y epel-release
yum install -y smbldap-tools
yum install -y samba openldap openldap-clients openldap-servers
migrationtools
yum install -y nss-pam*
I know that smbldap-tools is a dead project, but I'm interested in it and
would like research on it.
I create users and groups by:
sudo smbldap-groupadd -a g1
sudo smbldap-groupadd -a g2
sudo smbldap-useradd -a -P -g 1001 u1
sudo smbldap-useradd -a -P -g 1002 u1
groups u1
u1 : g1
groups u2
u2 : g2
I create shared folder:
cd /
sudo mkdir data
sudo chown u1 /data
sudo chgrp g1 /data
sudo chmod ugo+rwx /data
I edit /etc/samba/smb.conf:
[data]
comment = data
path = /data
valid users = u1,u2
write list = u1,u2
create mask = 0777
sync always = Yes
; hide dot files = yes
; writeable = no
And then:
sudo service smb restart
When I open file manager and input following in location box:
smb://127.0.0.1
The shared folder data is shown, I click the shared folder and input username u1
and password, I get error message: You have not permission to view content of
this location
The error message is Chinese in my system, I translate it into English.
Thanks
Mike Burger
2016-Dec-07 14:06 UTC
[CentOS] You have not permission to view content of this location
On 2016-12-07 4:08 am, truename wrote:> OS: CentosOS 7 > > I have installed samba + openldap + smbldap-tools + pam by: > > yum --enablerepo=extras install -y epel-release > yum install -y smbldap-tools > yum install -y samba openldap openldap-clients openldap-servers > migrationtools > yum install -y nss-pam* > > I know that smbldap-tools is a dead project, but I'm interested in it > and would like research on it. > > I create users and groups by: > > sudo smbldap-groupadd -a g1 > sudo smbldap-groupadd -a g2 > sudo smbldap-useradd -a -P -g 1001 u1 > sudo smbldap-useradd -a -P -g 1002 u1 > > groups u1 > u1 : g1 > > groups u2 > u2 : g2 > > I create shared folder: > > cd / > sudo mkdir data > > sudo chown u1 /data > sudo chgrp g1 /data > > sudo chmod ugo+rwx /data > > I edit /etc/samba/smb.conf: > > [data] > comment = data > path = /data > valid users = u1,u2 > write list = u1,u2 > create mask = 0777 > sync always = Yes > ; hide dot files = yes > ; writeable = no > > And then: > > sudo service smb restart > > When I open file manager and input following in location box: > > smb://127.0.0.1 > > The shared folder data is shown, I click the shared folder and input > username u1 and password, I get error message: You have not permission > to view content of this location > > The error message is Chinese in my system, I translate it into English. > > ThanksSilly question...what are the permissions on /data? -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1
Jonathan Billings
2016-Dec-07 14:19 UTC
[CentOS] You have not permission to view content of this location
On Wed, Dec 07, 2016 at 05:08:11PM +0800, truename wrote:> sudo chown u1 /data > sudo chgrp g1 /data > > sudo chmod ugo+rwx /data > > I edit /etc/samba/smb.conf: > > [data] > comment = data > path = /data > valid users = u1,u2 > write list = u1,u2 > create mask = 0777 > sync always = Yes > ; hide dot files = yes > ; writeable = noOut of curiosity, I ran: # matchpathcon /data /data system_u:object_r:etc_runtime_t:s0 I'm not sure why /data is labeled etc_runtime_t, but I suspect that's why you can't export its contents via Samba, SELinux is probably preventing it. I suggest following the directions here: https://wiki.centos.org/HowTos/SetUpSamba#head-86233024cba06a1e4f554e763a2f634a61eae9b8 and run: semanage fcontext -a -t samba_share_t '/data(/.*)?' restorecon -R /data -- Jonathan Billings <billings at negate.org>
truename
2016-Dec-08 16:12 UTC
[CentOS] You have not permission to view content of this location
ls -ld data/ drwxrwxrwx. 2 root root 6 12? 8 23:34 data/ I get following message from LOG file of samba: [2016/12/09 00:01:56.326449, 4, pid=19816, effective(0, 0), real(0, 0)] ../source3/passdb/pdb_ldap.c:2437(ldapsam_getgroup) ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-11)) What this means? Thanks. Du At 2016-12-07 22:06:32, "Mike Burger" <mburger at bubbanfriends.org> wrote:>On 2016-12-07 4:08 am, truename wrote: >> OS: CentosOS 7 >> >> I have installed samba + openldap + smbldap-tools + pam by: >> >> yum --enablerepo=extras install -y epel-release >> yum install -y smbldap-tools >> yum install -y samba openldap openldap-clients openldap-servers >> migrationtools >> yum install -y nss-pam* >> >> I know that smbldap-tools is a dead project, but I'm interested in it >> and would like research on it. >> >> I create users and groups by: >> >> sudo smbldap-groupadd -a g1 >> sudo smbldap-groupadd -a g2 >> sudo smbldap-useradd -a -P -g 1001 u1 >> sudo smbldap-useradd -a -P -g 1002 u1 >> >> groups u1 >> u1 : g1 >> >> groups u2 >> u2 : g2 >> >> I create shared folder: >> >> cd / >> sudo mkdir data >> >> sudo chown u1 /data >> sudo chgrp g1 /data >> >> sudo chmod ugo+rwx /data >> >> I edit /etc/samba/smb.conf: >> >> [data] >> comment = data >> path = /data >> valid users = u1,u2 >> write list = u1,u2 >> create mask = 0777 >> sync always = Yes >> ; hide dot files = yes >> ; writeable = no >> >> And then: >> >> sudo service smb restart >> >> When I open file manager and input following in location box: >> >> smb://127.0.0.1 >> >> The shared folder data is shown, I click the shared folder and input >> username u1 and password, I get error message: You have not permission >> to view content of this location >> >> The error message is Chinese in my system, I translate it into English. >> >> Thanks > >Silly question...what are the permissions on /data? > >-- >Mike Burger >http://www.bubbanfriends.org > >"It's always suicide-mission this, save-the-planet that. No one ever >just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1
truename
2016-Dec-08 16:30 UTC
[CentOS] You have not permission to view content of this location
Hi, This works. Thanks a lot. :D At 2016-12-07 22:19:03, "Jonathan Billings" <billings at negate.org> wrote:>On Wed, Dec 07, 2016 at 05:08:11PM +0800, truename wrote: >> sudo chown u1 /data >> sudo chgrp g1 /data >> >> sudo chmod ugo+rwx /data >> >> I edit /etc/samba/smb.conf: >> >> [data] >> comment = data >> path = /data >> valid users = u1,u2 >> write list = u1,u2 >> create mask = 0777 >> sync always = Yes >> ; hide dot files = yes >> ; writeable = no > >Out of curiosity, I ran: > ># matchpathcon /data >/data system_u:object_r:etc_runtime_t:s0 > >I'm not sure why /data is labeled etc_runtime_t, but I suspect that's >why you can't export its contents via Samba, SELinux is probably >preventing it. > >I suggest following the directions here: >https://wiki.centos.org/HowTos/SetUpSamba#head-86233024cba06a1e4f554e763a2f634a61eae9b8 > >and run: > >semanage fcontext -a -t samba_share_t '/data(/.*)?' >restorecon -R /data > >-- >Jonathan Billings <billings at negate.org> >_______________________________________________ >CentOS mailing list >CentOS at centos.org >https://lists.centos.org/mailman/listinfo/centos