Page 1 of 1

samba share seperated disk

Posted: 2014/11/18 04:17:18
by xinloiemnham
I get trouble while trying to share mounted hard disk using samba.
Here is my volume table:

Code: Select all

# lsblk
NAME              MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
fd0                 2:0    1    4K  0 disk
sda                 8:0    0    5G  0 disk
ââsda1              8:1    0  500M  0 part /boot
ââsda2              8:2    0  4.5G  0 part
  ââvg_fs-lv_swap 253:0    0    2G  0 lvm  [SWAP]
  ââvg_fs-lv_root 253:1    0  2.6G  0 lvm  /
sdb                 8:16   0   20G  0 disk
sdc                 8:32   0   20G  0 disk
ââsdc1              8:33   0    1K  0 part
ââsdc5              8:37   0   20G  0 part /data
sr0                11:0    1 1024M  0 rom
/dev/sdc5 was mounted at /data
Here is content of /etc/samba/smb.conf

Code: Select all

[global]
        workgroup = sbb01.spoc.global
        server string = Samba Server Version %v
        security = user
        map to guest = bad user
        dns proxy = no
[data]
        path = /data
        writable = yes
        browsable = yes
        guest ok = yes
        read only = no
permission on /data (and its child folders):

Code: Select all

# ls -l / | grep data
drwxr-xr-x.   3 nobody nobody  4096 Nov 14 16:02 data
I've tested with /data on local disk (not mounted /dev/sdc5 on it), it works. Windows PC can access to this shared folder with no error, fully read/write on it.
But when I mount /dev/sdc5 on this mount point (/data), I cannot access it, here is the error:
Image

Re: samba share seperated disk

Posted: 2014/11/18 08:27:59
by TrevorH
Check the permissions on /data are correct. Also make sure that your selinux contexts on there are correct by running restorecon -r /data

Re: samba share seperated disk

Posted: 2014/11/19 07:15:38
by xinloiemnham
TrevorH wrote:Check the permissions on /data are correct. Also make sure that your selinux contexts on there are correct by running restorecon -r /data
As a comparation, I 've created one more share folder in /share, here is the content of /etc/samba/smb.conf:

Code: Select all

[global]
        workgroup = sbb01.spoc.global
        server string = Samba Server Version %v
        security = user
        map to guest = bad user
        dns proxy = no
[data]
        path = /data
        writable = yes
        browsable = yes
        guest ok = yes
        read only = no
[share]
        path = /share
        writable = yes
        browsable = yes
        guest ok = yes
        read only = no
Here is folder permission of those two folders:

Code: Select all

drwxr-xr-x.   3 nobody nobody  4096 Nov 14 16:02 data
drwxr-xr-x.   3 nobody nobody  4096 Nov 18 11:10 share
then I access to these shared folders from windows, I can read/write on /share folder but cannot access /data folder.
The only thing that differ is /dev/sdc5 was mounted on /data, no device was mounted on /share.

Re: samba share seperated disk

Posted: 2014/11/19 08:56:51
by TrevorH
Now post the ls -laZ output for those two directories.

Re: samba share seperated disk

Posted: 2014/11/19 09:30:10
by xinloiemnham
TrevorH wrote:Now post the ls -laZ output for those two directories.

Code: Select all

drwxr-xr-x. nobody nobody system_u:object_r:default_t:s0   data
drwxr-xr-x. nobody nobody unconfined_u:object_r:samba_share_t:s0 share

Re: samba share seperated disk

Posted: 2014/11/19 12:22:17
by TrevorH
Yes, there's your problem, the selinux context on /share is correct but on /data it is not. You need to use semanage fcontext to add a rule to tell it to label it correctly then restorecon -r the directory to apply the change or you need to use chcon to change it manually. The first method is better since it survives a filesystem relabel where the chcon method gets reset and your change backed out.

Re: samba share seperated disk

Posted: 2014/11/20 08:27:12
by xinloiemnham
TrevorH wrote:Yes, there's your problem, the selinux context on /share is correct but on /data it is not. You need to use semanage fcontext to add a rule to tell it to label it correctly then restorecon -r the directory to apply the change or you need to use chcon to change it manually. The first method is better since it survives a filesystem relabel where the chcon method gets reset and your change backed out.
thank you, this problem is solved :)