 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 4 Mar 2016 02:05:50 -0800 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
On 03/04/2016 01:48 AM, David Sommerseth wrote:
> On 4 March 2016 09:45:38 CET, ToddAndMargo <[log in to unmask]> wrote:
>> Hi All,
>>
>> Google is killing me here!
>>
>> Scientific Linux 7.2, 64 bit
>>
>> $ rpm -qa samba
>> samba-4.2.3-11.el7_2.x86_64
>>
>> Is there some trick to mounting an NTFS USB flash drive and
>> sharing it with Samba?
>>
>> I am trying to share an NTFS flash drive with samba.
>> If the drive is not mounted, I can do what I want
>>from Windows 7 and XP on the mount point. I have
>> full access.
>>
>> But, when I mount the stick to the mount point and
>> try to browse the mount with W7 or XP, I get "permission
>> denied". Specifically, from the W7 machines samba log:
>>
>> ../source3/smbd/uid.c:384(change_to_user)
>> Skipping user change - already user
>>
>> ../source3/smbd/open.c:881(open_file)
>> Error opening file . (NT_STATUS_ACCESS_DENIED)
>> (local_flags=0) (flags=0)
>>
>> I mount suchlike:
>>
>> # mount -t ntfs -rw -o
>> users,exec,sync,uid=todd,gid=users,fmask=000,dmask=000 /dev/sdc1
>> /mnt/iso
>>
>> (I know I don't need the masks, but I left them there in case
>> they were needed)
>>
>> After mounting:
>> # ls -al /mnt/iso
>>
>> total 1193
>> drwxrwxrwx. 1 todd users 4096 Mar 3 23:30 .
>> drwxr-xr-x. 13 todd users 4096 Mar 3 21:47 ..
>> -rwxrwxrwx. 1 todd users 122 Apr 12 2011 autorun.inf
>> drwxrwxrwx. 1 todd users 4096 Apr 12 2011 boot
>> -rwxrwxrwx. 1 todd users 383786 Apr 12 2011 bootmgr
>> -rwxrwxrwx. 1 todd users 669568 Apr 12 2011 bootmgr.efi
>> drwxrwxrwx. 1 todd users 0 Apr 12 2011 efi
>> -rwxrwxrwx. 1 todd users 106768 Apr 12 2011 setup.exe
>> drwxrwxrwx. 1 todd users 40960 Apr 12 2011 sources
>> drwxrwxrwx. 1 todd users 0 Apr 12 2011 support
>> drwxrwxrwx. 1 todd users 0 Apr 12 2011 upgrade
>>
>> My smb.conf:
>>
>> [iso]
>> comment = mnt on rn1 -- Mount as M:
>> path = /mnt/iso
>> valid users = @users
>> write list = @users
>> force group = users
>> force user = todd
>> oplocks = no
>> level2 oplocks = no
>> strict locking = no
>> blocking locks = no
>> force create mode = 0000
>> create mode = 0777
>> force directory mode = 0000
>> directory mode = 0777
>> map system = yes
>> map hidden = yes
>> writable = yes
>>
>> Trying simpler:
>> [iso]
>> comment = mnt on rn1 -- Mount as M:
>> path = /mnt/iso
>> force group = users
>> force user = todd
>> Doesn't work either
>>
>> What am I doing wrong?
>>
>> Many thanks,
>> -T
>
>
> # grep denied /var/log/audit/audit.log
>
> If you see something which looks related, pipe them to audit2allow and see what it suggests. Ofen you may get som hints that you need to flip a selinux boolean.
>
>
> --
> kind regards,
>
> David Sommerseth
>
# grep denied /var/log/audit/audit.log
type=AVC msg=audit(1457071461.014:2015): avc: denied { write } for
pid=26451 comm="smbd" name="test" dev="dm-1" ino=593703
scontext=system_u:system_r:smbd_t:s0
tcontext=unconfined_u:object_r:mnt_t:s0 tclass=dir
These stem from when I was trying to get SeLinux to work
on the share. "Test" was a shared directory. "Test"
has since been removed.
I can browse/use the mount point without issue as
long as I do not have an NTFS Flash Drive mounted to it.
No mention of /mnt/iso in the above
# grep denied /var/log/audit/audit.log | grep iso
# <nothing>
:'(
|
|
|
