On 03/04/2016 01:48 AM, David Sommerseth wrote: > On 4 March 2016 09:45:38 CET, ToddAndMargo <[log in to unmask]> wrote: >> Hi All, >> >> Google is killing me here! >> >> Scientific Linux 7.2, 64 bit >> >> $ rpm -qa samba >> samba-4.2.3-11.el7_2.x86_64 >> >> Is there some trick to mounting an NTFS USB flash drive and >> sharing it with Samba? >> >> I am trying to share an NTFS flash drive with samba. >> If the drive is not mounted, I can do what I want >>from Windows 7 and XP on the mount point. I have >> full access. >> >> But, when I mount the stick to the mount point and >> try to browse the mount with W7 or XP, I get "permission >> denied". Specifically, from the W7 machines samba log: >> >> ../source3/smbd/uid.c:384(change_to_user) >> Skipping user change - already user >> >> ../source3/smbd/open.c:881(open_file) >> Error opening file . (NT_STATUS_ACCESS_DENIED) >> (local_flags=0) (flags=0) >> >> I mount suchlike: >> >> # mount -t ntfs -rw -o >> users,exec,sync,uid=todd,gid=users,fmask=000,dmask=000 /dev/sdc1 >> /mnt/iso >> >> (I know I don't need the masks, but I left them there in case >> they were needed) >> >> After mounting: >> # ls -al /mnt/iso >> >> total 1193 >> drwxrwxrwx. 1 todd users 4096 Mar 3 23:30 . >> drwxr-xr-x. 13 todd users 4096 Mar 3 21:47 .. >> -rwxrwxrwx. 1 todd users 122 Apr 12 2011 autorun.inf >> drwxrwxrwx. 1 todd users 4096 Apr 12 2011 boot >> -rwxrwxrwx. 1 todd users 383786 Apr 12 2011 bootmgr >> -rwxrwxrwx. 1 todd users 669568 Apr 12 2011 bootmgr.efi >> drwxrwxrwx. 1 todd users 0 Apr 12 2011 efi >> -rwxrwxrwx. 1 todd users 106768 Apr 12 2011 setup.exe >> drwxrwxrwx. 1 todd users 40960 Apr 12 2011 sources >> drwxrwxrwx. 1 todd users 0 Apr 12 2011 support >> drwxrwxrwx. 1 todd users 0 Apr 12 2011 upgrade >> >> My smb.conf: >> >> [iso] >> comment = mnt on rn1 -- Mount as M: >> path = /mnt/iso >> valid users = @users >> write list = @users >> force group = users >> force user = todd >> oplocks = no >> level2 oplocks = no >> strict locking = no >> blocking locks = no >> force create mode = 0000 >> create mode = 0777 >> force directory mode = 0000 >> directory mode = 0777 >> map system = yes >> map hidden = yes >> writable = yes >> >> Trying simpler: >> [iso] >> comment = mnt on rn1 -- Mount as M: >> path = /mnt/iso >> force group = users >> force user = todd >> Doesn't work either >> >> What am I doing wrong? >> >> Many thanks, >> -T > > > # grep denied /var/log/audit/audit.log > > If you see something which looks related, pipe them to audit2allow and see what it suggests. Ofen you may get som hints that you need to flip a selinux boolean. > > > -- > kind regards, > > David Sommerseth > # grep denied /var/log/audit/audit.log type=AVC msg=audit(1457071461.014:2015): avc: denied { write } for pid=26451 comm="smbd" name="test" dev="dm-1" ino=593703 scontext=system_u:system_r:smbd_t:s0 tcontext=unconfined_u:object_r:mnt_t:s0 tclass=dir These stem from when I was trying to get SeLinux to work on the share. "Test" was a shared directory. "Test" has since been removed. I can browse/use the mount point without issue as long as I do not have an NTFS Flash Drive mounted to it. No mention of /mnt/iso in the above # grep denied /var/log/audit/audit.log | grep iso # <nothing> :'(