Ubuntu :: Bastille Removed All Permissions From Samba Smbd Nmbd Files
Mar 24, 2010
After running Bastille to harden my server, Samba stopped working. It had asked me if I would like to disable Samba during the configuration and I selected 'no' so it should not have done this.
When I tried:
Code:
sudo /etc/init.d/samba restart
Nothing happened. I found in the script, if it does not detect smbd and nmbd running, it just exits -- no error message, just simply does nothing.
I found that /usr/sbin/smbd and /usr/sbin/nmbd both had all permissions removed. I set them back to 755 and restarted samba normally.
The time the server smbd and nmbd functioned normally but when I restart the service he returned smbd nmbd not normal but when I try to start it the following error occurs:
Code: service nmbd start start: Job failed to start service nmbd status nmbd stop/waiting
samba quit working after win7 I'm new-ish to linux(not using ubuntu tho, but servers)i don't know what PID is.. i just installed a new ubuntu server of an old computer, for file sharing in workgroup with samba, and a little apache server running webmin is also running, giving me an error when restarting samba all worked very well untill i used win7 to access the \server this blog post have a fix for vista7? connecting to samba, but wont fix my problem after i connected to the share with win7 nothing seems to work
Quote:
# service samba status * nmbd is running * could not access PID file for smbd
and this:
# service samba start * starting samba deamons [fail]
restart wont work, neither do reboot the server. I am clueless some of my research is pointing me to /var/run/ and there is no smbd.pid there, not in any folder (nmbd.pid exist) i found something
# service samba reload * Reloading /etc/samba/smb.conf smbd only No process in pidfile `/var/run/samba/smbd.pid' found running; none killed. [ OK ]
i dont have any smbd.pid in the samba dir, should i create a new one.. and where do i get the PID -id that should be inside?
I'm running a fedora 14 file server with samba for a windows network. When I reboot my file server my samba share is no longer available. After a long search I found that if i run nmbd as root, the share is accessible again. I guess I can run nmbd everytime I reboot but I think something is wrong with my setup and it's one of those things that if I just ignore it will come back and bite me from behind
Just like the title states, as soon as my server comes up, I see the samba share that I made and can browse it just fine.
I don't see the printer share nor can I print to the shared printer until I execute service smbd restart from an ssh login. Then I see the printer and then I can network print.
Before restarting smbd, I do check to see if it's already running and it is (two instances are running in fact). When I restart smbd, there are still two smbd services running but they have higher PID numbers (and I can then print).
I'm running 10.04. how to make it all start up happily the first time without any intervention from me?
After what feels like weeks have tinkering around trying to get a Samba file server set up, I've finally given up! I have 4 drives and 2 groups:
1) Dev - Available to all users in both groups (normal and admin) 2) Misc - Available to users in admin group only 3) Admin - Available to users in admin group only 4) Accounts - Available to users in admin group only
Drives 1 and 2 are working fine, with the correct access rights. Drives 3 and 4 can be browsed by admins only, but no changes can be made at all - files & directories can't be renamed/moved/deleted. What is most confusing is that Drive 2 is set up exactly the same as Drives 3 and 4. The process I went through to get them working:
I've been having trouble with CUPS.I uninstalled it and I wanted to re-install it. When I removed CUPS some other files were removed too. I don't have an option of installing the software or updating a system, in the Control Center.
I have a fileserver running openSUSE 11.2 and samba services for file access from MS Windows based workstations. My question relates to changing default permissions on files and directories created from the windows clients.
Following are extracts of the /etc/samba/smb.conf file :
Even with the above entries, sometimes there are files and directories created by the windows clients having permission
I just ponder can anybody shed some light to me how to manually disable service such as FTP,SSH,etc in which Bastille is doing.If all the services can be manually disable,which mean Bastille is just a tool to help newbies like me to use it.
I recently installed Bastille as one of several programs to protect my new install. When I was going through the configuration, I was under the impression selecting to disable single user login would still allow me to login using my root password. On the graphical login screen it does not work.When I boot in recovery mode (I had a dual-boot installed), I can login in fine, but this is in a command line/terminal like screen. I attempted to re-configure Bastille using this screen, and here are my lackluster results.Command:/usr/sbin/InteractiveBastille -cThis command takes me through the questioning phase, but at the end I receive this error message when trying to save the new configuration.Failed to open log file /var/log/Bastille/action-log: Permission Deniedand ERROR: couldn't not write to etc/Bastille/config (exact wording!)I am not sure how to remedy this. I am tempted to try to uninstall Bastille and try something else, but I do want to have a security package as I file share.
Code: srv1:~ # ls -l /ih totalt 32 drwxr-xr-x 7 ctuser ctusers 4096 8 jun 13.33 admin drwxr-xr-x 5 ctuser ctusers 4096 8 jun 13.45 ct drwxr-x--- 6 ctuser ctusers 4096 8 jun 13.50 extadmin drwx------ 2 ctuser ctusers 16384 15 apr 13.20 lost+found code....
How on earth could all permissions be removed on SLES??And it is NOT a typo, I did type in "o" not "a" - checked and doublechecked. Also here the code is pasted from cli not rewritten.(All is done as root, both in SLES & Debian.)
I have a problem with file permissions over samba. I am running a web server, and this web server needs to be able to delete a file. The php code is correct, because it works on other sites. The php code is failing when it deletes a file because it is being ran as the www-data user. And the permissions on the files that are created on the share are as follows:
ns$ ls -l -rwxr-xr-x 1 root root 129628 Feb 6 08:16 20110206071748532.pdf This directory is mounted on: /var/www/files/23982dbb7a454425ce17a22bedc00776/scanned/AEC_Scans This is done with the /etc/fstab file: //192.168.58.2/Scans /var/www/files/23982dbb7a454425ce17a22bedc00776/scanned smbfs username=administrator,password=somepass
This is the second time it happens : I have some files/directories that have disappeared.The first time was:
- /home/$USER/.vimrc - /home/$USER/.thunderbird
And now, it's my folder:
/home/$USER/document
which was more important. Is there any known issue about that ? I have sometimes a file system scan when I startup my computer. Is there a relationship by any chance ?
i have an old desktop that i have decided to use as a central point for localhost/website files. I have 2 laptops, a ubuntu and vista, and i want them both to be able to see the public_html folder on my desktop, and be able to create/update folders and files.
I have set up the samba sharing and that's working fine, but when i create folders using my laptop, they are not writeable to the desktop or other laptop because my laptop is the creator. Is there a way that I can set it so that whenever folders/files are created from either laptop, they have full permissions?
When I create a new folder on my ubuntu machine and share it with my windows 7 machine using 'net usershare add <dir> <path>', I can't get write perms in Win 7. It keeps giving me a "You need permission to perform this action'. I've chmod the folder to 777 but still no luck.
The funny thing is, it was all working fine until I tried to add a new usershare yesterday (Can't think what I've changed). I use this sharing method to share all of my development /var/www/ folders so I can work on them from my win machine.
I have had a few problems with my samba smb.conf, and it nuked and rebuilt yesterday. I'm fairly new to the Linux game, and this permissions problem has me baffled.
I am trying to set up a Samba share on one of my machines where I am the owner and a special group manages permissions for read-only access ( me:specialgroup ). If I log into the share as me, there is no problem (I have read/write privs as per usual). However, I am not able to log into the share using any of the group members (there is only one currently). That user is not able to access the share (failed to mount).
The folder (which is the share) is owned by me:specialgroup and the permissions have been forced down the folder. Samba is set to Share this folder with no guest or others write access.
I'm attempting to set up a Samba share on my lab's small server (Ubuntu Server Edition, 10.04). It looked easy enough, but the share that I set up didn't allow anyone to actually put anything on it: no uploading stuff, etc. (You can still upload files via the command line, so I implemented the unix extensions = no fix). The share is writeable and visible, and anyone can access it (according to the Samba GUI). According to the smb.conf:
The other Windows machines in the lab see the new server and its share automatically, although they can't make changes to it, like create a new folder in the share. Most of my lab uses Snow Leopard (OS X 10.6), and a few others use Windows. I can connect to the server using my MacBook either through the terminal or Finder -> Go -> Connect to server -> smb://blah.someplace.edu without problems.
I can do pretty much anything via the command line, but not through the Finder! If I want to create a new folder, it gives me an old-school error message (stupid blue face): "The operation can't be competed because you don't have the necessary permission." If I want to drag-and-drop a file from my desktop to the Share folder, I get a pop-up window (lock + blue face): "Type your password to allow Finder to make changes." If I do, then I get another pop-up: "One or more items can't be copied to "Share" because you don't have permission to read them. Do you want to copy the items you are allowed to read?"
I can not manage file/folder permissions for created shares. I need get access from Win system to Linux shares. Actually I have access to its, but only to read folders and files. I tried to change permissions in create mask = 0765 and set it to 0777, but no success.
1.Added user # adduser samba # smbpasswd -a samba #set his password # smbpasswd -e samba #activating it 2. Installing SAMBA service
[Code].....
Folder /media/DATA/VIDEO not browseable and cant't enter it on Win system. It located on USB External HARD Drive, and attached to Linux system.
From a Win 7 client, I can copy/create/delete any files on any share on the Ubuntu Samba server so long that is part of my nix file system which is all ext4.This box also has and NTFS partition on it primarily for storage. I can copy/create/delete anything on this partition form the same Win 7 client with the exception of Quickbook save files.I have scoured the web looking for anything close to this but have yet to find anything that looks similar. Not lloking for a direct answer but if there is anyone else that has issues copying specific types of files to a Samba NTFS partition.
what I am trying achieve is read/write access for my MS domain account and read-only access for everyone else. In smb.conf I have this:
Code:
map to guest = bad user usershare allow guests = yes username map = /etc/samba/smbusers
[code].....
I can access this fine with my MS domain account, what I can't work out is how to give others read-only access to the same share. I guess I could create a second share for the same folder with a different name and permissions, but that seems a bit clunky and I'd have to remember to pass on a different name to the one I am using. I also tried using the Nautilus right-click "Sharing options" and then setting the folder permissions. This works fine for giving others read-only access, but loses capitalisation of the share name and doesn't seem to recognise my MS domain account as being valid.
I'm trying to set up my samba server so that all the shares are visible to everybody but that some shares can only be accessed by certain users. I have a folder Video that everybody can access without a username or password. I now want to create a share that only I can access called webserver.
This is my samba.conf Code: [global] dns proxy = No netbios name = DATABOX guest account = nobody restrict anonymous = no browseable = yes server string = server workgroup = WORKGROUP public = yes security = share
[Video] Writeable = yes Path = /media/data/Video Public = yes
[webserver] Writeable = yes Public = no User = malteser Path = /media/data/Webserver
Windows does not let me enter a username or password. I'm pretty sure this used to work.
First let me say that Lubuntu is a lightweight version of Ubuntu, so there is not much point in loading it up with unnecessary packages. If you just want to share printers on a Linux network, you don't need Samba. And if you just want a way that users can "push" files to others on a network, use Giver (+ Avahi) as this is a better option. Especially as it sorts out file permissions for you.
To enable file sharing on a Lubuntu 10.10 machine, go to Preferences > Synaptic Package Manager and add the following:- * samba * system-config-samba * gvfs-bin * gvfs-backends ...accepting any dependancies, 11 packages in total.
I suggest you re-boot now. As an initial test, go to file manager (pcmanfm) and enter:- smb://localhost You should see the local print$ folder listed.
To access folder shares remotely * open file manager (pcmanfm) * enter the IP address or computer name of the machine you wish to access e.g. smb://192.168.0.99 or smb://print-server
To share a folder:- Go to: Preferences > Samba (enter password when requested) In the Samba Configuration screen:- * File > Add Share * use Browse... to select folder to be shared * Tick "Visible" and (if required} "Writable" * In the "Access" select "Allow access to everyone" Set the Linux permissions:- * locate the folder to share in file manager * right click on the folder and select Properties > Permissions * set the required permissions, e.g. Other: Read & Write (to allow anyone full access)
I have a Samba server running on a box where I login to admin as user: FRED The Samba users are SUE JOE - Read only for specified paths (media playback access only user) SUE can read/write to any directory under the share: Media
So all that is working fine. As long as I do file operations remotely as SUE everything works remotely. How can I make it to where everything SUE does over Samba FRED automatically has permissions to edit when logged in locally (or SSH)? Also, remember, Joe needs to be able to read where specified.
Files saved on our ubuntu server via samba server are all being created/saved as read only (-rwxr--r--). The users are MAC Users who are connecting via finder.I have taken 2 steps:First I added the lines "umask 0000" to the .bashrc files in the users' home directories.Second, I have modified the /etc/samba/smb.conf file such that I set "create mask = 0000" and also "directory mask = 0000" but the files are still being created as "-rwxr--r--".
I'm having a hard time figuring out how to set permissions on my samba server and on mounting the share. I would appreciate help figuring things out. What I need to achieve is have a server share mounted on a computer and give read write access to the users of that client computer. Also permissions should be respected is a user limits access to a directory or file he creates.
What I did was replicate the users on both server and client computers and create an extra user on the server that has full access to the share both in linux and in samba, and I'm mounting the share on the client computer using that extra user from fstab. (Is this the best way to set things up or is there a better way?)
Now the issues I'm having; Whenever a user A creates a directory or file it's listed as created by user B. It turns out that the UID does not match on both computers. How do I fix that short or deleting and recreating the users in the proper order.
- Backup scripts running as root get lot permission denied errors writing to the share especially when using chown and chgroup. Could someone explain, or point me to an explanation of the logic behind permissions and mounting?
I am experiencing strange difficulties with Samba. The permissions aren't set correctly, when creating a file or a folder on the mounted samba share.
My smb.conf looks as follows: Code: [shareOffice] path = /home/shareOffice writable = yes browseable = yes create mode = 0777 directory mask = 0777 force create mode = 0777 force directory mode = 0777
Now if I create a regular file on the folder: Code: touch testFile; ls -l The permissions turn out to be: Code: -rwxr-xrwx 1 simon share 0 2011-06-28 21:42 testFile
Why the w bit on the group is missing? If I play around with the create mode / force create mode, I get every other possible permission output --- except the write access for group members.
This is a interesting confusing problem.Ok I have group with 3 users.I have a folder in /home with owner as root, and group that has read/write permissions.However if a user opens up a file and saves it via samba, the owner changes to the user, and the group members only have read permissions on the file.
When I run:make -f mymakefile clean I get:rm -f mybinary *.so.* *.dep *.o mybinary.symand all the above files are removed from the current directory.But I have a directory /src/ where I have all my source files located. The *.o file in this directory are not removed?
