Server :: Samba And SELinux - Share The User Home Directories?

Oct 6, 2010

I'm running a Samba server (3.5.2-60.fc13) on Fedora 13 (64 bit). I want to share the user home directories and want to allow following of symlinks out of the share tree. So in smb.conf I used

unix extensions = no
wide links = yes

For SELinux I did:

setsebool -P samba_enable_home_dirs=1
getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off

[code]....

However I can't follow the symlinks when mounting my home directory on a Windows machine, unless I disable SeLinux.

View 5 Replies


ADVERTISEMENT

Red Hat / Fedora :: SELinux Is Preventing The Samba Daemon From Reading Users' Home Directories

Sep 1, 2010

My Fedora box is giving me an SELinux security error:

Code: Summary:

SELinux is preventing the samba daemon from reading users' home directories.

Detailed Description:

SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals an intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)

Allowing Access: If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"

Fix Command:

setsebool -P samba_enable_home_dirs=1

Additional Information:

Source Context system_u:system_r:smbd_t:s0
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects /home/micah [ dir ]
Source smbd

[code]....

View 2 Replies View Related

CentOS 5 Server :: Cannot Acess Samba Share Unless SElinux Is Off?

May 8, 2009

I don't think it has anything to do with the config file.More to do with SElinux. I need to know how to configure SElinux so I can see my samba share when SELinuxis on. When I setenforce 0 I can seen all the files and folders set it to setenforce 1 cannot see anything.Here is the output when I ran [root@fileserver /]# getsebool -a | grep smballow_smbd_anon_write --> onsmbd_disable_trans --> onThese two options were off I tried turning them on.This is another one of the commands I tried running. I did change a few options but I am not sure which I do need to change. I am running a stand alone server so I don't need the DC option.

[root@fileserver /]# getsebool -a | grep samba
samba_domain_controller --> off
samba_enable_home_dirs --> off

[code]....

View 2 Replies View Related

Server :: Samba And VSFTPD / Create Folder Rights That Samba And Ftp User Will Have An Access To All Directories?

Oct 20, 2010

I would like to configure an access to folder

/fileserver

for two services : Samba and VSFTPD

How to do it ? How to create folder rights that samba and ftp user will have an access (read/write/delete) to all directories in /fileserver.

My system is CentOS. I`m starting samba and vsftpd like a root (/etc/init.d/vsftpd start etc.)

View 1 Replies View Related

Server :: Use The NAS Storage Device To Store The Home Directories Of User?

Jun 15, 2011

we have purchased the Dell PowerVault NF 500 NAS Storage Box with Window Storage server 2003 is Installed.we have LDAP server for authentication the user in network for accessing network resources.All ubuntu users on client side use ubuntu(LDAP server )for user authentication.when a user logon on client side machine his home directory is created on client machine .

but we want to use the NAS storage device to store the home directories of user.we want to implement that ,whenever a user logon his home directory is created on powerValut NF 500 storage device so that all user data is stored centrally for taking the backup .we want to mount NAS storage device so that user uses when they login and create user profile.

View 1 Replies View Related

Fedora Servers :: Samba Share When Selinux Is In Permissive Mode?

May 13, 2009

I don't think it has anything to do with the config file. More to do with SElinux. I need to know how to configure SElinux so I can see my samba share when SELinux is on. When I setenforce 0 I can seen all the files and folders set it to setenforce 1 cannot see anything.

Here is the output when I ran [root@fileserver /]# getsebool -a | grep smb
allow_smbd_anon_write --> on
smbd_disable_trans --> on

These two options were off I tried turning them on.

This is another one of the commands I tried running. I did change a few options but I am not sure which I do need to change. I am running a stand alone server so I don't need the DC option.

[root@fileserver /]# getsebool -a | grep samba
samba_domain_controller --> off
samba_enable_home_dirs --> off
samba_export_all_ro --> on
samba_export_all_rw --> off
samba_share_nfs --> off
use_samba_home_dirs --> on

I can also post a copy of my smb.conf file too.

View 1 Replies View Related

Server :: Samba Share - Disable The Default Guest User Login?

Jul 20, 2011

I have a samba server with security user. I have a number of shares inside the share with different users logins. But while accessing the shares from windows, in the login prompt, by default username it takes as the guest. How will I disable the default guest user login ?

View 2 Replies View Related

OpenSUSE Network :: User's Home Directory Saved In Samba Server Not Locally

Mar 27, 2011

Continuing with my assigned task of migrating the company's PCs to GNU/Linux (openSUSE as server for GNU/Linux clients) I managed to set up a DC with roaming profiles for the few remaining Windows users, user validation and login for the openSUSE boxes and a few network shares with different rights. I know there are no roaming profiles for GNU/Linux and I can live with that but I would like to specify wich users/groups would have their home directories saved locally (notebook users) and which will save them on the Samba server.

By default home directories are saved locally but somehow Samba creates a minimal home directory for each user under /home in the Samba server. How can I tell the client box to use that directory? and how can I set up the few notebook users to save it on their disks? Maybe using the options under Yast > Security... > Users and groups management > Users (LDAP Users filter) > and then select the user and use the "Manage Samba account parameters" plug-in for specifying the different paths cant achieve this.

View 4 Replies View Related

Fedora :: 12 SELinux Context Not Updated When Changing User's Home Directory

Feb 15, 2010

I was setting up a Samba server and I ran into some problems with SELinux related to the context of the home directories. I made a user account, say "UserAccount", with a default home directory "home/UserAccount". Afterwards I realized that I needed to move the home directory of this particular user to another location, say "/home2/UserAccount". So I created the new directory, changed the permissions, and used Gnome's system-config-user to change the user's home directory.

I then set-up the Samba server, activated samba_run_unconfined and samba_enable_home_dirs in SELinux, and made an account for UserAccount. When testing the Samba account for UserAccount SELinux denied read access. I checked the context and the new home directory did not appeared to have been updated. I had to manually run:

restorecon -R -v /home2/UserAccount

to set the context on the new home directory. I'm not very familiar with SELinux, so my question is this: is this normal security policy or is a bug in the system-config-user tool? If it's normal policy can someone explain why? I'm always ready to learn Distro: Fedora 12 (kernel: 2.6.31.5-127.fc12.i686) System: Dual Intel Xeon @ 3.2 GHz, 1 GB RAM

View 4 Replies View Related

Ubuntu Servers :: Samba - ADS- Automatically Create Home Directories

Mar 22, 2010

At work, using SambaKerberos and ActiveDirectoryWinbindHowto, I joined my machine to our ADS network. Again using ActiveDirectoryWinbindHowto, I modified both common-account and common-auth with these settings.

file: /etc/pam.d/common-account
account sufficient pam_winbind.so
account required pam_unix.so
file: /etc/pam.d/common-auth

[Code]....

According the the doc, when I first log in as a domain user, it should create the home directiroy /home/<whateverdomain>/<theusername>, but it doesn't.

View 2 Replies View Related

Networking :: How To Mount Samba Home Directories As Read / Write?

Jun 14, 2011

I'm trying to configure a per user samba login for full access to the user's home directory.Mounting the shared directory works flawless when mounting from Windows. I can read, write, create without problems. However, when mounting from Linux the shared space is readonly.

View 8 Replies View Related

General :: Cannot Create User Home Directories?

Jun 4, 2010

Why when I command "useradd -m barth" do I get the error message: "cannot create directory /home/barth"? It only does this when a partition is mounted to /home.

View 14 Replies View Related

Red Hat / Fedora :: Restrict Users To Their Home Directories And Allow Admins To Have Different Home Directories?

Jan 20, 2010

Is it possible to restrict users to their home directories and allow admins to have different home directories? Essentially I want users to have a folder in /var/www/html/$USER and admins to have either unrestricted access or have their root directory be ./ or /www or /etc. I have is set now so users have access to thier home direcotry but I need to upload web files as admin.

So far I have created:
chroot_list
user_list

[code]....

View 1 Replies View Related

General :: Way Of Organizing Directories In Network Mounted User Home?

Jul 9, 2010

I work on machines with different architectures, all of which share the same home directory(what is the technical term for it -- network mounting ?). Since I don't have admin privileges on these systems, I have installed programs in /home/<my_id>/bin. A program compiled for one architecture doesn't work when I login into another system. I'm thinking of creating architecture specific directories which would contain inaries/libraries specific to that architecture and creating a softlink to it t /home/<my_id>/bin. The only problem with this solution is that I can't work on two systems at the same time.

View 1 Replies View Related

Server :: Allow Samba Server From Selinux Firewall In CentOS?

Jun 8, 2009

I'm using CentOS 5.3, and I want to allow my samba server from selinux. I disabled my selinux and it works fine, but I want to keep my seline firewall on and want to allow other workstation to access my samba server.

View 8 Replies View Related

Networking :: Samba Config - Cannot Access Share On Home Network

Sep 1, 2010

I've used Samba for several years and when it works it's great. Unfortunately from time to time it seems to get messed up and either all the 7 machines on my home network can't be seen or I can't access the shares on some. I have 2 Windows XP computers 4 Kubuntu and one Linux Mint KDE, all the latest versions. I'd rather not plough through all the documentation for Samba, but would really like a "model" smb.conf with a few comments about parts that might have legitimate variants. I have researched this with Google searches many times but have failed to find the information I need in concise form.

View 4 Replies View Related

Ubuntu Servers :: Apache User_dir Mod And Home Directories - Automatically Set When User Account Created?

May 28, 2010

I want to automaticly set the group ownership of user home directories to a group that the user is not part of. This is so that Apache can be part of this group and can access user public HTML directory, but other users are not able to access in any way the files in the users home directory. What I have seen that works manually is adding the user and then changing the group for the home directory. But I want to automatically set this when the user account is created. WHat I see happening is that when /etc/skel is copied, it automatically sets the group and ownership of everything to the users default group and ownership. I've seen some suggestions on setting permissions, but these don't seem to work because it seems that users are able to cd into a directory and not list it, but if they know the file name they can access the file.

View 1 Replies View Related

Server :: Share Directories With NFS?

Aug 7, 2010

If I share directories with NFS, how do I control the access of the users to the information?

View 1 Replies View Related

Networking :: Samba And Windows: Cannot Open User Share

Nov 11, 2009

ubuntu 9.04 and win xppro i've been pounding my head aganst this for hours now. reading anything i can find samba works mostly shares created from nautilus work fine from both ubuntu and windows if i check to allow guest access if not i can not log in it does work in the nautilus browser fine. shouldn't make a difference but am using a virtualbox win xp guest shares work without issue. printers work here is a dump of my service defenitions

[global]
workgroup = HOME
server string = %h server (Samba, Ubuntu)
map to guest = Bad User

[code]....

View 4 Replies View Related

Server :: Log User Samba Who Delete Or Move Files/folders On Samba Server ?

Feb 8, 2010

I need to know is there any way to record or tracking or make logging if when user samba delete files or folders i can know that, cause sometimeon samba server some users complain they lost files, though i have daily backup and i can restore their files, i just want to know if or maybe some other users in one group accidentally move or delete the files.

View 1 Replies View Related

Ubuntu Networking :: Samba Share Accessed As Wrong User?

Apr 4, 2011

I've had a Samba share set up for awhile now on my Ubuntu 10.04 server. Now I'm trying to create separate shares for separate users. When I started, I was logging in from my Windows box where I was Tony, and the only user on my 'nix box was htpc. I had the majority of my file permissions as open.

Now, I've created new users on the server, including Tony. But when I open a Samba share from my Windows computer, it does so as htpc. This is not a setting I ever put anywhere. I don't care about specific user names, but I want to have a folder that only I can access from my Windows box, and for someone else to have a folder only they can access from their Windows box.

View 2 Replies View Related

Ubuntu :: Samba User's Home Folder Is Not Visible?

Feb 16, 2010

I'm having some trouble with the user's home folders in Samba, ubuntu clients.I have a Samba server (Ubuntu Server 9.10)nd a bunch of windows clients and ubuntu clients too.On windows clients, each usercan see his home folder without problems, and the other shared folders too of course.The problem appears in ubuntu (i'm using gnome desktop with nautilus and the plugin for I enter Places->Network->Windowsetwork->DOMAIN->SERVER I only see the public shared folders, but no the samba user's home folder.I tryied connecting to samba through Places->Connect to Server and entering the username (for previous auth just in case) but nothing happens...

If, in nautilus I write smb://server/username, once it asked me for my user and password (but I told the popup to keep the password forever so now it doesnt ask me anymore :S), but it keeps not showing the folder under SERVER, the only way to access it is through smb://server/username directly. Even username@server does not work.Mi auth type in the Samba server is "user", and the auth config at my ubuntu client is also userJust in case.. when I type smbclient -L //SERVER -U username, it shows me the home folder ok.

View 1 Replies View Related

General :: Share A Folder In Samba With No Need Of Password For Individual User Not Guest?

Jun 13, 2011

I would like to know how to share a folder in samba with no need of password for individual user without using guest

View 5 Replies View Related

General :: Share A Folder In Samba With No Need Of User Password With Write Permission?

Jun 13, 2011

I would like to know how can I share a folder in samba with no need of user and password with write permission, with no need of using guest user.

View 3 Replies View Related

General :: Can Root And Main User Account Share Same Home Directory?

Feb 13, 2011

Or would this sacrifice security in some way? I've been using root only, and am ready to have a seperate account now. It's the dotfiles for GUI apps that I'm concerned about:

Code:
-rw------- 1 root root 98 Feb 13 16:23 .Xauthority
-rw------- 1 root root 6392 Feb 12 18:13 .bash_history
drwx------ 5 root root 4096 Jan 13 17:47 .config
drwxr-xr-x 4 root root 4096 Dec 29 21:36 .fvwm
drwx------ 4 root root 4096 Nov 7 19:55 .mozilla
-rw------- 1 root root 218 Jan 26 10:04 .recently-used.xbel
-rw------- 1 root root 98 Feb 13 16:23 .serverauth.17096
drwxr-xr-x 2 root root 4096 Dec 25 12:42 .tuxcmd
drwxr-xr-x 2 root root 4096 Feb 12 17:25 .xine

View 11 Replies View Related

Ubuntu Servers :: Samba Share Using Domain User/group In Valid Users?

May 20, 2010

I have Ubuntu server 10.04 joined to a domain using Likewise Open. I can login using my domain credentials and have added my domain account to the sudoers file. Now that I've got it joined to the domain I want to add some samba shares and have domain members use their accounts to access them. However, no matter what combination of my domain name and the domain user or group I use in the valid users field it won't let me in. What's the proper way of inputting a domain user or group in the valid user field?

This is the entry I'm using for the share:

Code:
[testshare]
path = /srv/testshare
valid users = @"Domain Name+Domain Group" (Have tried many things here)
public = no
writable = yes
printable = no
create mask = 0765

View 2 Replies View Related

Server :: Chroot Users To Thier Home Directories?

Dec 11, 2010

How can i chroot group of users to thier home directories and they have ssh access on RHEL 5.5 .. i tried many tuts but it was about chroot services.

View 2 Replies View Related

Server :: Home Directories Based On Group Membership

Jul 10, 2011

I have recently joined an 11.04 server to an AD and want to configure home directories based on group membership for all AD users that login. Basically, I want one home directory for "Domain Users" and another for "Domain Admins".

View 8 Replies View Related

Server :: [CentOS + LDAP] Create Home Directories On The First Login?

May 26, 2010

I noticed in Fedora that in Authenticate Configs ->Advanced, that there is an option to "Create home directories on the first login".I'd like to know if its possible to enable that through a text config file on a CentOS box that has ldap authentication enabled. Right now it's complaining that the home folder does not exist upon loggin with an ldap account.

View 1 Replies View Related

Server :: Setup Vsftpd With AD Users Without Home Directories Created?

Jul 3, 2009

I'm testing a Debian Lenny virtual machine to simulate my ideal setup for FTP server (with vsftpd): I want all internal users (corporation users with Active Directory accounts) to ftp into the same directory (i.e. /var/FTP/AD-DOMAIN/) and external users (customers) to ftp into their home directories (created manually on request).

I added user_config_dir=/etc/vsftpd_user_conf option in /etc/vsftpd.conf file and I've created /etc/vsftpd_user_conf/domain-user1 with local_root=/var/FTP/AD-DOMAIN

I have setup vsftp so I can ftp with every external and internal user chrooted and is working properly. AD validation for internal users and "normal" validation (via /etc/passwd) for external users work perfect.

I can FTP this server into /var/FTP/AD-DOMAIN with any AD user with its home directory created (i.e. /home/AD-DOMAIN/domain-user1/) but if I try to ftp with any AD user without its home directory created I get the error "500 OOPS: cannot change directory:/home/AD-DOMAIN/domain-user2"

I have found some references (http://wiki.flexion.org/FtpServer.html and http://howto.gumph.org/content/setup...ies-in-vsftpd/) about vsftp PAM authentication so I would supposedly get rid of the error message and the user would log into /var/FTP/AD-DOMAIN without problems, but I can't figure out how to setup my FTP server.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved