I'm trying to set a Samba share in /home/share on CentOS. I do not have great experience with setting up that kind of service. I've been following guides and recommendations here and there, but there's still something missing. Here's the full problem description.
Machine setup: I'm running in VMware player (hopefully ESX soon) a CentOS 6.3 server installed using the "minimal" ISO image. Bridged networking.
What I'm trying to do: Setup a Samba share folder for some users on the network to access (Windows users).
Symptoms: I can't connect to the share, nor can I get a list of shares at all. I tried from my Mint 14 laptop, and from a Win7 computer. I can ping the VM, but I can't get it to connect to the shared directory. I tried all ways I could think of. I frequently mount remote directories both on Windows and Linux. I'm pretty sure something's missing in my configurations.
What I have done so far:
- Fixed network access by following the indications here ("For DHCP" section). I couldn't ping anything before doing this. Now I can ping other computers on the local network, and popular domains on the Internet.
- Installed MySQL ODBC connector (yum), Mono (compiled), and Samba (yum). I need the first two for something else. Just saying for the sake of completeness.
- Added firewall rules for samba according to this page. I verified syntax (testparm) and it also loads without any error. iptables:
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited -A INPUT -s 192.168.100.0/24 -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT -A INPUT -s 192.168.100.0/24 -m state --state NEW -m udp -p udp --dport 445 -j ACCEPT -A INPUT -s 192.168.100.0/24 -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT -A INPUT -s 192.168.100.0/24 -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT -A INPUT -s 192.168.100.0/24 -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT COMMIT
- I threw in
setsebool -P samba_enable_home_dirs on
and tried tosemanage fcontext -a -t samba_share_t '/home/share(/.*)?'
but it looks like semanage is not installed. Anyway, like they say, I'd have an empty share. Now I don't have any share at all. - Here's my Samba conf file so far:
[global] workgroup = WORKGROUP server string = Samba Server log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam load printers = yes cups options = raw [files] comment = File directory path = /home/share valid users = user1 public = no writable = yes printable = no create mask = 0765
- Other than that, I created a user on CentOS, and gave him access to the share, by listing them in the samba conf file (user1 above) and by running
smbpasswd -a user1
. - I thought the problem could be /home/share permissions, so I set user1 as owner of /home/share.
- I manually make sure that smbd (and nmbd) service is running.
That must be exactly everything I did since OS installation (excluding Mono build details).
I'm totally stuck. I'm reading other guides and trying random configs here and there, but I'm clueless. Any help will be much appreciated.
EDIT:
For the record, what was missing (for permissions):
yum install policycoreutils-python
semanage fcontext -a -t samba_share_t '/home/share(/.*)?'
restorecon -R /home/share
Best Answer
With iptables, the rules are applied in the order they are written. The rules that come after
will never be processed as it is a blanket reject. Put these
before it.