You need to open the service in the firewall Type setup and go to the firewall and mark samba Then you will see all folders in the windows pc On Dec 28, 2012 10:11 AM, "Craig White" craig.white@ttiltd.com wrote:
On Dec 28, 2012, at 5:13 AM, Ibrahim Yurtseven wrote:
Daniel J Walsh wrote:
Not a great idea since every user will be allowed to read/write/execute
in
this directory.
I ran chown with root:users for data public in recursive mode and added nobody to the group users, but via samba created files will own by nobody:nobody instead of nobody:users, so it is not allowed for my local user to write and read the files added via samba. So I decided to access rwx to all. what is the trick in the smb.conf that the files will owned by the group "users"? I'm working with the parameter "create mask = 777". I would rather work with 770 and the files should be owned by the user "nobody" and the group "users".
I guess I'm not sure what the point is by having files owned by 'nobody' and then adding nobody 'user' to the 'users' group - that seems to be some rather twisted logic that has security implications far beyond the simple samba share configuration but hey… it's your box.
chirp users /data/public -R chmod g+s /data/public -R
will ensure that all files/folders in /data/public are owned by the group 'users' and any new files/folders created within (whether by samba or not) belong to that group.
if you add 'inherit permissions = yes' to the 'share' definition in smb.conf, that also will impact. Yes, you could also add: force security mode = 770 #or 775 force directory security mode = 770 #or 775 within the share definition too.
I would just check if it works in permissive mode then we can blame
this on
SELinux, if not, then it is not SELinux problem.
Works on permissive mode with activated firewall, but i changed "security=share" to "security=user" in the smb.conf as well. So the access to the samba-share works now on enforcing mode, too.
in my opinion, security=user is always the better solution.
Craig _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos