When I let yum install the latest samba updates, it ate my smb users file and smb.conf. Once I restored those, it gave me several selinux avc denials, one of which I can't clear up. See http://bugs.centos.org/view.php?id=2965 for details.
Anyone else having problems like this?
Dave
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of David G. Mackay Sent: Tuesday, July 08, 2008 5:20 PM To: centos@centos.org Subject: [CentOS] Latest samaba updates
When I let yum install the latest samba updates, it ate my smb users file and smb.conf. Once I restored those, it gave me several selinux avc denials, one of which I can't clear up. See http://bugs.centos.org/view.php?id=2965 for details.
Anyone else having problems like this?
Dave ---------------------------------------- Did it give you a rpm.new.smb.config file on update of Samba? Users file also? I would first check my Selinux file Permissions for Samba. Then file permissions on the shared directories and also make sure that they are replicating on the file in the directory.
My idea would be disable SE Linux then make sure all you permissions are correct for the shares, then enable selinux. From you bug report it looks like permision problems. Also you have new selinux options in your smb.conf file, so check them out also.
Good Luck, JohnStanley
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, 2008-07-09 at 02:33 -0400, John wrote:
Did it give you a rpm.new.smb.config file on update of Samba? Users file also? I would first check my Selinux file Permissions for Samba. Then file permissions on the shared directories and also make sure that they are replicating on the file in the directory.
My idea would be disable SE Linux then make sure all you permissions are correct for the shares, then enable selinux. From you bug report it looks like permision problems. Also you have new selinux options in your smb.conf file, so check them out also.
The plot thickens. I set selinux to permissive, and was able to log in from the windows VM. Next, I set up a new CentOS5.2 VM, and got samba going on it. Then I updated everything but the samba and selinux policy packages and everything still worked. Finally, I added the samba and selinux packages, and everything worked as it should. I have no idea what set of circumstances led to the original failure. I guess I'll just have to reinstall Centos on the real iron.
Dave
Remember this. It is going to work when set to Permisive regardless!!
John
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of David G. Mackay Sent: Wednesday, July 09, 2008 10:36 PM To: CentOS mailing list Subject: RE: [CentOS] Latest samaba updates
On Wed, 2008-07-09 at 02:33 -0400, John wrote:
Did it give you a rpm.new.smb.config file on update of Samba? Users file also? I would first check my Selinux file Permissions for Samba. Then file permissions on the shared directories and also make sure that they are replicating on the file in the directory.
My idea would be disable SE Linux then make sure all you permissions are correct for the shares, then enable selinux. From you bug report it looks like permision problems. Also you have new selinux options in your smb.conf file, so check them out also.
The plot thickens. I set selinux to permissive, and was able to log in from the windows VM. Next, I set up a new CentOS5.2 VM, and got samba going on it. Then I updated everything but the samba and selinux policy packages and everything still worked. Finally, I added the samba and selinux packages, and everything worked as it should. I have no idea what set of circumstances led to the original failure. I guess I'll just have to reinstall Centos on the real iron.
Dave
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Thu, 2008-07-10 at 12:32 -0400, John wrote:
Remember this. It is going to work when set to Permisive regardless!!
Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc.
Dave
On Fri, Jul 11, 2008 at 8:24 AM, David G. Mackay mackay_d@bellsouth.net wrote:
Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc.
Try:
find . ! -perm /222
See "man find" for details.
HTH, Filipe
On Fri, 2008-07-11 at 09:09 -0400, Filipe Brandenburger wrote:
On Fri, Jul 11, 2008 at 8:24 AM, David G. Mackay mackay_d@bellsouth.net wrote:
Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc.
Try:
find . ! -perm /222
See "man find" for details.
Thank you. The other question is whether selinux is concerned about a file being r/o at the owner, group, or anonymous level. Is 644 OK, or 640, or 644?
Dave
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of David G. Mackay Sent: Friday, July 11, 2008 8:24 AM To: CentOS mailing list Subject: RE: [CentOS] Latest samaba updates
On Thu, 2008-07-10 at 12:32 -0400, John wrote:
Remember this. It is going to work when set to Permisive regardless!!
Thanks, I will remember. Now I just need to find out what it means by read-only. A find -perm 400 on the directory gives no hits, nor do most other variations, like 444, etc.
Dave --------------- See "man ls". There is special SELinux Context Perms that it will show using the special ls options. Otherwise with a regular ls /dev/null you want see. I do remember seeing a few SE Linux know hows on the list maybe they can chime in on this for you.
JohnStanley
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
David G. Mackay -
Filipe Brandenburger -
John