Samba:需要访客/所有人只读且组内用户可写

tag-icon tag-icon linux centos samba
Samba:需要访客/所有人只读且组内用户可写

我无法让它正常工作。我可以以访客身份登录,但当我输入服务器上用户的用户名和密码时,它不接受。甚至 root 也不接受。

smb配置文件

[global]
    workgroup = WORKGROUP
    server string = Samba Server Version %v

    # log files split per-machine:
    log level = 2
    log file = /var/log/samba/log.%m
    # maximum size of 50KB per log file, then rotate:
    max log size = 50
    debug timestamp = yes

    security = user
    passdb backend = tdbsam

    map to guest = bad user

[public]
    comment = Public Stuff
    path = /opt/shares/filerepo
    public = yes
    writable = yes
    printable = no
    write list = +samba

用户是filerepo

/etc/密码:

filerepo:x:1000:1001::/home/filerepo:/bin/bash

群组信息:

$ groups filerepo
filerepo : filerepo samba

共享目录的权限(ls -lZ /opt/shares/):

drwxrwxr-x. filerepo samba unconfined_u:object_r:samba_share_t:s0 filerepo

Samba 服务:

$ systemctl status smb.service
smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled)
   Active: active (running) since Fri 2015-04-24 13:21:52 PDT; 4s ago
 Main PID: 19684 (smbd)
   Status: "smbd: ready to serve connections..."
   CGroup: /system.slice/smb.service
           ├─19684 /usr/sbin/smbd
           └─19685 /usr/sbin/smbd

Apr 24 13:21:52 localhost.localdomain smbd[19683]: [2015/04/24 13:21:52.516358,  0] ../source3/smbd/server.c:1269(main)
Apr 24 13:21:52 localhost.localdomain smbd[19683]: standard input is not a socket, assuming -D option
Apr 24 13:21:52 localhost.localdomain smbd[19684]: [2015/04/24 13:21:52.522356,  0] ../lib/util/become_daemon.c:136(daemon_ready)
Apr 24 13:21:52 localhost.localdomain systemd[1]: Started Samba SMB Daemon.
Apr 24 13:21:52 localhost.localdomain smbd[19684]: STATUS=daemon 'smbd' finished starting up and ready to serve connectionsFailed to fetch record!
Apr 24 13:21:52 localhost.localdomain smbd[19686]: STATUS=daemon 'smbd' finished starting up and ready to serve connectionsUnable to connect to CUPS server localhost:631 - Transport endpoint is not connected
Apr 24 13:21:52 localhost.localdomain smbd[19685]: STATUS=daemon 'smbd' finished starting up and ready to serve connectionsfailed to retrieve printer list: NT_STATUS_UNSUCCESSFUL

防火墙:

$ systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
   Active: inactive (dead) since Fri 2015-04-24 13:00:08 PDT; 25min ago

答案1

当我查看我的日志时,/var/log/samba/log.xxxxxxx我看到了

check_ntlm_password:  Authentication for user [filerepo] -> [filerepo] FAILED with error NT_STATUS_NO_SUCH_USER

虽然我添加了linux用户/密码,但我没有添加samba用户/密码。

为了使其工作,我必须执行以下操作:smbpassword -a filerepo并为 samba 用户设置密码。

答案2

尝试暂时禁用 SElinux(重启后 SELinux 将启用):

setenforce 0

或者

echo 0 >/selinux/enforce

如果可行(Samba 运行良好),请使用 SELinux 设置 Samba,例如:http://wiki.centos.org/HowTos/SetUpSamba#head-86233024cba06a1e4f554e763a2f634a61eae9b8

PS:不要永远禁用 SELinux,这不是正确的做法。

相关内容