Samba won't dance [Solved - sort of]

Claude Jones cjones at levitjames.com
Thu Apr 17 12:22:05 UTC 2008


On Mon April 14 2008, Claude Jones wrote:
> It's no longer funny
>
> Each release, I hope things improve...they don't
>
> I can run distro after distro, from live CD's or installations, and
> networking either just works, or is easily configured...PCLinuxOS, MEPIS,
> Ubuntu, and many more come to mind
>
> For years, Samba has not worked out of the box in Fedora, nor has it been
> easy to get working
>
> Somebody tell me I'm wrong - I'll gladly accept disdainful insults while
> prostrating myself in abject submission
> Ric, write me a lament...
>
> OK - what I want and what I've done:
>
> I have a home lan here, one Linux box and one Vista  and three XP machines.
> I have configured Samba using different tools, including the Redhat
> GUI-redux, the KDE Control Center GUI, Webmin's GUI, and have even looked
> at the smb.conf file. I want to simply share my home directory and the
> printer that is attached to this machine, and authentication mode is set
> that way, no user or domain authentication.
>
> On the firewall, I've allowed smb traffic on ports 137-139 and 445, and
> have also tried to make things work by turning firewalling off altogether
> using Firestarter, the simple GUI based configuration tool. I've confirmed
> the latter, that all traffic was being accepted after stopping the
> firewall, with the iptables --list command in a terminal
>
> I found some avc Selinux messages of this type:
>
> *********************
> SELinux has denied the samba daemon access to users' home directories.
> Someone is attempting to access your home directories via your samba
> daemon. If you only setup samba to share non-home directories, this
> probably signals a intrusion attempt. For more information on SELinux
> integration with samba, look at the samba_selinux man page. (man
> samba_selinux) Allowing AccessIf you want samba to share home directories
> you need to turn on the
> samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
>
> and this:
>
> Summary: SELinux is preventing the nmbd from using potentially mislabeled
> files (/home/cj/.xsession-errors).
>
> *********************
> I tried running the suggested command in the first message, nothing
> changed. I just tried running the suggested command for the second message,
> but nothing has changed.
>
> What's happenning?
>
> >From my Vista machine, if I go to the network tab in Explorer, I get a
>
> display, sometimes, of all the other machines on the network - it comes and
> goes (I've heard of issues with Vista networking and haven't fully
> researched them so this may be that). When it does show the other machines,
> I can get to the XP machines that have shares, but if I click on my Linux
> box, I just get a can't connect error. On my Fedora box, if I type smb:/ in
> the Konqueror window, it shows me two networks (my laptop is configured to
> auto-connect to the domain at work so that's not surprising), but if I
> click on the home workgroup, I just get an error. I tried smbk4 and it got
> a little farther - it lists a couple of the XP machines, but on one, it
> says it says the list of shares cannot be retrieved, and on another, it
> lists the shares but can't mount them...
>
> I haven't done the full Monte drill of search and search this time, I
> humble confess. I just wish it wasn't this hard in Fedora. A few simple
> words of wise guidance in the configuration screen would suffice ("don't
> forget you need to also..." sorts of things). Why is it that so many other
> distros simply work, and Fedora doesn't? Is this a design choice? Is there
> a solid security or legal issue at play here?
>
> OK - have at me folks, I can take it, and I won't fuss back -


I can't declare victory. I am now networked, but, I don't feel like I know 
much more about why than I did before. For example, sometime during the 
period after solving the problem of one of my machines on the lan not 
responding to pings, even though it was being elected as the master browser!, 
things started to fall into place - but it was inconsistent. One moment, all 
machines were seeing each other, I was able to print from my Windows 
computers to the printer that was attached to my Fedora box - I could browse 
shares in both directions, etc. -- then, suddenly, the connection would be 
lost. I discovered that turning off my firewall on the Fedora box would fix 
that; I pored through my rules over and over, but, nothing made sense -- and 
the strange thing was, after getting things going by turning off the firewall 
(there's always that Samba delay before everything settles in), I could then 
turn the firewall back on, and things would work for long periods of time, 
till again, the connection was broken. Turning off the firewall would restore 
connections instantaneously - turning it back on after some time, would again 
result in functionality for extended periods - I'm talking many minutes of 
time, here. Another strange thing, in Samba, one of the defaults if you 
choose to add a share is to share "All home directories", but, that would 
share my entire file system, everything from / on down... That was one thing 
I changed last night. Last night, I turned the firewall on before turning in. 
This morning, I find that everything is functioning - I can browse all 
machines, I can print, etc -- so, it's been up for 8 hours or so now, which 
is longer than it lasted before... I can't declare victory because I don't 
have a clue what fixed it - and that's the way it always goes for me with 
Fedora and Samba -- 

This is not about ranting against Fedora. Fedora is my preferred distro for 
many reasons, and I've tried at least 50, some for extended periods. But, I 
really believe this is one aspect of the distro that needs to improve. I wish 
I could say how, but, the frustrating part is I don't even know what the 
problem is. Read this whole thread, if you care to, before commenting - the 
experiment I conducted with the PCLinuxOS live cd is something I've done many 
times with many distros - other distributions have managed to get it right, 
so "it just works" out of the box -- I'll repeat what I said at the outset of 
this whole discussion, I'd be fine with an explanation that included "we 
don't have Samba configured to work right out of the box for the following 
reasons"; I can accept that there may be security or other considerations for 
not having it turned on and working, but, if that's the issue, it would be 
great if someone could explain it. These Samba discussions come up again and 
again on this list, so it's not just me that's having problems.

Thank you to everyone who offered help on this problem 

-- 
Claude Jones
Brunswick, MD, USA




More information about the fedora-list mailing list