Re: FC6 and Samba

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday 08 March 2007, Craig White wrote:
> >
> > I never got to the bottom of this, but I had similar problems and this
> > cured it.  I thought that if Ruben actually found that this looser
> > permission made a difference, it might provide the missing link so that
> > someone could explain what was wrong and why this worked.
>
> ----
> actually no - 'security = share' is for all purposes abandoned and would
> be removed except for some reluctance to eliminate backwards
> compatibility (so says Jerry Carter - search samba@xxxxxxxxxxxxxxx
> archives for this).

Interesting.  I hadn't seen that.
>
> Moreover, his configuration had 'hosts allow = 127.' which doesn't take
> any understanding of samba whatsoever to recognize that only localhost
> can connect and no other. Thus your recommendation would have no
> benefit.

Agreed - I missed that when reading his message.

> > I've never understood why I had so many problems with samba3, when samba2
> > worked perfectly for me, in terms of doing what I expected.
>
> When samba 3.0.0 was released, it was immediately evident that though
> many of the same configuration options were there, it was an entirely
> new samba...winbindd, active directory, kerberos, dfs, groups, etc. The
> information is there for those interest in investing the energy to learn
> it and I know that the samba official documentation is the best
> documentation open source offers.
>
When I started using samba I used 'Using Samba' as my guide, and found it 
excellent.  When it changed to samba3 it was clear that some options did not 
behave in the same way, and it was difficult to pinpoint the changes that 
caused problems.

It's some time since I last set up my server.  Reading 'Samba-3 by Example' 
implied that many of the lines I had been told to put into by [global] 
section were simply not necessary for my lan.  I then started from the 
premise that the barest minimum was the place to start, adding only what was 
necessary to achieve my ends.  Now [global] has only these lines

workgroup = lydgate.lan
server string = Samba Server %v
printcap name = /etc/printcap
log file = /var/log/samba/%m.log
os level = 66	##to cut down on the number of contentions from W2k box - it 
seems to help.

I have had few problems since, though every now and then I come up against a 
box being able to read a share but not write to it.  I usually find the cause 
after enough poking around.  Prior to that I had a much longer [global]

> (Official Samba 3.0 HowTo and By Example) - both available at
> http://www.samba.org/samba/docs in html or pdf form or available in dead
> tree form from most any bookseller.
>
> As to your own issues with Samba 3.x - your suggestion to use 'security
> = share' is just a bad idea. The underlying premise behind that setting
> is to emulate Windows 95/98 type file sharing - no concept of users but
> rather a share with a password and permissions are for a single user.
> Windows networking has evolved and likewise, samba usage has evolved.
>
I did not recommend staying with security=share, but just as some people 
suggest temporarily turning off selinux, just to rule out whether that was 
the contentious area.  Elimination of an area is always useful.  At one time 
this was the only way I got one box working, though I did eventually track 
down the problem - can't remember what it was, though.

I'm not disputing anything that you have said, Craig - you probably do this 
more often than I do.  I would mention, though, that for most people three 
quarters of the By Example book is totally irrelevant, but the remainder is 
likely to sort out any problems.  I've not regretted following its advice.

Anne


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux