|
|
| Next: Slow start up, no sound, OE slow to open... |
| Author |
Message |
Baby_Tux
Joined: Mar 06, 2007
Posts: 924
|
 Posted: Sun May 25, 2008 12:33 pm Post subject: Trouble with SAMBA |
|
|
Trying to share a folder on an internal FAT32 drive.It keeps being READ ONLY, how can I make it full access?
I've "googled" until I'm blue it the face & all the suggestions didn't work. Even using mask. - I have a share to a PREMADE (by fedora 9) folder that works fine but I can't see it (under samba) on my machine where it is. I tried making another folder in the parent folder of this one & got the same READ ONLY crap.
So, what little simple thing (& in sure it is) am I over looking here?
Thanks for any suggestion, (even if they prove not to help) |
|
| Back to top |
|
 |
ernie
Joined: Dec 16, 2002
Posts: 166
|
| Posted: Mon May 26, 2008 7:48 am Post subject: |
|
|
I do not believe I fully understand your problem:
You have a FAT32 partition (drive), and you want to share it using samba, but it keeps being READ ONLY.
Is this FAT32 partition on your Linux box or on a Windows computer?
From where is this FAT32 partition READ ONLY (the computer on which it resides, a remote Windows computer, the Linux box)? |
|
| Back to top |
|
|
Baby_Tux
Joined: Mar 06, 2007
Posts: 924
|
| Posted: Mon May 26, 2008 12:53 pm Post subject: [Login to view extended thread Info.] |
|
|
| ernie wrote: |
I do not believe I fully understand your problem:
You have a FAT32 partition (drive), and you want to share it using samba, but it keeps being READ ONLY.
Is this FAT32 partition on your Linux box or on a Windows computer?
From where is this FAT32 partition READ ONLY (the computer on which it resides, a remote Windows computer, the Linux box)? |
Sorry, I DID write this tired...
On my linux box I have a fat32 drive. I want to share a folder from it under samba. But under samba it is read only - on my box it is full control. I had to use umask to get it on the box so I figure I have to do the same under samba but the command
create mode mask = 0777 (I think I have that right) didn't help
Not sure what went wrong on the other one I made under the working one but I THINK it has something to do with ownership & who samba is "logging on". - Got tired of messing with it & really don't need it that way. - the fat32 is where I REALLY need to go. (& I imagine anyone else I were to do this for - company, customer? so I want to learn how)
What gets me is, I did all this under fedora 7 & don't remember having this much trouble. Yes, I DID have trouble as it was the 1st I tried it. I admit, it has been a while & I forgot how but a little reading refresh my memory. I don't remember trying the fat32 back then, though.
I hope this clears things up. & Thanks for any help you can give. |
|
| Back to top |
|
|
ernie
Joined: Dec 16, 2002
Posts: 166
|
| Posted: Mon May 26, 2008 2:11 pm Post subject: [Login to view extended thread Info.] |
|
|
If you use the KDE desktop environment (as I do here), you can configure file sharing in Kcontrol > Internet & Network > File Sharing (samba must be installed on your system).
If you do not use KDE, you can install the webmin package. The description I get in Kpackage reads as follows:
| Quote: |
webmin
A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". |
Either way, the task of configuring samba is greatly simplified.
HTH, |
|
| Back to top |
|
|
Baby_Tux
Joined: Mar 06, 2007
Posts: 924
|
| Posted: Mon May 26, 2008 8:42 pm Post subject: [Login to view extended thread Info.] |
|
|
OK - Have thought of trying SWAT, I'll have to check that out - BTW: I'm using gnome (see my post on fedora 9)
Thank, I'll post back when I have time to check... |
|
| Back to top |
|
|
Baby_Tux
Joined: Mar 06, 2007
Posts: 924
|
| Posted: Mon May 26, 2008 9:55 pm Post subject: [Login to view extended thread Info.] |
|
|
Check the DOCS on webmin & am a bit confused. Does this connect to MY machine ONLY or does it connect to someone else's on the internet?
I'd thing with "localhost" it would be mine but the doc's seem to read otherwise & I DON'T (for security reasons) want someone else's stuff setting up mine.
Thanks
-----------------------------------------------
Checked into SWAT so I think I may understand what webmin is about but would still like clarification. - Also, from what I gathered it doesn't appear that I'd gain anything by using these & would only add to the security issues.
Any other ideas? - & again thanks for helping. |
|
| Back to top |
|
|
ernie
Joined: Dec 16, 2002
Posts: 166
|
| Posted: Tue May 27, 2008 12:53 pm Post subject: [Login to view extended thread Info.] |
|
|
Webmin uses ssh to create a secure connection, and is intended to permit secure remote system administration. With that said, the remote user will still have to authenticate (provide root user name and password) to log in.
The 127.0.0.1 IP address indicates the local computer. The localhost host name also indicates the local computer. Your /etc/hosts file should contain a line similar to:
| Quote: |
| 127.0.0.1 curious.wcs.bex.net curious localhost |
My computer's host name is curious, and its fully qualified domain name is curious.wcs.bex.net (where curious is the host name, wcs is my LAN's domain name, and bex.net is my ISP's domain name). My computer's fully qualified domain name will not appear on any DNS server on the Internet, but it works perfectly well for my purposes on my private LAN.
When I need to access my local computer using a local WEB browser, I can use any of localhost, curious, curious.wcs.bex.net, or the IP address 127.0.0.1 in the location (address) bar. webmin wants a secure connection on port 10000 (I think), so the address you would put in the location bar should be:
| Code: |
| https://127.0.0.1:10000 |
You should be presented with a log In dialog. Enter your root password and user name to authenticate with administrative authority. Since you are establishing a secure connection with your local computer (https://), any communication will be sent in a secure manner (and will not be readable by other computers).
If you should ever need to administer your computer from another machine on your LAN, you can use your computer's LAN IP address rather than the 127.0.0.1 address. For example, I have a Windows computer on my LAN, and I can administer my Linux computer from the Windows computer by using my Linux computer's LAN IP address (e.g.:192.168.xxx.xxx). If my computer had an IP address on the Internet, I could administer it from any computer in the world, but I would still have to authenticate.
I hope this answers your questions about webmin. It is preferred over Samba SWAT to configure Samba as well as many other system services.
Finally, I do not use webmin here. I was able to configure Samba under KDE using Kcontrol as stated in my previous post. If your desktop environment is not KDE, it may provide a similar configuration utility. You should check it out to see if you have the facility to configure file sharing (should be in a category such as network). If you do not have such a configuration option available in your DE, webmin is a safe choice.
HTH, |
|
| Back to top |
|
|
Baby_Tux
Joined: Mar 06, 2007
Posts: 924
|
| Posted: Tue May 27, 2008 2:03 pm Post subject: [Login to view extended thread Info.] |
|
|
If I understand this "webmin" thing, I am connecting to my OWN computer either locally or remotely. - OK, I wouldn't have a problem with that. Just didn't want to be connecting to someone ELSE'S computer & having IT do the configuration of MY computer. To me that would be like giving out my root logon to the world.
I DO think that either one of these would make things easier but will it give me the answer to the security problem? - I found some more info on it that I'm gonna try when time permits. I'll post the results & what I did.
BTW: I DO have the samba working just fine on that "linux made folder" so I at least have that & understand how to make samba work at least. Just need to resolve the permissions things.
< getting there, one step at a time>
Thanks for the info |
|
| Back to top |
|
|
Baby_Tux
Joined: Mar 06, 2007
Posts: 924
|
| Posted: Thu May 29, 2008 2:16 pm Post subject: [Login to view extended thread Info.] |
|
|
I ended up having so many issues related to SELINUX that I ended up having to disable it. For some strange reason, all the things the troubleshooter told me to do just didn't change things. Unless I didn't do it right, it SEEMED to do SOMETHING but the errors still persisted. Also, my USB stuff started to complain about mislabelling when I unmounted them. Running in permissive mode still created the annoying popups.
BTW: samba now works all the way as well - as I figured it would...
So I guess my question is, what all will be affected? Are there any REAL security issues? (I have a H/W firewall on my network) & is relabelling really a big deal (I did try that to fix a problem & found it no big deal as far as time goes)
One thing I DON'T want to happen is to change anything on my internal fat32 drive where I won't be able to access it under XP - I use a swap kit on this machine & it is used for "first stage" backups & imaging. I then copy all this to an external USB drive. (redundancy & can grab in case of fire or whatever) |
|
| Back to top |
|
|
ernie
Joined: Dec 16, 2002
Posts: 166
|
| Posted: Fri Sep 19, 2008 5:39 pm Post subject: [Login to view extended thread Info.] |
|
|
I am not sure I understand your questions in the last post. I do not use SELinux here and I do not know a great deal about it. I believe in a layered security system. I have a hardware firewall (router) acting as my LAN's Internet gateway. I run the Mandi interactive firewall in conjunction with shorewall as provided by Mandriva (my distribution of choice) to protect my local machine because my router includes a wireless end point. The endpoint is configured for WPA, but I refuse to place my trust in any one security protocol. I work under the assumption that if the white hats can make a good lock, the black hats can find a way to pick it.
As for Samba, my samba share is the guest user accounts home directory (/home/guest) and the only material to be found there is placed there specifically to be shared. The guest account on my system is password protected, and my user account is a member of the guest group so I have read / write access. The guest account can run a WEB browser and most other user level applications with minimal privileges. I run tripwire on my system, and it is configured to check the guest account daily for unauthorized changes. I also use rkhunter (root kit hunter). Paranoid, ain't I?
Finally, I use Mandriva (a Linux distribution) because it is Open Source which means that security vulnerabilities are found and corrected in a time frame usually measured in days rather than weeks or months as is the normal case with proprietary systems. I am vigilant about keeping my system up to date. Mandriva includes a utility that checks for updates several times a day, and puts an icon in my notification tray near the system clock when updates are available so I am not interrupted when I am busy with other work.
There are other things I do to keep my stuff safe, but this should give you a bit of an idea about securing your system. A firewall provides perimeter security, but what if someone gets around it? That is why I use both triwire and rkhunter. These tools alert me if someone manages to get in, then I can take steps to boot them out and keep 'em out.
HTH, |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
| |
|
|
General