I note the following in the SWAT documentation for security = share:
>>>>>>>>>>>>
A list of possible UNIX usernames to match with the given client
password is constructed using the following methods :
*
If the guest only parameter is set, then all the other stages are
missed and only the guest account username is checked.
*
Is a username is sent with the share connection request, then this
username (after mapping - see username map), is added as a
potential username.
*
If the client did a previous /logon / request (the SessionSetup
SMB call) then the username sent in this SMB will be added as a
potential username.
*
The name of the service the client requested is added as a
potential username.
*
The NetBIOS name of the client is added to the list as a potential
username.
*
Any users on the user list are added as potential usernames.
If the /|guest only|/ parameter is not set, then this list is then tried
with the supplied password. The first user for whom the password matches
will be used as the UNIX user.
If the /|guest only|/ parameter is set, or no username can be determined
then if the share is marked as available to the /|guest account|/, then
this guest user will be used, otherwise access is denied.
Note that it can be /very/ confusing in share-level security as to which
UNIX username will eventually be used in granting access.
<<<<<<<<<<<<<<<<
Since you haven't specified a "user = " or "guest account = " for the
share, I have no idea what user Samba is going to try to connect with.
Guest account defaults to nobody, which probably doesn't have access to
the share.
Brandon Blackmoor wrote:
Quoting "Joshua M. Miller" <[EMAIL PROTECTED]>:
I would encourage you to simplify things even more
at this point until you get the situation resolved.
Okay, now I am truly baffled.
I have replaced the current smb.conf as follows:
[global]
workgroup = MORTSHIRE
security = SHARE
netbios name = annwn
restrict anonymous = 0
log file = /var/log/samba/%m.log
max log size = 50
guest ok = yes
[media]
path = /media
writeable = yes
guest ok = yes
[mediatest]
path = /mediatest
writeable = yes
guest ok = yes
I have deleted the previously created samba users, and created a new samba user
"smbguest" with a blank password. There is also a "smbguest" unix user which
belongs to the "media" group.
I have moved my old /var/media directory to /mediatest (moving it out of /var to
the root directory), and I have created a new, empty directory called /media
(also in the root directory), and I have chown'd both directories to be owned
by root:media, and chmod'd them both 775 recursively:
drwxrwxr-x 2 root media 4096 Apr 6 13:31 media
drwxrwxr-x 5 root media 4096 Oct 1 2006 mediatest
I then copied all of the files from /mediatest (the old directory) to /media
(the new directory).
Both directories have the exact same unix owners and permissions (recursively).
Both directories have the exact same samba permissions.
Both directories have the exact same contents.
As far as I can tell, the only difference between these two directories is the
date each was created.
And yet...
[EMAIL PROTECTED] mediatest]# smbclient //annwn/media
Password:
Domain=[MORTSHIRE] OS=[Unix] Server=[Samba 3.0.23c-2]
Server not using user level security and no password supplied.
smb: \> dir
. D 0 Fri Apr 6 13:58:07 2007
.. D 0 Fri Apr 6 13:31:18 2007
MP3 D 0 Fri Apr 6 14:32:50 2007
images D 0 Fri Apr 6 13:37:58 2007
video D 0 Fri Apr 6 13:53:32 2007
57237 blocks of size 4194304. 4170 blocks available
[EMAIL PROTECTED] mediatest]# smbclient //annwn/mediatest
Password:
Domain=[MORTSHIRE] OS=[Unix] Server=[Samba 3.0.23c-2]
Server not using user level security and no password supplied.
smb: \> dir
NT_STATUS_ACCESS_DENIED listing \*
57237 blocks of size 4194304. 4170 blocks available
What the hell? What am I missing here?
--
Brandon Blackmoor
[EMAIL PROTECTED]
2007-04-06
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
