Samba anonymous access configuration problems caused by SELinux

Source: Internet
Author: User
A CentOS + Nginx + PHP + MySQL virtual machine is configured. To share files between Linux virtual machines and Windows, install the Samba service on the Virtual Machine and configure anonymous access. I have never touched SELinux before. I didn't expect it to affect the access permission of folders. I learned some new things through the day of hard work. Note below

CentOS + Nginx +PHP+ For file sharing between Linux and Windows virtual machines, install the Samba service on the Virtual Machine and configure anonymous access. I have never touched SELinux before. I didn't expect it to affect the access permission of folders. I learned some new things through the day of hard work. The following is a record of the days of hard work.

After Samba is installed with yum and the configuration file is modified, the shared folder cannot be accessed anonymously. Always reported errors:

\ 192.168.128.128 \ PhpDoc cannot be accessed. You may not be authorized to use network resources. Please contact the administrator of this server
Check whether you have permissions.
Network Name not found

Use testpaRmThe simplified samba configuration obtained by/etc/Samba/smb. conf is as follows:

[Global]
Server s TrIng = Elmer Zhang's Samba Server
Security = SHARE
Passdb backend = tdbsam
Load printers = No
Cups options = raw

[Phpdoc]
Comment = phpdoc FoldEr
Path =/home/elmerzhang/phpdoc
WriteList = + staff
Read only = No
Guest OK = Yes

Finally, check the configuration manual on the Samba official website and check the configuration items carefully. No problem is found. In desperation, I had to go to Chinaunix.Bbs'Target = '_ blank'>ForumFor help.

First, someone raised the issue of directory permissions. You can change path to/tmp for testing. I tried it quickly. It is true that the path can be accessed anonymously after being replaced by/tmp. Check whether this is a directory permission issue.

However, the PHP Doc folder permission has been set to 777. Why can't it be accessed? I went on to ask for help in the forum. Someone suggested that this was the cause of SELinux security restrictions,SetTry enforce 0.

I tried setenforce 0 and still had insufficient permissions. It is suspected that phpdoc is in the user directory. Move phpdoc to var and test again. The shared folder can finally be accessed.

However, after you use setenforce 1 to restore the enforce settings, the system prompts that the permissions are insufficient. It seems that each folder can have its own SELinux permission. Google's chcon can change the SELinux attribute of the folder. Finally

Chcon system_u: object_r: public_content_t/var/phpdoc-R

After setting The SELinux attribute of phpdoc, everything is okay.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.