Samba anonymous access configuration problems caused by SELinux

A CentOS + Nginx + PHP + MySQL virtual machine is configured. To share files between Linux virtual machines and Windows, install the Samba service on the Virtual Machine and configure anonymous access. I have never touched SELinux before. I didn't expect it to affect the access permission of folders. I learned some new things through the day of hard work. Note below

CentOS + Nginx +PHP+ For file sharing between Linux and Windows virtual machines, install the Samba service on the Virtual Machine and configure anonymous access. I have never touched SELinux before. I didn't expect it to affect the access permission of folders. I learned some new things through the day of hard work. The following is a record of the days of hard work.

After Samba is installed with yum and the configuration file is modified, the shared folder cannot be accessed anonymously. Always reported errors:

\ 192.168.128.128 \ PhpDoc cannot be accessed. You may not be authorized to use network resources. Please contact the administrator of this server
Check whether you have permissions.
Network Name not found

Use testpaRmThe simplified samba configuration obtained by/etc/Samba/smb. conf is as follows:

[Global]
Server s TrIng = Elmer Zhang's Samba Server
Security = SHARE
Passdb backend = tdbsam
Load printers = No
Cups options = raw

[Phpdoc]
Comment = phpdoc FoldEr
Path =/home/elmerzhang/phpdoc
WriteList = + staff
Read only = No
Guest OK = Yes

Finally, check the configuration manual on the Samba official website and check the configuration items carefully. No problem is found. In desperation, I had to go to Chinaunix.Bbs'Target = '_ blank'>ForumFor help.

First, someone raised the issue of directory permissions. You can change path to/tmp for testing. I tried it quickly. It is true that the path can be accessed anonymously after being replaced by/tmp. Check whether this is a directory permission issue.

However, the PHP Doc folder permission has been set to 777. Why can't it be accessed? I went on to ask for help in the forum. Someone suggested that this was the cause of SELinux security restrictions,SetTry enforce 0.

I tried setenforce 0 and still had insufficient permissions. It is suspected that phpdoc is in the user directory. Move phpdoc to var and test again. The shared folder can finally be accessed.

However, after you use setenforce 1 to restore the enforce settings, the system prompts that the permissions are insufficient. It seems that each folder can have its own SELinux permission. Google's chcon can change the SELinux attribute of the folder. Finally

Chcon system_u: object_r: public_content_t/var/phpdoc-R

After setting The SELinux attribute of phpdoc, everything is okay.