How can I configure Samba to share (read/write) any folder with root permissions?

6

I have a CentOS 5 VirtualBox guest on a Win7x64 host. I am attempting to setup a read/write share a directory owned by root with my Windows host using Samba, but I'm having no luck after running around in circles. To simplify matters, I've disabled my Firewall (/etc/init.d/iptables stop). As security and permissions are irrelevant for this purpose, I'd rather not have to set up another unix user/group/password.

Here is the output from testparm

Load smb config files from /etc/samba/smb.conf
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
Processing section "[Guest Share]"
Loaded services file OK.
Server role: ROLE_STANDALONE

and the source of /etc/samba/smb.conf:

[global]
        workgroup = WRKGRP
        netbios name = SMBSERVER
        security = SHARE
        load printers = No

[Guest Share]
        comment = Guest access share
        path = /root/src
        read only = No
        guest ok = Yes

Running /etc/init.d/smb restart shows an OK status. However, on my Windows host, I can only see the share folder on the guest \\IPv4, but I cannot go into "Guest Share": Windows Explore

"The network name cannot be found" error message is a common error, with a likely cause:

The user you are trying to access the share with does not have sufficient permissions to access the path for the share. Both read (r) and access (x) should be possible.

Am I trying to use root as a passwordless Samba guest? I'd like to, is it possible? How can I configure Samba to share (read/write) any folder with root permissions?

Mike T

Posted 2011-10-10T11:07:02.503

Reputation: 664

Answers

4

I am able to do this. For comparison, here is an entry of one of my shares:

[Music] ; user="jlacroix"
force user = jlacroix
path = /home/jlacroix/Music
writable = no
public = yes

Be sure to replace "jlacroix" with the username you use. It should force it to use that user despite what user is actually using the file. So you may need to change "jlacroix" to root. However, I don't advise sharing in this way because you should be careful about what can access root permissive files.

jlacroix82

Posted 2011-10-10T11:07:02.503

Reputation: 111

0

1. make guest account as nobody

guest account = nobody

2. make nobody as samba admin user

admin users = nobody

3. maybe smbd need run as root

see also

man 5 smb.conf https://www.samba.org/samba/docs/man/manpages/smb.conf.5.html#ADMINUSERS

yurenchen

Posted 2011-10-10T11:07:02.503

Reputation: 131

0

You can achieve it with two steps (by your current configuration):

  1. Edit you Samba configuration file:

    vi /etc/samba/smb.conf

  2. Alter the following:

    [Guest Share]
   comment = Guest access share
   path = /root/src
   browsable = yes
   writable = yes
   read only = no
   public = yes
   create mask = 0644
   directory mask = 0755

Note:

You didn't mentioned the Samba version you are using, but to explain:

writeable = yes is an alias for read only = no used in Samba 3.

This alias has been removed in Samba 4.

Related reading for this subject:

The main Samba configuration file with examples

Manual Pages for Samba from www.samba.org

Zuul

Posted 2011-10-10T11:07:02.503

Reputation: 3 659

0

Sounds simple enough.

Just change the permissions on your folder to reflect the read/write requirements. In your case since the folder will be owned by root, you need to give the "others" the rw permmission.

Chmod 776 Guest Share

This gives root full rwx and everybody else rw.

A better approach would be to create a group for network users and change the group on your share from root to the one you just created.

One final note: I think you might need the execute permissions set on any folder you want to traverse. You may have rw permissions set within the folder itself but to actually get in the execute permission might need to be configured. Experiment with that as well.

Scandalist

Posted 2011-10-10T11:07:02.503

Reputation: 2 767

0

Did you check SELinux?

If the output of getenforce is not permissive or disabled you have to apply the contexts to your share. There is also an boolean you can set to bypass this, I found this question trying to Google what is was.

You can debug to confirm if it's SELinux by using the command: setenforce 0

UbuntuForums_Staff_Are_Trolls

Posted 2011-10-10T11:07:02.503

Reputation: 120

Asked: 2011-10-10T11:07:02.503

Viewed: 30 024 times

Active: 2016-03-29T11:01:19.200