LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   SMB share unaccessible (https://www.linuxquestions.org/questions/linux-server-73/smb-share-unaccessible-4175732008/)

bennypr0fane 12-20-2023 06:49 PM
SMB share unaccessible
 
I made this SMB share on my Raspberry Pi(RPi OS Lite) for my scanner to be able to send scanned files to it. However, the scans get rejected.
Also, the SMB share is visible in other machines, but I can't login to it using the credentials I specified for the scanner.
See below the contents of my smb.conf:

Code:
cat /etc/samba/smb.conf
# I deleted most of the comments


#======================= Global Settings =======================

[global]

  workgroup = WORKGROUP

#### Networking ####

;  interfaces = 127.0.0.0/8 eth0

;  bind interfaces only = yes



#### Debugging/Accounting ####

  log file = /var/log/samba/log.%m
  log level = 3

  max log size = 1000

  logging = file

  panic action = /usr/share/samba/panic-action %d


####### Authentication #######

  server role = standalone server

  obey pam restrictions = yes

  unix password sync = yes

  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

  pam password change = yes

  map to guest = bad user

########## Domains ###########

;  logon path = \\%N\profiles\%U

;  logon drive = H:
#  logon home = \\%N\%U

;  logon script = logon.cmd

; add user script = /usr/sbin/useradd --create-home %u

; add machine script  = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u

; add group script = /usr/sbin/addgroup --force-badname %g

############ Misc ############

;  include = /home/samba/etc/smb.conf.%m

;  idmap config * :              backend = tdb
;  idmap config * :              range  = 3000-7999
;  idmap config YOURDOMAINHERE : backend = tdb
;  idmap config YOURDOMAINHERE : range  = 100000-999999
;  template shell = /bin/bash

  usershare allow guests = yes

#======================= Share Definitions =======================

[homes]
  comment = Home Directories
  browseable = no

  read only = yes

  create mask = 0700

  directory mask = 0700

  valid users = %S

;[netlogon]
;  comment = Network Logon Service
;  path = /home/samba/netlogon
;  guest ok = yes
;  read only = yes

;[profiles]
;  comment = Users profiles
;  path = /home/samba/profiles
;  guest ok = no
;  browseable = no
;  create mask = 0600
;  directory mask = 0700

[printers]
  comment = All Printers
  browseable = no
  path = /var/tmp
  printable = yes
  guest ok = no
  read only = yes
  create mask = 0700

[print$]
  comment = Printer Drivers
  path = /var/lib/samba/printers
  browseable = yes
  read only = yes
  guest ok = no

;  write list = root, @lpadmin

[scannershare]
path = /home/ben/Scans
writeable = Yes
create mask = 0777
directory mask = 0777
public = yes
guest ok = yes
only guest = no
To set up the share, I followed a synthesis of some tutorials:
tut1, tut2 and tut3

the scanners user is xeroxb225:
Code:
sudo smbpasswd -a xeroxb225
The user does seem to exist:
Code:
# on server
~ $ sudo pdbedit -L
added interface eth0 ip=192.168.178.4 bcast=192.168.178.255 netmask=255.255.255.0
xeroxb225:1002:XeroxB225

# on client
~ $ smbclient -L raspi4 -U xeroxb225
Password for [SAMBA\xeroxb225]:

        Sharename      Type      Comment
        ---------      ----      -------
        print$          Disk      Printer Drivers
        scannershare    Disk     
        IPC$            IPC      IPC Service (Samba 4.17.12-Debian)
        xeroxb225      Disk      Home Directories
SMB1 disabled -- no workgroup available
I confirmed that the scanner supports SMB v3.
It hasn't become clear to me from the tutorials if the SMB user has to be the (Linux-) owner of the shared folder - in the tutorials, it's always `pi` for both. Wouldn't make sense to me though as it would mean each share could only ever be accessed be a single user.

Currently, the shared folder is owned by Linux user `ben`:
Code:
ben@raspi4:~ $ ls -l
total 12
drwxr-xr-x 3 ben ben 4096 Dec  9 23:30 FTP
drwxrwxrwt 2 ben ben 4096 Dec 15 20:59 Scans
-rw-r--r-- 1 ben ben  17 Dec 10 00:44 test.txt

michaelk 12-20-2023 07:18 PM
Your xeroxb225 user does not have permissions to access your username ben's home directory.

As a test change the share for the printer configuration to be:

/server_name/xeroxb225 with the password you created with smbpasswd and see if send scans to the Pi.

Did you and a smb password for your username ben? If you do you should be able access ben's home directory on the Pi i.e. /server_name/ben

bennypr0fane 12-20-2023 08:03 PM
I used the smbpasswd command to create user xeroxb225.
I'm not sure what you mean by this:
Quote:
As a test change the share for the printer configuration to be:

/server_name/xeroxb225 with the password you created with smbpasswd and see if send scans to the Pi.
Did you mean the shared folder should be one that is owned by the xeroxb225 user?

I changed the share in smb.conf to this:
Code:
[scannershare]
path = /home/xeroxb225/Scans
writeable = Yes
create mask = 0777
directory mask = 0777
public = yes
guest ok = yes
only guest = no
after creating the 'Scans' subdirectory under /home/ben

Sending the scans to \\raspi4\scannershare is still not working though. However, I can now look at the share through a file manager on my main Linux box on the network.

In any case, I wasn't aware that a Samba user created with the smbpasswd command would also create a Linux user (does it?) - I thought the two were things existing independently from each other.
In my case, I had already created Linux user xeroxb225 before setting up the SMB share, but I wasn't aware the SMB user xeroxb225 had anything to do with it.

EDIT:
Quote:
I changed the share in smb.conf to this:
Code:
[scannershare]
path = /home/xeroxb225/Scans
⬆️ This works. ✅ It had not worked at first because I had created the /home/xeroxb225/Scans folder as root, hence it was owned by root. So I did a
Code:
sudo chown xeroxb225:xeroxb225 /home/xeroxb225/Scans
now xeroxb225 has access!
Would still be grateful for explanation about realtionshsip between SMB user and Linux user. Thanks!

michaelk 12-20-2023 08:33 PM
With a standalone host users have to exist on the system as well as in the samba database. The smbpasswd command adds the system user to the database and samba authentication is verified using the database not the system.


All times are GMT -5. The time now is 04:02 PM.