Having issues setting up a working Samba share to use with Windows 10

Hello,

I have a zfs pool that I want to use as a NAS, and I am running into issues creating a network shared drive with Samba. I tried following quite a few tutorials and reading things, including the posts here and here on this forum.

The folder I would like to share is located in /dumpster/shared. It belongs to the user nobody, and has the unconfined_u:samba_share_t:s0 SELinux context attached. The file path down from root has read, write, and execute permssions set. I can mount the drive from Windows 10 over the network. but I can’t write to it.

My smb.conf is organized as follows:

[global]
        workgroup = WORKGROUP
        security = user
        map to guest = bad user

[Anonymous]
        comment = Anonymous File Server Share
        path = /dumpster/shared
        available = yes
        browsable = yes
        writable = yes
        guest ok = yes
        read only = no
        force user = nobody

I don’t understand what my permission issue is, how can I fix this?

Thanks!

What’s the permissions on /dumpster/shared?

#ls -laZ /dumpster
total 1
drwxrwxrwx.  3 root   root   system_u:object_r:unlabeled_t:s0         3 Jun 13 23:58 .
dr-xr-xr-x. 18 root   root   system_u:object_r:root_t:s0            240 Jun 13 00:17 ..
drwxrwxrwx.  2 nobody nobody unconfined_u:object_r:samba_share_t:s0   2 Jun 14 17:38 shared

Okay, I have been playing around some more, so I can write regular files to the sambashare with those permissions, but every time I create a directory, I immediately get permission denied for the directory and its children.

For example, I cannot write into the folder named ‘test folder’:

    ls -laZ
    total 2
    drwxrwxrwx. 3 nobody nobody unconfined_u:object_r:samba_share_t:s0 3 Jun 15 19:28  .
    drwxrwxrwx. 3 root   root   system_u:object_r:unlabeled_t:s0       3 Jun 13 23:58  ..
    drwxr-xr-x. 2 nobody nobody system_u:object_r:samba_share_t:s0     2 Jun 15 19:28 'test folder'

New update, now my smb.conf looks like the following:

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
        workgroup = WORKGROUP
        security = user
        map to guest = bad user

[Anonymous]
        comment = Anonymous File Server Share
        path = /dumpster/shared
        available = yes
        browsable = yes
        writable = yes
        guest ok = yes
        read only = no
        force user = nobody
        create mask = 0777
        directory mask = 0777

And that seems to at least work when I let selinux run in permissive mode. Is there any way to tell why selinux would be denying access to certain files?

you should not use nobody if you’re using selinux or disable selinux.

I am finally back, did a cross country move so this had to go on hold temporarily. I decided to try again with samba from scratch. I found this really detailed tutorial and followed the instructions, only changing the names of both my user and my samba share.

Its obvious that part of my selinux woes were that I had not put them in an appropriate context, but it definitely seems like I have taken one step forward and two steps back. Now when I try to connect to the share on Windows, it has me enter my credentials (which I have verified I have the correct IP address for my server as well as used the correct credentials) but after I log in I get the following error from Windows:
image

Where “Dumpster” is the name of my samba share. Where should I look to try and find the problem? The samba logs don’t show much.