Bug #2925
Samba access denied from second green network
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-samba | |||
| Target version: | v6.5 | |||
| Security class: | Resolution: | |||
| Affected version: | v6.5 | NEEDINFO: | No |
Description
On a NethSever with two green network I can't access on samba folders from second green network.
The error is access denied.
My configuration
green: 192.168.5.0/255.255.255.0
green2: 192.168.10.0/255.255.255.0
My smb.conf
[global]
log level = 0
bind interfaces only = yes
interfaces = 127.0.0.1 192.168.5.0/24
hosts allow = 127.0.0.1 192.168.5.0/255.255.255.0 192.168.10.0/255.255.255.0
Steps to reproduce:
- configure NehServer with two green interface
- configure a shared samba folder
- try to access to shared samba folder from a client connected from second green interface
Suggest Fix :
- in smb.conf the prop interfaces can be emptied, samba will be active in all interface and the firewall module checks the access
Associated revisions
smb.conf template: bind on all green interfaces. Refs #2925
History
#1
Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.5
- % Done changed from 0 to 20
- Affected version set to v6.5
#2
Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3
Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
New implementation expands interfaces option to all green interfaces.
About interfaces option from the man page of smb.conf:
By default Samba enables all active interfaces that are broadcast capable except the loopback adaptor (IP address 127.0.0.1).
And from online manual (https://www.samba.org/samba/docs/using_samba/ch06.html):
The interfaces option specifies the networks that you want the Samba server to recognize and respond to. This option is handy if you have a computer that resides on more than one network subnet. If this option is not set, Samba searches for the primary network interface of the server (typically the first Ethernet card) upon startup and configures itself to operate on only that subnet. If the server is configured for more than one subnet and you do not specify this option, Samba will only work on the first subnet it encounters. You must use this option to force Samba to serve the other subnets on your network.
#4
Updated by Giacomo Sanchietti almost 7 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
- nethserver-samba-1.4.6-1.1git289aca9.ns6.noarch.rpm
- Check the daemon still works on systems with only one green interface
- Check the bug is not reproducible with two or more green interfaces
#5
Updated by Alessandro Polidori almost 7 years ago
- Assignee set to Alessandro Polidori
#6
Updated by Alessandro Polidori over 6 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Alessandro Polidori) - % Done changed from 70 to 90
- Test case 1 verified, it works.
- Test case 2 verified, it works.
I tested it with two and four green networks:
green: 192.168.5.250/255.255.255.0
green2: 192.168.10.250/255.255.255.0
green3: 192.168.20.250/255.255.255.0
green4: 192.168.30.250/255.255.255.0
The shared folder is accessible from all of four network interfaces.
#7
Updated by Davide Principi over 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
In nethserver-updates:
nethserver-samba-1.4.7-1.ns6.noarch.rpm