You are not logged in.
Just add the values discussed above to the section [global]:
client min protocol = CORE
server min protocol = CORE
The client min protocol can be omitted, imho.
I have those values also added in /etc/samba/smb.conf. Don't know if this is needed.
Offline
You were right, just adding 'server min protocol = CORE' was sufficient (and not required in /etc/samba/smb.conf)
Between rolling back, and juggling /etc/samba/smb.conf and smb.conf in tmp, I'd clean forgotten retrying the above.
Many thanks, as this at least works as a stop gap.
Last edited by kinleyd (2020-05-07 07:46:37)
Offline
Glad you got it work again :-)
Here is my script. Adjust QEMUCMD to your needs:
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import threading
import subprocess
import os
import configparser
import time
QEMUCMD = "qemu-system-x86_64 " \
"/FULL/PATH/TO/vm.img " \
"-enable-kvm " \
"-machine type=pc-i440fx-2.3 " \
"-vga cirrus " \
"-net nic,model=rtl8139 " \
"-net nic " \
"-net user,smb=/FULL/PATH/TO/SHARED/FOLDER"
SMBCNF = "smb.conf"
class RunQemu(threading.Thread):
def __init__(self):
threading.Thread.__init__(self)
def run(self):
subprocess.run(QEMUCMD, shell=True)
background = RunQemu()
background.start()
# Just wait some seconds to be sure the temporary folder is created
time.sleep(2)
print('Searching for qemu specific smb.conf in /tmp ...')
path = None
for root, dirs, files in os.walk("/tmp"):
if SMBCNF in files:
path = os.path.join(root, SMBCNF)
print("Found smb.conf: {}".format(path))
if path:
config = configparser.ConfigParser()
config.read(path)
try:
config['global'].update({
'server min protocol': 'CORE',
})
with open(path, 'w') as f:
config.write(f)
print("Succesfully adjusted smb.conf.")
except KeyError:
print("FAILURE: Can't adjust smb.conf!")
else:
print("FAILURE: Can't find smb.conf in /temp!")
background.join() # Wait for the background task to finish
print('Main program waited until background was done.')
Save in a file and run it like
python SCRIPTNAME
At least python version 3.5 is needed, just to mention it.
Offline
Thank you, it is much appreciated. In time I will switch to a tap/tun solution as the samba and internal smb settings seem to have too many grey areas!
Offline
In my case adding "client min protocol = default" to /etc/samba/smb.conf solved the problem with accessibility of HDD connected to my router, but now all the files are displayed and treated as...folders.
"... being a Linux user is sort of like living in a house inhabited by a large family of carpenters and architects. Every morning when you wake up, the house is a little different. Maybe there is a new turret, or some walls have moved. Or perhaps someone has temporarily removed the floor under your bed."
MSI Raider GE78HX 13VI-032PL
Offline
In my case adding "client min protocol = default" to /etc/samba/smb.conf solved the problem with accessibility of HDD connected to my router, but now all the files are displayed and treated as...folders.
Weird, eh?
BTW I love your signature. Right now I feel like part of my floor has been removed by someone.
Last edited by kinleyd (2020-05-13 08:51:07)
Offline
I have updated to samba 4.13 from testing repo and this problem persists.
Can anyone confirm?
Offline
How are those Computers connected? Is there a router or any other hardware in between?
I am not a network guru, but i think this is a security feature of samba. And updating samba will never solve it...
Offline
How are those Computers connected? Is there a router or any other hardware in between?
I am not a network guru, but i think this is a security feature of samba. And updating samba will never solve it...
There is a router between the machines.
Offline
I upgraded to Samba 4.13.0-1 today and once again tried to see if this problem was resolved. Nope, I still couldn't log in the way I used to. Still had to manually add 'server min protocol = CORE' in /tmp/qemu-smb.xxxxxx/smb.conf in order to log in to host system from the Windows vm at '\\10.0.2.4\qemu'
Previously I could log in the Arch host from '\\hostname\username' without adding 'server min protocol = CORE' anywhere.
Today I just tried logging into the host system using '\\host-ip-address\username', with 'server min protocol = CORE' inserted into the global section of /etc/samba/smb.conf. And it worked. I'm not sure why as my system configuration hasn't changed (edit: AFAIK) since the days I logged in using '\\hostname\username'. Anyway, I'm happy that I don't have to manually edit /tmp/qemu-smb.xxxxxx/smb.conf everytime I want to run my WinXP system.
Last edited by kinleyd (2020-09-29 06:58:02)
Offline
Update:
So I switched from user mode to bridge mode on the qemu side, and upon having everything wired up for that, plus having 'server min protocol = CORE' in /etc/samba/smb.conf, everything works fine again. Took a bit of reading to get there, but it was worth it - it works and I learned a few things as well.
Now I no longer have to manually insert 'server min protocol = CORE' in the smb.conf file that user mode spins up in /tmp every time I run the vm, and with the switch to bridge mode I finally can block access to external networks including the internet from my aging WinXP vm.
Last edited by kinleyd (2020-10-20 06:38:49)
Offline
kinleyd wrote:Strangiato wrote:Today I have updated to samba 4.12.1-1 on both server and client machines and this problem persists.
Adding these lines
client min protocol = CORE
server min protocol = CORE
to smb.conf did not help.client min protocol = default
also did not work.However I can access my samba shares typing smb://server/shared_folder in the file managers.
I've had the same experience as you with samba 4.12.1-1. However, smb://server/shared_folder doesn't work for me.
What OS are you running on your guest? I'm running a WinXP guest and previously \\server\shared_folder used to work.
I use two computers:
desktop runs Arch + KDE Plasma
laptop runs Arch + Gnome
My laptop can access the shares from desktop after I addclient min protocol = CORE server min protocol = CORE
OR
client min protocol = default
lines to its smb.conf file AND run the following commands:
killall gvfsd nautilus -q
But the file managers installed on deskop computer (Dolphin, pcmanfm and nautilus) can not see the shares from laptop
even after I add the lines mentioned above to its smb.conf file and reboot.
I need to type smb://server/shared_folder as mentioned in my previous post.
Today I have solved the problem on my desktop computer installing nss-mdns package and adding mdns_minimal [NOTFOUND=return]
to /etc/nsswitch.conf file according to wiki
https://wiki.archlinux.org/index.php/Av … resolution
Nautilus installed on laptop is working again since update to Gnome 3.38. Curiously, if I follow the same steps mentiioned above on my laptop,
Nautilus stops finding the samba shares from my desktop computer. I had to revert the change in /etc/nsswitch.conf file,
uninstall nss-mdns package and restart Gnome session to make Nautilus finds the samba shares from my desktop computer again.
Offline
The problem is back, but this time the old solution doesn't seem to work for me.
"... being a Linux user is sort of like living in a house inhabited by a large family of carpenters and architects. Every morning when you wake up, the house is a little different. Maybe there is a new turret, or some walls have moved. Or perhaps someone has temporarily removed the floor under your bed."
MSI Raider GE78HX 13VI-032PL
Offline
Not necessary to open a new thread I guess. Latest Samba broken again. Incompatibility with ldb.
samba version 4.14.6
ldb_version=2.4.0 module_version=2.3.0
Config:
[global]
netbios name = EUROPA1
passdb backend = samba_dsdb
security = ADS
realm = SDX.LOCAL
server role = member server
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
workgroup = SDX
log file = /var/log/samba/%m.log
log level = 1
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind use default domain = yes
winbind expand groups = 4
winbind nss info = rfc2307
winbind refresh tickets = yes
winbind offline logon = yes
winbind normalize names = yes
## map ids outside of domain to tdb files.
idmap config *:backend = tdb
idmap config *:range = 3000-9999
## map ids from the domain the ranges may not overlap !
idmap config SDX : backend = rid
idmap config SDX : range = 10000-9999999
template shell = /bin/bash
template homedir = /data/users/%U
domain master = no
local master = no
preferred master = no
os level = 20
map to guest = bad user
host msdfs = no
# user Administrator workaround, without it you are unable to set privileges
username map = /etc/samba/user.map
# For ACL support on domain member
vfs objects = acl_xattr
map acl inherit = yes
# Share Setting Globally
unix extensions = no
reset on zero vc = yes
veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
hide unreadable = yes
force create mode = 0660
force directory mode = 0770
# disable printing completely
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
[users]
path = /data/users
read only = no
browseable = yes
inherit acls = yes
force create mode = 0600
force directory mode = 0700
root preexec = bash -c '[[ -d /data/users/%U ]] || mkdir -m 0700 /data/users/%U && chown %U:"Domain Users" /data/users/%U'
[ftp]
path = /data/ftp
read only = no
# root preexec = bash -c '[[ -d /data/ftp/%U ]] || mkdir -m 0777 /data/ftp/%U && chown %U:"FTP Users" /data/ftp/%U'
[sdx]
path = /data/sdx
read only = no
vfs objects = virusfilter
virusfilter:scanner = clamav
virusfilter:socket path = /run/clamav/clamd.ctl
virusfilter:scan on open = yes
virusfilter:scan on close = no
virusfilter:max file size = 100000000
virusfilter:min file size = 10
virusfilter:infected file action = rename
virusfilter:rename prefix = virusfilter.
virusfilter:rename suffix = .infected
virusfilter:infected file command = echo -e "Virus Found\nFound virus during on-access scanning of Samba share sdx." | mail -s "Europa: Virus found" it@sdx.nl
virusfilter:scan error command = echo -e "Scan Error\nScan error during on-access scanning of Samba share sdx." | mail -s "Europa: Scan error" it@sdx.nl
[mgmt]
path = /data/mgmt
read only = no
vfs objects = virusfilter
virusfilter:scanner = clamav
virusfilter:socket path = /run/clamav/clamd.ctl
virusfilter:scan on open = yes
virusfilter:scan on close = no
virusfilter:max file size = 100000000
virusfilter:min file size = 10
virusfilter:infected file action = rename
virusfilter:rename prefix = virusfilter.
virusfilter:rename suffix = .infected
virusfilter:infected file command = echo -e "Virus Found\nFound virus during on-access scanning of Samba share sdx." | mail -s "Europa: Virus found" it@sdx.nl
virusfilter:scan error command = echo -e "Scan Error\nScan error during on-access scanning of Samba share sdx." | mail -s "Europa: Scan error" it@sdx.nl
[quarantine]
path = /data/quarantine
read only = no
[admins]
path = /data/admins
read only = no
vfs objects = virusfilter
virusfilter:scanner = clamav
virusfilter:socket path = /run/clamav/clamd.ctl
virusfilter:scan on open = yes
virusfilter:scan on close = no
virusfilter:max file size = 100000000
virusfilter:min file size = 10
virusfilter:infected file action = rename
virusfilter:rename prefix = virusfilter.
virusfilter:rename suffix = .infected
virusfilter:infected file command = echo -e "Virus Found\nFound virus during on-access scanning of Samba share sdx." | mail -s "Europa: Virus found" it@sdx.nl
virusfilter:scan error command = echo -e "Scan Error\nScan error during on-access scanning of Samba share sdx." | mail -s "Europa: Scan error" it@sdx.nl
[backup]
path = /data/backup
read only = no
[transporeon]
path = /data/transporeon
read only = no
Offline
Offline
Same problem. Can't connect to my Samba share after upgrading to samba 4.20 - had to downgrade to 4.19 again to make it work.
Offline