sufwei 2011-04-22
为了让Linux服务器上的用户通过Windows访问他们在Linux服务器上的HOME目录,以及其他目录。
0、openSUSE11.4的用户需要关闭Novoll AppArmor,或更新/etc/apparmor.d/下关于samba的配置:
/etc/apparmor.d/usr.sbin.nmbd:
# Last Modified: Sun Feb 20 21:14:20 2011
#include <tunables/global>/usr/sbin/nmbd {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/samba>capability net_bind_service,
/usr/sbin/nmbd mr,
/var/cache/samba/browse.dat* rw,
/var/lib/samba/browse.dat rw,
/var/lib/samba/browse.dat. w,
/var/lib/samba/wins.dat* rw,
/var/log/samba/cores/ w,
/var/log/samba/cores/nmbd/ rw,
/var/log/samba/cores/nmbd/** rw,
/var/run/samba/** rk,
/var/run/samba/nmbd.pid rw,
/etc/apparmor.d/usr.sbin.smbd:
# Last Modified: Sun Feb 20 21:14:20 2011
#include <tunables/global>/usr/sbin/smbd flags=(complain) {
#include <abstractions/authentication>
#include <abstractions/base>
#include <abstractions/consoles>
#include <abstractions/cups-client>
#include <abstractions/nameservice>
#include <abstractions/samba>
#include <abstractions/user-tmp>
#include <abstractions/wutmp>capability net_bind_service,
capability setgid,
capability setuid,
capability sys_resource,
capability sys_tty_config,/etc/mtab r,
/etc/printcap r,
/etc/samba/passdb.tdb rwk,
/etc/samba/secrets.tdb rwk,
/proc/*/mounts r,
/usr/sbin/smbd mr,
/var/cache/samba/** rwk,
/var/cache/samba/printing/printers.tdb mrw,
/var/lib/samba/** rwk,
/var/lib/samba/printers/** rw,
/var/log/samba/cores/smbd/ rw,
/var/log/samba/cores/smbd/** rw,
/var/run/cups/cups.sock rw,
/var/run/dbus/system_bus_socket rw,
/var/run/samba/** rk,
/var/run/samba/smbd.pid rw,
/var/spool/samba/** rw,
@{HOMEDIRS}/** rwlk,}