# samba permissions swat



## Crotalus (Sep 22, 2011)

I have been having a fun time to get Samba to work with permission problems. If I can solve the Swat problem maybe the other problems with access will go away. The client has an address of 192.168.20.201 which is defined in the Samba conf file. 
	
	



```
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.2-RELEASE #0: Thu Feb 17 02:41:51 UTC 2011
    root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: AMD Athlon(tm) 64 Processor 3500+ (2210.20-MHz K8-class CPU)
```


```
Samba version 3.5.6
PID     Username      Group         Machine                        
-------------------------------------------------------------------
 <processes do not show up in anonymous mode>

Service      pid     machine       Connected at
-------------------------------------------------------

No locked files
```

When using swat I get the following message; 
	
	



```
403 Forbidden
Samba is configured to deny access from this client
Check your "hosts allow" and "hosts deny" options in smb.conf
```

I had to add the following in /etc/hosts.allow because it keep telling me that I was not allowed to use Swat. 

```
# Swat - Samba port 901
swat : 192.168.20. : allow
swat : 192.168. : allow
swat : ALL : deny
```

From /var/log/samba/.log I find the following when using Swat. There is nothing indicating any errors in any of the other log files.

```
[2011/09/22 15:06:39.690911,  2] lib/interface.c:341(add_interface)
  added interface nfe0 ip=192.168.20.7 bcast=192.168.20.255 netmask=255.255.255.0
[2011/09/22 15:06:39.691283,  1] printing/printer_list.c:220(printer_list_get_last_refresh)
  Failed to fetch record!
[2011/09/22 15:06:39.691336,  3] web/cgi.c:574(only_ipaddrs_in_list)
  only_ipaddrs_in_list: list has non-ip address (192.168.20)
[2011/09/22 15:06:39.691352,  3] web/cgi.c:608(check_access)
  check_access: hostnames in host allow/deny list.
[2011/09/22 15:06:39.710199,  0] lib/access.c:338(allow_access)
  Denied connection from UNKNOWN (192.168.20.201)
[2011/09/22 15:06:39.710240,  0] web/cgi.c:622(check_access)
  Denied connection from UNKNOWN (192.168.20.201)
```
Here is the /usr/local/etc/smb.conf

```
[global]
        workgroup = GROUP1
        server string = Samba Server
        security = SHARE
#       security = User 
        encrypt passwords = No
        map to guest = Bad User  
#       map to guest = Bad Password
        log file = /var/log/samba.log.%m
        max log size = 50
        dns proxy = No
        hosts allow = 192.168.20. 127.
        smb ports = 139
        log level = 4
        disable netbios = no


[homes]
        comment = Home directory for %u on %h
        path = /usr/home/%u/Docs
        valid users = %S
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        print ok = Yes
        browseable = No

[public]
        comment = %h Shared Public Directory
        path = /storage2/public
        force user = nobody
        force group = wheel
        read only = No
        force create mode = 0666
        force directory mode = 0777
        guest ok = Yes
        public = yes
```
Where should I be looking for the problem?

Thanks!

Keith


----------



## Crotalus (Sep 23, 2011)

I did a 
`# service samba stop`
`# portupgrade -rvf samba35`
`# service samba start`
and now it works. Still can't access the server or shares because of permissions.

This is weird because a forced add of the package did not work.

Keith


----------

