# Gentoo to Gentoo Samba mount problems

## smellycheeseboy

I am using LinNeighborhood to access the network of my two other roommates.  It seems that most people are using samba from the command line.

Anyway I have searched the forums to no avail but my problem is that one of my roommates and I are running Gentoo and we can't mount each other's shares.  When we try to mount them we get this error.  

```
SMB connection failed

Anonymous login successful

13586: tree connect failed: ERRDOS - ERRnosuchshare
```

We both however can mount our third roommates WinME shares.  

We are using Samba version 2.8.8.  Does anyone know how to fix this?

Thanks

Me

P.S.  The 13586 in the error message is a different number everytime.  I don't think this matters but just for the info.

----------

## ckdake

what command are you using to mount them? is there any way to tell from your program?

to mount on my computer i do:

```
#sudo mount -t smbfs -o username=ckdake //zion/ckdake /mnt/zion_ckdake
```

----------

## smellycheeseboy

That is apparently the same command that LinNeighborhood uses because we tried that command from the command line and it gave us the same error.

Me

----------

## ckdake

are you trying to connect as an anonymous user or are you using a login name that is valid on the "server".

are you in the same workgroup as the "server"?

from the command line what happens when you do:

```
$smbclient -U some_username -L server_name
```

it should prompt you for the password on the server machine associated with that username, then should list the shares that that user should have access to.

----------

## smellycheeseboy

The anonymous login works and it gives me all the stuff that I have access too, I just can't mount his shares.  

I'm wondering if it isn't something wrong in the smb.conf file.  All I changed in it was the part in the share definitions so that I could share my stuff.

Should I post this file so that you can take a look at it?

Me

----------

## ckdake

sure. never hurts to post the config file.  I just tried connection with anonymous as the user from the command line mount command, and it asked for a password, i just hit return, and no error message but it didnt actually mount. hmm.

----------

## smellycheeseboy

Here is smb.conf:

```
# $Header: /home/cvsroot/gentoo-x86/net-fs/samba/files/smb.conf.example,v 1.3 2002/08/27 20:39:48 woodchip Exp $

# This is the main Samba configuration file. You should read the

# smb.conf(5) manual page in order to understand the options listed

# here. Samba has a huge number of configurable options (perhaps too

# many!) most of which are not shown in this example

#

# Any line which starts with a ; (semi-colon) or a # (hash) 

# is a comment and is ignored. In this example we will use a #

# for commentry and a ; for parts of the config file that you

# may wish to enable

#

# NOTE: Whenever you modify this file you should run the command "testparm"

# to check that you have not made any basic syntactic errors. 

#

#======================= Global Settings =====================================

[global]

# 1. Server Naming Options:

# workgroup = NT-Domain-Name or Workgroup-Name

   workgroup = SEAMUS

# netbios name is the name you will see in "Network Neighbourhood",

# but defaults to your hostname

;  netbios name = <name_of_this_server>

# server string is the equivalent of the NT Description field

   server string = T's Stuff %v

# Message command is run by samba when a "popup" message is sent to it.

# The example below is for use with LinPopUp:

; message command = /usr/bin/linpopup "%f" "%m" %s; rm %s

# 2. Printing Options:

# CHANGES TO ENABLE PRINTING ON ALL CUPS PRINTERS IN THE NETWORK

# if you want to automatically load your printer list rather

# than setting them up individually then you'll need this

   printcap name = lpstat

   load printers = yes

# It should not be necessary to spell out the print system type unless

# yours is non-standard. Currently supported print systems include:

# bsd, sysv, plp, lprng, aix, hpux, qnx, cups

   printing = cups

# Samba 2.2 supports the Windows NT-style point-and-print feature. To

# use this, you need to be able to upload print drivers to the samba

# server. The printer admins (or root) may install drivers onto samba.

# Note that this feature uses the print$ share, so you will need to 

# enable it below.

# This parameter works like domain admin group:

# printer admin = @<group> <user>

;   printer admin = @adm

# 3. Logging Options:

# this tells Samba to use a separate log file for each machine

# that connects

   log file = /var/log/samba/log.%m

# Put a capping on the size of the log files (in Kb).

   max log size = 50

# Set the log (verbosity) level (0 <= log level <= 10)

; log level = 3

# 4. Security and Domain Membership Options:

# This option is important for security. It allows you to restrict

# connections to machines which are on your local network. The

# following example restricts access to two C class networks and

# the "loopback" interface. For more examples of the syntax see

# the smb.conf man page. Do not enable this if (tcp/ip) name resolution does

# not work for all the hosts in your network.

;   hosts allow = 192.168.1. 192.168.2. 127.

# Uncomment this if you want a guest account, you must add this to /etc/passwd

# otherwise the user "nobody" is used

;  guest account = pcguest

# Security mode. Most people will want user level security. See

# security_level.txt for details.

   security = user

# Use password server option only with security = server or security = domain

# When using security = domain, you should use password server = *

;   password server = <NT-Server-Name>

;   password server = *

# Password Level allows matching of _n_ characters of the password for

# all combinations of upper and lower case.

;  password level = 8

;  username level = 8

# You may wish to use password encryption. Please read

# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.

# Do not enable this option unless you have read those documents

# Encrypted passwords are required for any use of samba in a Windows NT domain

# The smbpasswd file is only required by a server doing authentication, thus

# members of a domain do not need one.

  encrypt passwords = yes

  smb passwd file = /etc/samba/private/smbpasswd

# The following are needed to allow password changing from Windows to

# also update the Linux system password.

# NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above.

# NOTE2: You do NOT need these to allow workstations to change only

#        the encrypted SMB passwords. They allow the Unix password

#        to be kept in sync with the SMB password.

;  unix password sync = Yes

;  passwd program = /usr/bin/passwd %u

;  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n

;*passwd:*all*authentication*tokens*updated*successfully*

# Unix users can map to different SMB User names

;  username map = /etc/samba/smbusers

# Using the following line enables you to customise your configuration

# on a per machine basis. The %m gets replaced with the netbios name

# of the machine that is connecting

;   include = /etc/samba/smb.conf.%m

# Options for using winbind. Winbind allows you to do all account and

# authentication from a Windows or samba domain controller, creating

# accounts on the fly, and maintaining a mapping of Windows RIDs to unix uid's 

# and gid's. winbind uid and winbind gid are the only required parameters.

#

# winbind uid is the range of uid's winbind can use when mapping RIDs to uid's

;  winbind uid = 10000-20000

#

# winbind gid is the range of uid's winbind can use when mapping RIDs to gid's

;  winbind gid = 10000-20000

#

# winbind separator is the character a user must use between their domain

# name and username, defaults to "\"

;  winbind separator = +

#

# template homedir determines the home directory for winbind users, with 

# %D expanding to their domain name and %U expanding to their username:

;  template homedir = /home/%D/%U

#

# template shell determines the shell users authenticated by winbind get

;  template shell = /bin/bash

# 5. Browser Control and Networking Options:

# Most people will find that this option gives better performance.

# See speed.txt and the manual pages for details

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# Configure Samba to use multiple interfaces

# If you have multiple network interfaces then you must list them

# here. See the man page for details.

;   interfaces = 192.168.12.2/24 192.168.13.2/24 

# Configure remote browse list synchronisation here

#  request announcement to, or browse list sync from:

#       a specific host or from / to a whole subnet (see below)

;   remote browse sync = 192.168.3.25 192.168.5.255

# Cause this host to announce itself to local subnets here

;   remote announce = 192.168.1.255 192.168.2.44

# set local master to no if you don't want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

;   local master = no

# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

;   os level = 33

# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don't use this

# if you already have a Windows NT domain controller doing this job

;   domain master = yes 

# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

;   preferred master = yes

# 6. Domain Control Options:

# Enable this if you want Samba to be a domain logon server for 

# Windows95 workstations or Primary Domain Controller for WinNT and Win2k

;   domain logons = yes

# if you enable domain logons then you may want a per-machine or

# per user logon script

# run a specific logon batch file per workstation (machine)

;   logon script = %m.bat

# run a specific logon batch file per username

;   logon script = %U.bat

# Where to store roaming profiles for WinNT and Win2k

#        %L substitutes for this servers netbios name, %U is username

#        You must uncomment the [Profiles] share below

;   logon path = \\%L\Profiles\%U

# Where to store roaming profiles for Win9x. Be careful with this as it also

# impacts where Win2k finds it's /HOME share

; logon home = \\%L\%U\.profile

# The add user script is used by a domain member to add local user accounts

# that have been authenticated by the domain controller, or by the domain

# controller to add local machine accounts when adding machines to the domain.

# The script must work from the command line when replacing the macros,

# or the operation will fail. Check that groups exist if forcing a group.

# Script for domain controller for adding machines:

; add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine Account' -s /bin/false -M %u

# Script for domain member for adding local accounts for authenticated users:

; add user script = /usr/sbin/useradd -s /bin/false %u

# Domain groups:

# domain admin group is a list of unix users or groups who are made members

# of the Domain Admin group

; domain admin group = root @wheel

#

# domain guest groups is a list of unix users or groups who are made members

# of the Domain Guests group

; domain guest group = nobody @guest

# 7. Name Resolution Options:

# All NetBIOS names must be resolved to IP Addresses

# 'Name Resolve Order' allows the named resolution mechanism to be specified

# the default order is "host lmhosts wins bcast". "host" means use the unix

# system gethostbyname() function call that will use either /etc/hosts OR

# DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf

# and the /etc/resolv.conf file. "host" therefore is system configuration

# dependant. This parameter is most often of use to prevent DNS lookups

# in order to resolve NetBIOS names to IP Addresses. Use with care!

# The example below excludes use of name resolution for machines that are NOT

# on the local network segment

# - OR - are not deliberately to be known via lmhosts or via WINS.

; name resolve order = wins lmhosts bcast

# Windows Internet Name Serving Support Section:

# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server

;   wins support = yes

# WINS Server - Tells the NMBD components of Samba to be a WINS Client

#       Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

;   wins server = w.x.y.z

# WINS Proxy - Tells Samba to answer name resolution queries on

# behalf of a non WINS capable client, for this to work there must be

# at least one  WINS Server on the network. The default is NO.

;   wins proxy = yes

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups. The built-in default for versions 1.9.17 is yes,

# this has been changed in version 1.9.18 to no.

   dns proxy = no 

# 8. File Naming Options:

# Case Preservation can be handy - system default is _no_

# NOTE: These can be set on a per share basis

;  preserve case = no

;  short preserve case = no

# Default case is normally upper case for all DOS files

;  default case = lower

# Be very careful with case sensitivity - it can break things!

;  case sensitive = no

# Enabling internationalization:

# you can match a Windows code page with a UNIX character set.

# Windows: 437 (US), 737 (GREEK), 850 (Latin1 - Western European),

# 852 (Eastern Eu.), 861 (Icelandic), 932 (Cyrillic - Russian),

# 936 (Japanese - Shift-JIS), 936 (Simpl. Chinese), 949 (Korean Hangul),

# 950 (Trad. Chin.).

# UNIX: ISO8859-1 (Western European), ISO8859-2 (Eastern Eu.),

# ISO8859-5 (Russian Cyrillic), KOI8-R (Alt-Russ. Cyril.)

# This is an example for french users:

;   client code page = 850

;   character set = ISO8859-1

#============================ Share Definitions ==============================

[homes]

   comment = Home Directories

   browseable = no

   writable = yes

# Un-comment the following and create the netlogon directory for Domain Logons

; [netlogon]

;   comment = Network Logon Service

;   path = /var/lib/samba/netlogon

;   guest ok = yes

;   writable = no

# Un-comment the following to provide a specific roving profile share

# the default is to use the user's home directory

;[Profiles]

;    path = /var/lib/samba/profiles

;    browseable = no

;    guest ok = yes

# NOTE: If you have a CUPS print system there is no need to 

# specifically define each individual printer.

# You must configure the samba printers with the appropriate Windows

# drivers on your Windows clients. On the Samba server no filtering is

# done. If you wish that the server provides the driver and the clients

# send PostScript ("Generic PostScript Printer" under Windows), you have

# to swap the 'print command' line below with the commented one.

[printers]

   comment = All Printers

   path = /var/spool/samba

   browseable = no

# to allow user 'guest account' to print.

   guest ok = yes

   writable = no

   printable = yes

   create mode = 0700

# =====================================

# print command: see above for details.

# =====================================

   print command = lpr -P %p -o raw %s -r   # using client side printer drivers.

;   print command = lpr -P %p %s # using cups own drivers (use generic PostScript on clients).

# The following two commands are the samba defaults for printing=cups

# change them only if you need different options:

;   lpq command = lpq -P %p

;   lprm command = cancel %p-%j

# This share is used for Windows NT-style point-and-print support.

# To be able to install drivers, you need to be either root, or listed

# in the printer admin parameter above. Note that you also need write access

# to the directory and share definition to be able to upload the drivers.

# For more information on this, please see the Printing Support Section of

# /usr/share/doc/samba-<version>/docs/Samba-HOWTO-Collection.pdf 

[print$]

   path = /var/lib/samba/printers

   browseable = yes

   read only = yes

   write list = @adm root

# This one is useful for people to share files

;[tmp]

;   comment = Temporary file space

;   path = /tmp

;   read only = no

;   public = yes

# A publicly accessible directory, but read only, except for people in

# the "staff" group

[public]

   comment = T's Stuff

   path = /mnt/win

   public = yes

   writable = no

   write list = @seamus

# Other examples. 

#

# A private printer, usable only by Fred. Spool data will be placed in Fred's

# home directory. Note that fred must have write access to the spool directory,

# wherever it is.

;[fredsprn]

;   comment = Fred's Printer

;   valid users = fred

;   path = /homes/fred

;   printer = freds_printer

;   public = no

;   writable = no

;   printable = yes

# A private directory, usable only by Fred. Note that Fred requires write

# access to the directory.

;[fredsdir]

;   comment = Fred's Service

;   path = /usr/somewhere/private

;   valid users = fred

;   public = no

;   writable = yes

;   printable = no

# a service which has a different directory for each machine that connects

# this allows you to tailor configurations to incoming machines. You could

# also use the %u option to tailor it by user name.

# The %m gets replaced with the machine name that is connecting.

;[pchome]

;  comment = PC Directories

;  path = /usr/pc/%m

;  public = no

;  writable = yes

# A publicly accessible directory, read/write to all users. Note that all files

# created in the directory by users will be owned by the default user, so

# any user with access can delete any other user's files. Obviously this

# directory must be writable by the default user. Another user could of course

# be specified, in which case all files would be owned by that user instead.

;[public]

;   path = /usr/somewhere/else/public

;   public = yes

;   only guest = yes

;   writable = yes

;   printable = no

# The following two entries demonstrate how to share a directory so that two

# users can place files there that will be owned by the specific users. In this

# setup, the directory should be writable by both users and should have the

# sticky bit set on it to prevent abuse. Obviously this could be extended to

# as many users as required.

;[myshare]

;   comment = Mary's and Fred's stuff

;   path = /usr/somewhere/shared

;   valid users = mary fred

;   public = no

;   writable = yes

;   printable = no

;   create mask = 0765

```

Thanks

Me

----------

## ckdake

 *Quote:*   

> 
> 
> [public]
> 
>    comment = T's Stuff
> ...

 

to be able to access that from an anonymous user, I think you have to add the line 

```
guest ok = yes
```

 to that. Right now, there is nothing for the "public" share that say's who is able to read it really.  The "public = yes" is a start, but you either need to do the "guest ok" thing (because I think the default is no...)   I don't know too much about samba, so I could be wrong, but give that a shot and I'm thinking it will work.

----------

## smellycheeseboy

I added that command and it didn't work.  I also tried 

```
only guest = yes
```

  but this didn't do anything either.

Me

----------

## ckdake

have you tried connecting to the other computer with a valid username/password on on it?

----------

## smellycheeseboy

I tried logging on to my computer from his with my username and password and also with root and root password and it gave me the same error.

Me

----------

## ckdake

can you please put the results of 

```

$smbclient -U some_username -L server_name
```

 here.  what is the name of the share you are trying to access?

----------

## smellycheeseboy

Here it is:

```

added interface ip=192.168.1.100 bcast=192.168.1.255 nmask=255.255.255.0

Got a positive name query response from 192.168.1.100 ( 192.168.1.100 )

Password: 

Anonymous login successful

Domain=[SEAMUS] OS=[Unix] Server=[Samba 2.2.8a]

        Sharename      Type      Comment

        ---------      ----      -------

        print$         Disk      

        public         Disk      T's Stuff

        IPC$           IPC       IPC Service (T's Stuff 2.2.8a)

        ADMIN$         Disk      IPC Service (T's Stuff 2.2.8a)

        Epson          Printer   

        Server               Comment

        ---------            -------

        TSLINUXBOX           T's Stuff 2.2.8a

        ZIGZAGRULER          JSamba Server 2.2.8a

        Workgroup            Master

        ---------            -------

        SEAMUS               ZIGZAGRULER

```

Me

----------

## ckdake

silly me. I think i know what the problem is.  'doh.   See, when you use samba, it uses its own password database, not the systems:

http://www.gentoo.org/doc/en/desktop.xml mentions doing:

 *Quote:*   

>  Code listing 7.5: Adding users in Samba
> 
> ```
> # smbpasswd -a grant [Replace "grant" with your user name]
> 
> ...

 

My guess is you left out that step. Try adding the users you are trying to use and see if that doest the trick.

----------

## smellycheeseboy

That was unsuccessful.  I added his username to my computer regularly and in samba and also did his name on his computer in samba and it all returned that same result.

Me

----------

## ckdake

did you restart samba after this and try to mount the share from the command line using the username and password that you just added?

----------

## smellycheeseboy

I just tried it all again after restarting samba and it gave me that same error.

Me

----------

## ckdake

what shows up in the log for samba when you try to connect?

----------

## smellycheeseboy

Where can I find the log for samba?

Me

----------

## ckdake

/var/log/samba/

that folder should contain logs with the name:  log.MACHINENAME  where MACHINENAME is the name of the other computer that tried to connect (except for log.smbd and log.smbmount.  I don't remember exactally what is in them)

----------

## smellycheeseboy

Sorry for taking so long to reply but its finals time so I am really busy.  

It says basically two things in the log file.  

```
Can't find password in database
```

  But this changed, I assume after I added him as a user.

Now it says 

```
Can't change directory to /mnt/win (Permission denied)
```

  This leads me to think that it is a problem with the permissions on my windows partition that I am trying to share but I can't mount it as a user so it should be the same for him shouldn't it?

Me

----------

## NewBlackDak

I have some input and a question.  

I had to turn off samba for PAM, because I could NEVER get it to connect wih PAM authenticating.  

Why not NFS?

----------

## smellycheeseboy

What is PAM and how do I shut it off?

Also what is NFS?  I seem to recall something of that name compiled into my kernel but that could be because I'm delsional around finals time.

Me

----------

## ckdake

don't worry about NFS for now.  That's a totally differnt way to handle network shares, but I have never heard of it being used with windows machines.

He might be right about PAM but as far as I know, I am using PAM for samba and it seems to be working right....

the line abour "Can't change directory to /mnt/win (Permission denied)" is definitely your problem. heh.  What are the permissions of of it when it is mounted?  have you tried changing the permissions?

----------

## smellycheeseboy

This is what the permissions are on /mnt/win.  

```
drwxr--r--   11 mrx      users       32768 Dec 31  1969 win

```

I did 

```
chmod 777 /mnt/win
```

  In my understanding that should be universal permissions right?

Is there something in samba where I need to set permissions?

Me

----------

## ckdake

permisions in samba can only be as "weak" as the permisssions that you give in the file system.   So you probably have samba set up properly.

What are the permissions of /mnt/win after you changed permissions and can you access it directly in ther terminal logged in as the normal user that you are trying to connect via samba?

The problem is that root can see the mount and access, so samba can start and see it no problem, however, the user that you are logged in as (via samba) doesn't have read access to it, hence your error message.  Make sure that you can access the share via the terminal, and my guess is that as soon as you ahve that working samba will work perfectly.

----------

## smellycheeseboy

Those permissions that I listed for it earlier are the permissions in the terminal.  I got them by doing 

```
ls -alrt
```

I can mount and access that mount fine as a user through the terminal.  Do you think I have to have root mount it and have it be accessible to all users?  Right now I have that mount so that users can mount it but if root has mounted it then users can't access it for some reason.

Me

----------

## ckdake

root needs to mount it and all users need to have access to it.

----------

## smellycheeseboy

How do I allow users to have access to it?

My /etc/fstab for that partition looks like this:

```

/dev/hda5               /mnt/win        vfat            noauto,noatime,users    0 0

```

Me

----------

## ckdake

take out the users line, and chmod it once it is mounted.

----------

## smellycheeseboy

I did that and now I can't access that partition as a user.

Also the chmod didn't change any of the permissions from what they were before.

Me

----------

## ckdake

search around for how to grant users access to a mount.  Now that we know what the problem is specifically, you should be able to find an answer to it somewhere else.  Here is what I found looking very quickly:

int the FAQ forum:

https://forums.gentoo.org/viewtopic.php?t=29285

and a thread:

https://forums.gentoo.org/viewtopic.php?t=114869

read the detailed instrucions in the fac abotu UID and GID and all that business.

----------

## smellycheeseboy

Cool, thanks a ton for all your help.

Me

P.S.  I looked at your website and I was wondering, do you have Gentoo on all those machines?

----------

## smellycheeseboy

To anyone else reading this.  These options ended up working for me in /etc/fstab.

/dev/hda5     /mnt/win      vfat         auto,rw,uid=1000,umask=1000         0 0

They allow me to mount /mnt/win as root and access it as a user.

Me

----------

## ckdake

I'm glad you got it working. It's always nice for stuff to work like its supposed to. heh.  

I have gentoo on my server and my software dev box, and given my recent issues with apple mail that made me switch to thunderbird I am no longer dependent on OSX so I am debating switching my powerbook over to gentoo.

----------

