Bug 679501

Summary: samba server don't work ootb - apparmor work needed, guest access not saved
Product: [openSUSE] openSUSE 11.4 Reporter: Manuel K <squealernet>
Component: SambaAssignee: The 'Opening Windows to a Wider World' guys <samba-maintainers>
Status: RESOLVED DUPLICATE QA Contact: The 'Opening Windows to a Wider World' guys <samba-maintainers>
Severity: Major    
Priority: P5 - None    
Version: Factory   
Target Milestone: ---   
Hardware: 32bit   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Manuel K 2011-03-14 18:54:30 UTC 
User-Agent:       Opera/9.80 (X11; Linux i686; U; de) Presto/2.7.62 Version/11.01

After upgrading from 11.3 to 11.4 the samba server don't work anymore. the daemon is not loaded. this could be fixed with some info from irc:

YAST -> Novell AppArmor -> AppArmor Control Panel -> Set Profile Modes (Configure) -> usr.sbin.smb -> Toggle Mode, usr.sbin.nmb -> Toggle Mode -> Done -> Done. Restart smb+nmb services.

Now samba server module is loaded, but leads to second problem. The "Allow Guest Access" flag is unchecked every time the yast module is loaded.

in /etc/samba/smb.conf I had to add

guest ok = yes 

to every share entry. additionally in [global] section I had to change
  security = user
to
  security = share

and added 
  guest account = nobody

I don't know if the save bug is affected by the first apparmor thing, I "THINK" the "Allow Guest Access" stayed before I changed it, but cannot recall it.

Reproducible: Always

Steps to Reproduce:
1. start samba -> fail
2. try to access shares anonymous
3.
Actual Results:  
to 1.: -> daemon not loaded -> appArmor stuff
to 2.: -> shares not shown on mobile device

Expected Results:  
everything working like in 11.3 before ;-)
Comment 1 James McDonough 2011-03-15 15:34:25 UTC 
Please check the packages at the end of the duplicate bug 666450.  I believe that should take care of the security issues.

I'm not so sure about the "allow guest access" box however.  That might be a separate issue.

*** This bug has been marked as a duplicate of bug 666450 ***