Bug 188390 - Samba shares do not work by default
Samba shares do not work by default
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: system-config-samba (Show other bugs)
5
All Linux
medium Severity high
: ---
: ---
Assigned To: Nils Philippsen
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-08 18:14 EDT by Joel Schaerer
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-28 03:43:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Joel Schaerer 2006-04-08 18:14:05 EDT
Description of problem:

Due to iptables blocking incomming samba trafic by default, samba shares don't
work without difficult iptables reconfiguration.
Sys-config-samba does not warn in anyway about the problem, so the user is left
with a network that does not work, without any clue as to what may be the problem.

Expected results:
Intallation of the samba packages should provide the option to open ports.
If that is not possible, sys-config-samba should provide the option.
Comment 1 Joel Schaerer 2007-08-24 07:47:35 EDT
How is this "not a bug"???
Comment 2 Nils Philippsen 2007-08-28 03:43:02 EDT
This is not a bug in the configuration tool for Samba (or Samba itself) because:

- It is possible to break almost any application by misconfiguring the firewall.
- It is far from trivial to detect such wrong configuration reliably for a
single application. For instance (and this is just one example), a failed check
to reach a specific TCP port can be due to the firewall or SELinux.
- The user is asked about the firewall setting either during installation or the
first boot process (depends on the Fedora version). Therefore the argument that
he wasn't aware of it doesn't really count.

Like SELinux, a firewall is a Mandatory Access Control system where rules are
kept separate from the governed object (the Samba server app in this case). You
should've been asked about its settings during installation or the first bootup.
It would've been easy to enable Samba at that point (or during a later point
with system-config-securitylevel). I don't buy the argument that
system-config-samba or samba itself should somehow make up for that omission ;-).

Note You need to log in before you can comment on or make changes to this bug.