Samba share configuration with a NTFS partition mounted under /mnt

Hi,
I hope I can the right procedure here:

I did a fresh install of Fedora 40 KDE on a 40 GB partition.
Then i added the remaining disk space of the drive as an ntfs partition.
I mounted this partition under /mnt/DATA in the fstab which I can access.
Installed the smb service and the dolphin samba module.
Updated the smb.conf with that folder.
I followed mainly the smb share document from the fedora website.
Did firewall etc. related to that folder.
I can see the shared folder under network.
But when i click on it is asking for userlogin and password and none of my credentials are accepted.
Adding a group in the smb.conf didnt make a change to the situation.
Is there any hint what the right procedure would be to share a drive which is not placed in the home directory?
In this case under /mnt as an ntfs partition.
Thank you for looking into this!

Your chances for a good answer will increase if you share your samba configuration.

Followed this doc? How to create a Samba share :: Fedora Docs

Yes i followed this doc and adapted the folder.

fstab

# /etc/fstab
# Created by anaconda on Sun Jul 28 08:25:16 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
UUID=5b22f07a-f2e1-4cda-af05-6adaba56d420   /                  btrfs   subvol=root,compress=zstd:1   0 0 
UUID=33f2fbab-f980-46a0-9460-0958a7f9f92a   /boot              ext4    defaults                      1 2 
UUID=757B-BF30                              /boot/efi          vfat    umask=0077,shortname=winnt    0 2 
UUID=5b22f07a-f2e1-4cda-af05-6adaba56d420   /home              btrfs   subvol=home,compress=zstd:1   0 0 
UUID=1C280C062029E310                       /mnt/DATA   ntfs    nofail                        0 0 

testparm

# Global parameters
[global]
        printcap name = cups
        security = USER
        usershare allow guests = Yes
        usershare max shares = 100
        usershare owner only = No
        workgroup = SAMBA
        idmap config * : backend = tdb
        cups options = raw
        include = /etc/samba/usershares.conf


[homes]
        browseable = No
        comment = Home Directories
        inherit acls = Yes
        read only = No
        valid users = %S %D%w%S


[printers]
        browseable = No
        comment = All Printers
        create mask = 0600
        path = /var/tmp
        printable = Yes


[print$]
        comment = Printer Drivers
        create mask = 0664
        directory mask = 0775
        force group = @printadmin
        path = /var/lib/samba/drivers
        write list = @printadmin root


[DATA]
        comment = DATA Share
        create mask = 0660
        directory mask = 0770
        force group = +frank
        guest ok = Yes
        path = /mnt/DATA
        read only = No
        valid users = @frank
        write list = user

systemctl status smb

Jul 29 10:43:47 fedora systemd[1]: Starting smb.service - Samba SMB Daemon...
Jul 29 10:43:48 fedora smbd[1062]: [2024/07/29 10:43:48.208775,  0] ../../source3/smbd/server.c:1746(main)
Jul 29 10:43:48 fedora smbd[1062]:   smbd version 4.20.2 started.
Jul 29 10:43:48 fedora smbd[1062]:   Copyright Andrew Tridgell and the Samba Team 1992-2024
Jul 29 10:43:48 fedora systemd[1]: Started smb.service - Samba SMB Daemon.

journalctl --no-pager -b _AUDIT_TYPE_NAME=AVC
– No entries –

sudo firewall-cmd --list-all

FedoraWorkstation (default, active)
  target: default
  ingress-priority: 0
  egress-priority: 0
  icmp-block-inversion: no
  interfaces: wlo2
  sources: 
  services: dhcpv6-client mdns samba samba-client ssh
  ports: 1025-65535/udp 1025-65535/tcp
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

Not you those two settings interfere, either guest or forcing frank?

Did you run smbpasswd to add frank to samba? Otherwise, authentication doesn’t work.

Yes I did frank for smbpasswd with a 4 digits password. I was trying all of it several times, even reimaged with a clean fedora installation. I also mounted the ntfs partition in the home directory in one test. I had access through the mount but after the samba configuration it was the same outcome. You could see the folder under network in the system but if you click on, it asked for credentials. Then I used my login frank with the smb password and it did not accept it. Also my general password for the system was denied. I always come to the point to the directory folder but not get into it. I have not made the guest entry on my own and can’t tell you anything about this.
I’m happy to start all over again with a virgin installation if I can get support for a right steps followup specially with ntfs mount which I want under /mnt instead of /home. I’m working under Kubuntu at the moment where I have the same configuration with an ntfs share which works without any config problem but I would like to move to Fedora kde with my production system. For that the ntfs share would be essential.

you need sudo smbpasswd -a frank to add your user to samba
under valid users you should not need the @ in front of frank

I gave it a new try with a clean install and update:

1. Installed Fedora 40 KDE with all updates on a 50 GB Partition Btrfs
2. Formatted the remaining partion from the disk 180 GB Ntfs (dev/sda4)
3. Created directory under /mnt/DATA
4. Mounted the ntfs partition through the directory via fstab
   UUID=“662AE64536483300” /mnt/DATA ntfs defaults,uid=1000,gid=1000,nofail 0 0
5. Proofed access to the directory, created a directory called DATA which i wanted to share, copied a document into
   Permission of the directory:
   drwxrwxrwx. 1 frank frank 4096 29. Jul 14:20 DATA
6. Did the samba install related to the Fedora doc for samba:
   sudo dnf install samba
   sudo systemctl enable smb --now
   firewall-cmd --get-active-zones
   sudo firewall-cmd --permanent --zone=FedoraWorkstation --add-service=samba
   sudo firewall-cmd --reload
7. Added user frank
   sudo smbpasswd -a frank

8. I don’t know if that would be the correct commands I did in my case, anyway it did not came back with any error message:
sudo semanage fcontext --add --type “samba_share_t” “/mnt/DATA(/.*)?”
sudo restorecon -R /mnt/DATA

9. Added section at the end of smb.conf
   [DATA]
   comment = My DATA Share
   path = /mnt/DATA
   writeable = yes
   browseable = yes
   public = yes
   create mask = 0644
   directory mask = 0755
   write list = user

10. sudo systemctl restart smb then testparm
    Load smb config files from /etc/samba/smb.conf
    Loaded services file OK.
    Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)
    Server role: ROLE_STANDALONE
    [DATA]
    comment = My DATA Share
    create mask = 0644
    guest ok = Yes
    path = /mnt/DATA
    read only = No
    write list = user
    

Rebooted, can see the share under network, try to access the folder, credentails are not accepted.
At that point to here i had not installed the Dolphin - Samba Modul
which i did in my last installation but it did not made a difference last time.
See screenshots below:

Status from tail -f /var/log/samba/log.smbd
at the moment i try to login

Primary group is 0 and contains 0 supplementary groups
[2024/07/29 16:24:03.951362, 5] …/…/source3/smbd/uid.c:494(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2024/07/29 16:24:03.951414, 4] …/…/source3/smbd/sec_ctx.c:317(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2024/07/29 16:24:03.951440, 5] …/…/libcli/security/security_token.c:114(security_token_debug)
Security token: (NULL)
[2024/07/29 16:24:03.951467, 5] …/…/source3/auth/token_util.c:912(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2024/07/29 16:24:03.951516, 5] …/…/source3/smbd/uid.c:494(smbd_change_to_root_user)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2024/07/29 16:24:03.951549, 5] …/…/source3/lib/messages.c:764(messaging_deregister)
Deregistering messaging pointer for type 784 - private_data=0x55f975acef30
[2024/07/29 16:24:03.951927, 3] …/…/source3/smbd/server_exit.c:229(exit_server_common)
Server exit (NT_STATUS_CONNECTION_RESET)

Status of
ls -dZ /mnt/DATA
system_u:object_r:fusefs_t:s0 /mnt/DATA

I do not have any drives formatted with ntfs so I can not help with that but I have read in forums where people have to add some settings to make it work.All my drives are formatted xfs and share with no issues.I hope someone can help more with this issue.

I use samba from a fedora server to windows, macos and fedora kde.
But I use a linux file system not NTFS.

I wonder if the fact you are using NTFS is adding issues?

I reformated the partition to btrfs with the same behavior. For me it looks like it doesn’t work outside the home directory structure.

It says it doesn’t exist

This is now under a btrfs partition.

So is ls -Zd /mnt/DATA showing samba_share_t now?

Bildschirmfoto_20240730_075452898×220 41 KB

I can see the problem now. I created 2 partitions one btrfs and one ntfs to compare the behavior while setting up the samba shares.
The btrfs partition shows samba_share_t.
The ntfs partition do not.
Any hint to get the ntfs enabled?

Try: sudo setsebool -P samba_share_fusefs 1