SMB permissions conundrum

Hello… I have an issue using SMB in a Fedora server.

I have a plexserver and want to share the media folder access via SMB (using user:group plex:plex) so I can add content remotely.

here is what I did.

1- Installed Fedora server 40 …success
2- Installed Plexserver via dnf and allowed it in firewall and can access it/use the webUI …success
3- (auto) Mounted an extra HD in /media/hd1 …success
4- Created the PLEX media directory as /media/hd1/PLEX with separate directories inside…success
5- Chown /media/hd1/PLEX to plex:plex user …success with current permissions
drwxr-xr-x. 6 plex plex 83 Aug 5 18:25 PLEX
6- Installed SAMBA and it is running …success (managed to connect to another user, to it’s home directory, that is in the Operating system disk)
7- Added the SELinux tag to /media/hd1/PLEX . result of ls -ldZ /media/hd1/PLEX
drwxr-xr-x. 6 plex plex unconfined_u:object_r:samba_share_t:s0 83 Aug 5 18:25 /media/hd1/PLEX
8- Added to smb.conf
[plexhome]
comment = allows access to Plex media files
path = /media/hd1/PLEX
valid users = plex
browseable = Yes
read only = No
inherit acls = Yes

I can reach the server/IP from my mac, but I can’t access this directory.
HELP.

Was this applied recursively to all files? The easiest way to make sure Samba can access those files (and any new ones that you add later) might be to add context=system_u:object_r:samba_share_t:s0 as a mount option for your /media/hd1 mountpoint in /etc/fstab.

What is the type of the parent dir? Do you have something audited?

ls -lZd / /media /media/hd1 /media/hd1/PLEX
ausearch -i -m avc,user_avc,selinux_err,user_selinux_err -ts today

1 Like

well this is weird

I can now connect to the smb, but only if I use smb://user:password@IP
if I connect only to smb://IP… I cannot login… Go figure.

Is it trying to sign in with cached credentials instead of prompting for them? Maybe check your keychain and delete any stored SMB credentials from there.

1 Like

THxs vey much!
Don’t know exactly what solved it, but the last thing I did was to include the mounting options in the FSTAB.
When trying with a different computer (with fedora), the connection went trhough and the user/password request appeared.
HAPPY now!

Many thxs for all the help!