Monday, March 15, 2010

Adventures in Fedora security

It's not just Windows that'll do this to me, where I can spend an hour cruising through setting up a dozen complex things, and then grind to a dead stop on something very simple.

I just spent about five minutes getting Samba set up, and activating the hidden configuration settings necessary to make Windows able to access it via encrypted passwords, whereupon I could see... every directory except the one I wanted. And then I spent about two hours bashing my head against Samba. I rebooted, I tweaked settings, I restarted services, I redid chmod and chown and chgrp permissions, I moved hidden files, I rebuilt the entire directory and moved things around, and nothing came of any of it.

Finally on logging off and back on, I found Linux very helpfully getting around to telling me that there'd been 22 security alerts. And every single one of them was some pernicious villain trying to access a user's home directory via Samba! The cad! The bounder! The absolute rapscallion! Stalwart Linux, seeing I had shared a user's home directory explicitly, concluded that I couldn't possibly want to share it, and vigilantly protected me from it without so much as a notice, at least until my reboot.

On the other hand, Linux was just as forthcoming with instructions on how to fix the problem, now that it had finally thought to mention it. The precise command I needed to enable the blocked access was provided right there in the security alert, and once I executed it as root, bang, it all worked.

Too bad I blew most of the evening on that. Hopefully I won't have those kinds of problems setting up MySQL, CVS, or my compiler and runtime environments.

No comments: