為什麼 samba 不能授予對某些目錄的訪問權限？

我有一台安裝了 samba 的伺服器。我需要在 /var/spool 路徑下共享一些目錄。但是我遇到了奇怪的麻煩：我無法使用 samba 訪問 /var/spool。

有 /etc/smb.conf （我已經共享“/”用於測試目的。我之前有“/var/spool/asterisk/monitor”）：

############SMB.CONF##############
[global]
workgroup = DOMAIN
server string = DPM
netbios name = DPM
netbios aliases = fileserver
security = user
username map = /etc/samba/smbusers
encrypt passwords = yes
map to guest = bad user
hosts allow = 192.168.1.10
load printers = no
disable spoolss = yes
local master = no
unix charset = utf-8
dos charset = cp866
unix extensions = No
wide links = Yes
follow symlinks = Yes

[recordings]
 path = /
 writeable = no
 guest ok = yes
 browseable = yes

我可以訪問/var和訪問/home/asterisk_recordingssamba 共享。

但我無法訪問/asterisk_recordings和/var/spool

這是他們的stat輸出：

[root@mistral home]# stat /asterisk_recordings/
 File: «/asterisk_recordings/»
 Size: 4096            Blocks: 8          IO Block: 4096   каталог
Device: 902h/2306d      Inode: 44564481    Links: 2
Access: (0775/drwxrwxr-x)  Uid: (  498/asterisk)   Gid: (  498/asterisk)
Access: 2016-10-15 04:07:42.351252721 +0700
Modify: 2016-10-15 04:08:13.475252709 +0700
Change: 2016-10-15 04:26:09.004783795 +0700

[root@mistral home]# stat /home/asterisk-recordings/
 File: «/home/asterisk-recordings/»
 Size: 4096            Blocks: 8          IO Block: 4096   каталог
Device: 902h/2306d      Inode: 11796594    Links: 2
Access: (0775/drwxrwxr-x)  Uid: (  498/asterisk)   Gid: (  498/asterisk)
Access: 2016-10-15 04:25:21.600783813 +0700
Modify: 2016-10-15 03:28:01.698832140 +0700
Change: 2016-10-15 04:02:58.235252829 +0700

[root@mistral home]# stat /var
 File: «/var»
 Size: 4096            Blocks: 8          IO Block: 4096   каталог
Device: 902h/2306d      Inode: 38797313    Links: 18
Access: (0755/drwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2016-10-14 22:17:06.070466036 +0700
Modify: 2016-10-02 20:33:45.489395585 +0700
Change: 2016-10-02 20:33:45.489395585 +0700

[root@mistral home]# stat /var/spool
 File: «/var/spool»
 Size: 4096            Blocks: 8          IO Block: 4096   каталог
Device: 902h/2306d      Inode: 38797581    Links: 10
Access: (0755/drwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2016-10-15 02:15:24.569158693 +0700
Modify: 2016-10-15 00:26:50.642447066 +0700
Change: 2016-10-15 00:47:54.304488080 +0700

有什麼問題？

嗯，SELinux 設置是原因。

setsebool -P samba_export_all_ro 1解決了我的問題。

引用自：https://unix.stackexchange.com/questions/316515