可以訪問 Samba 共享但不能列出共享

我為 Samba 配置了幾個共享（仍在測試），如果我寫了整個路徑（例如 \testserver\publicshare），我可以從 Windows 機器訪問這些共享，但如果我訪問 \testserver\，我會收到權限錯誤，我看不到該 samba 伺服器中的所有共享。

怎麼了？

這是我的配置文件：

# Samba configuration -- Managed by Ansible, please don't edit manually
# vim: ft=samba
#
# Ansible managed

[global]
 # Server information
 netbios name = testserver
 workgroup = WORKGROUP
 server string = Fileserver %m

 fruit:aapl = yes

 # Logging
 logging = syslog

 # Authentication
 security = user
 passdb backend = tdbsam
 map to guest = Never
 guest account = server

 # Name resolution: make sure \\NETBIOS_NAME\ works
 wins support = yes
 local master = yes
 domain master = yes
 preferred master = yes

 # Don't load printers
 load printers = no
 printing = bsd
 printcap name = /dev/null
 disable spoolss = yes

 # Fix for CVE-2017-7494 in Samba versions from 3.5.0 and before 4.6.4
 # https://access.redhat.com/security/cve/cve-2017-7494
 nt pipe support = no


## Make home directories accessible
[homes]
 comment = Home Directories
 browseable = no
 writable = yes


## Shared directories
[publicshare]
 comment = Public share, writeable by all members of group ‘users’
 path = /home/server/samba/shares/public
 public = yes
 write list = +users
 force group = users
 browseable = yes
 create mode = 0664
 force create mode = 0664
 directory mode = 0775
 force directory mode = 0775

[TimeMachine]
 comment = Share useable as a TimeMachine backup target on MacOS
 vfs objects = fruit streams_xattr 
 fruit:time machine = yes
 path = /home/server/samba/shares/tm
 public = no
 write list = server
 force group = server
 guest ok = no
 browseable = no
 create mode = 0664
 force create mode = 0664
 directory mode = 0775
 force directory mode = 0775

我實際上是在使用 Ansible 來部署 Samba。這是我的 yaml 文件：

---

# samba.yml

- name: Samba
 hosts: localhost
 connection: local
 become: true

 roles:
   - role: "bertvv.samba"
     tags: ["system"]
 vars:
     samba_apple_extensions: "yes"
     samba_guest_account: "server"
     samba_load_homes: true
     samba_netbios_name: "testserver"
     samba_shares:
     - name: publicshare
       comment: 'Public share, writeable by all members of group ‘users’'
       public: 'yes'
       write_list: +users
       group: users
       setype: public_content_t
       browseable: 'yes'
       path: /home/server/samba/shares/public
     - name: TimeMachine
       comment: 'Share useable as a TimeMachine backup target on MacOS'
       vfs_objects:
         - name: fruit
           options:
             - name: time machine
               value: 'yes'
         - name: streams_xattr
       path: /home/server/samba/shares/tm
       write_list: server
       owner: server
       group: server
       public: 'no'
       guest_ok: 'no'
       browseable: 'no'
     samba_map_to_guest: Never
     samba_users:
     - name: server
       password: -----

編輯： 找到了！就是這個參數：

nt pipe support = no

問題是以下參數：

nt pipe support = no

這是從我正在使用的 Ansible samba 角色中提取的 ( https://galaxy.ansible.com/bertvv/samba )

CVE-2017-7494 遠端程式碼執行漏洞可能會影響您的 Samba 伺服器安裝。Samba 版本 3.5.0 和 4.6.4 之前的版本會受到影響。如果您的系統上啟用了 SELinux，它就不會受到攻擊。

此角色將檢查已安裝的 Samba 版本是否受漏洞影響並應用建議的解決方法：將 nt pipe support = no 添加到

$$ global $$配置部分。請注意， 這將禁用 Windows 客戶端的共享瀏覽。 如有必要，您可以通過將角色變數 samba_mitigate_cve_2017_7494 設置為 false 來顯式禁用修復。

引用自：https://unix.stackexchange.com/questions/582066