Profile Details

Toggle Sidebar
Recent updates
  • Thanks for the info.

    In fact, I think there a kind of cache information somewhere, may be on windows client (windows 7).
    because some configuration that works at a time, no longer works some other time.
    Changing the owner, the group or the right is a kind of "temporary" workaround"...

    I defentively need log or information to understand why access is rejected....
    But even when raising the log level I do not get any valuable information...

  • Well Group bit is present on many directory but just one provide issues...
    What am I supposted to do with "Third PArty App access" ? Set to read only ?
    Which is strange is that I do not change anything and the share stop working.

  • Hi,

    Here is the beginning of /etc/samba/flexshare.conf because quite long file


    Yep I've set the Group bit because file could be generated here with several ways and apache must always be able to read the file in order to web flexshare to display it.
    cpt.att are my accounting attachment. so mainly it's PDF I could save in the share by :


    • copy windows share
    • Upload php
    • Transfert FTP
    • Email send (on previous version of clearos)

    So user that create the file may vary a lot this why I need the group to stay moi_http which means : me and apache :)

    This is also true with rtorrent user this is why group sticky bit is so often set... to allow read of even write/delete by apache or rtorrent

  • Hi,

    Here is the result of the command :




    Here are the shares : The share with trouble is "cpt.att"


    My user is "lazer".

    I had 777 and then Samba is now working. I remove 777 (I set 770 as shwoned) and the share is still OK (even if I restart smb service)...
    I had to add apache in order to web flexshare to run OK.
    apache is either as owner or in group like : moi_http or maison_plus

  • My samba share is down if folder is not 777

    Hi,

    I've got several windows share on flexshare bt I've got intermitent issue.
    When a share is broken (no longer work) I need to reboot Clear OS in order to get it work again.
    I've got error on Windows, while I could access to other share.
    When I create a new Fleaxshare to "allusers" I can't get access to it.
    When I set 777 for this new folder it's OK.

    I've got no idea about the issue and I do not find a lot information on samba logs.
    I've tryed tu stop and start smb nmb and winbind without any succes.

    Any suggestion is welcome...

  • Taryck BENSIALI
    Taryck BENSIALI's reply was accepted as an answer

    Re: Flexshare twice the same content (partition) Read-Write & Read-Only

    A better workaround was to :


    1. Create a new Flexshare :
    2. Edit /etc/clearos/flexshare.conf to change ShareDir=/var/flexshare/shares/ New flexshare to existing flexshare (to set as read only)
    3. Remove /var/flexshare/shares/ New flexshare


    With that I do not need to edit smb.conf

  • Here is what I've done. Sorry this is my own remind and some text is in French... Use google translate if needed :

    VirtualBox
    Sources : Guide
    Installation
    Install Virutal box Repo :



    Virtual_Box_Install.yum content :




    Création utilisateur
    Créer utilisateur virtualbox via webconfig Authorisation /bin/bash


    Installation Extension Pack
    Download : https://www.virtualbox.org/wiki/Downloads
    Installation (as root) :


    Recopie config VirtualBox
    Se connecter avec user virtualbox
    Puis lancer : virtualbox
    Pour avoir cet ecran vierge :
    https://networkingit.files.wordpress.com/2011/03/welcome-screen.jpg
    Quitter virtual Box

    Trouver la source

    Copier :


    Identifiez la localisation des VM et donnez les droits à virtualbox :

    Relancer virutalbox
    Pour avoir ca :
    https://i.stack.imgur.com/LfUin.png

  • Increase flexshare SSL tests scores - www.ssllabs.com/ssltest

    Hi,

    I was checking the ssl test scrore that are correct (A) with a certificate from letsencrypt.
    To increase to (A+) I had to fix cypher used.
    As you know this information is stored (hard coded) within Flexshare.php file.

    Here is the change requested with a proposed and coded solution

    In order to be more flexible to SSL evolution I've changed Flexshare.php to use SSL option from a new file : /etc/clearos/flexshare-HTTPS-options.conf
    If this file do not exists, the hard coded default SSL option is dumped to this file that will look like this :

    Allowing user (expert) to change it.

    then the content of this file is used to fullfill the virtual host information like this :


    Please find the new Flexshare.php :

    Please also note that I fixed some "issue" about web share path which is sometimes :


    • self::SHARE_PATH . "/$name"
    • $share['ShareDir']

    This value shouldn't be different unless user edit /etc/clearos/flexshare.conf
    However, because web support share outside of /var/flexshare/shares i've aligned all on : $share['ShareDir']

    All this changes are maked with :


    Feel free to contact me for any question.
    Please not that the best SSL options I've founded and save into /etc/clearos/flexshare-HTTPS-options.conf are :


    Where I get A+ Score with :

    • Certificate : 100%
    • Protocol Support : 95%
    • Key Exchange : 90%
    • Cipher Strength : 90%

  • Nick is right. I've done this for most (quite all) my flexshare and this is the unique way to make this works for all flexshare options specialy FTP.
    If you need only samba you could just edit : /etc/clearos/flexshare.conf
    this way

  • Taryck BENSIALI
    Taryck BENSIALI replied to a discussion, Letsencrypt ClearOS 7

    Hi all,

    News from letsencrypt.org : Wildcard Certificates Coming January 2018
    Let’s Encrypt will begin issuing wildcard certificates in January of 2018.

    Tips :

    helps you to check if script will expire (or not) within the next 24 hours. So do not ask for renew if not required.
    Renew scriopt should be scheduled weekly I suggest due to the short time of the cert.

    For OpenVPN I do not think official certificates are required because this is OpenVPN to check the validity of the client certificate. And I don't think letsencrypt provide client certificates or CA.

    Servers only, validated by domain name: this excludes client certificates.

    Can I use certificates from Let's Encrypt for code signing or email encryption?

    No. Email encryption and code signing require a different type of certificate than Let's Encrypt will be issuing.

    No other usage than servers.


    For email, I guess it could be interesting however, I don't think letsencrypt provide client certificates..

    You also should edit /etc/letsencrypt/renewal/<domaine>.conf to raise :

    to a little higher value like 15 days.