Can't connect to samba after update; Service is running (2022-08-13++)

Thank you. This is what I needed to do also. The SAMBA doc should be updated to include this step.

Hello, Manjaro Users

I’m so sorry but that not fixed my problem [My Dirty Solution below :white_check_mark::exclamation:] , I think AppArmor is preventing something with Samba…

I’m already tried that, even clean smb.conf with no share at all

[global]
   workgroup = TACKLE
   server string = Manjaro Samba Server
   server role = standalone server
   log file = /var/log/samba/log.%m
   max log size = 50
   guest account = nobody
   map to guest = Bad Password

   min protocol = SMB2
   max protocol = SMB3

Screenshot_20220818_104614

I’m still unable to connect to Samba. :exclamation:Only dirty way to fixed my problem is Disable AppArmor :white_check_mark:

#- Disable AppArmor
systemctl disable apparmor
#- and reboot your computer
reboot
#- Problem fixed, but dirty way

#- For random people on the internet, you can re-enable AppArmor again by
systemctl enable apparmor
#- and reboot your computer
reboot

And Fixed!!! :rofl: :white_check_mark:
That very dirty way. I need more time to troubleshooting and understanding apparmor… Like how to property configuration AppArmor with Samba

Screenshot_20220818_110311

It’s working but less secure :sweat_smile: … Yep I known that very bad idea to Disable AppArmor
Now I’m known the root problem is AppArmor

:question:Anyone have any idea how to proper way to fix my AppArmor?

//Almost problem solved

Thank you
Apidech T.

3 Likes

Glad to hear your problem got fixed @Tacklezaza
I’m still stuck how to edit AppArmor, when I first configured it , it stopped working so I bring it back to its original state and AppArmor start working again so surely I don’t know how to edit AppArmor
can someone help me?
let’s say I have following location and I want to make it read, write and executable

/mnt/befadfl-asdklf-wuqio-0e1/cupcakes/pineapple

How can I do it?

Hi, @Char

OK. what have you tried so far … I mean what have you done. what config that you already tried and not working… for example, post like this and other user can help you

#- nano /etc/apparmor.d/local/usr.sbin.smbd
"/mnt/befadfl-asdklf-wuqio-0e1/cupcakes/pineapple/" rk,
"/mnt/befadfl-asdklf-wuqio-0e1/cupcakes/pineapple/**" lrwk,

Don’t forget to restart your pc every time you changed the config. Since AppArmor is not a normal service that you can systemctl restart apparmor like other service. It’s need to deep reload in some way

Did my dirty solution work for you? Just asking…

sudo systemctl disable apparmor
reboot
1 Like

I tried this and it’s not working

"/mnt/befadfl-asdklf-wuqio-0e1/cupcakes/pineapple" rwx

Have you tried simple smb.conf with no sharing

[global]
   workgroup = TACKLE
   server string = Manjaro Samba Server
   server role = standalone server
   log file = /var/log/samba/log.%m
   max log size = 50
   guest account = nobody
   map to guest = Bad Password

   min protocol = SMB2
   max protocol = SMB3

//then systemctl restart smb

And try to browse your samba, can you browse it? with file browser or with terminal?

smbclient -L localhost -U%

Have to tried to disable AppArmor? like I said before systemctl disable apparmor

I tried a simple AppArmor config it seems to work now. I can access the files in the share.

❯ cat /etc/apparmor.d/local/usr.sbin.smbd
“/mnt/Data/Shared/**” rwlk,

Only thing is when you try to list the shares using smbclient -L host_name_here you do not get a list.

❯ smbclient -L localhost -U%

        Sharename       Type      Comment
        ---------       ----      -------
SMB1 disabled -- no workgroup available

1 Like

Thank you @TheInvisible for finding the solution.

I’m not sure I understand you…
in my case whitelisting the folder containing the shares like in the example above, did the trick.
the old config for example is working again without changing anything.

smbclient -L localhost -U%

not showing shares is normal I think under these circumstances,
as is not being able to directly access smb://hostname/ since a couple of major updates ago
but being ignorant, I leave this up to the more experts here to shed some light on this matter.

by specifying hostname and share name explicitly I’m able to access all configured shares
smb://hostname/sharename

this works for me on the Linux box and from any other windows10/11 machines on our lan.

woho it start working for me too but in my case I had to completely disable AppArmor
I hope it’s not some crucial config file and hopefully my system wouldn’t broke

Thank you everyone!

solution for me

Attempt all upgrades that exclude apparmor.
Do not upgrade to disable apparmor. use 3.0.4-2.
do not use 3.0.7.

This is working perfectly for now.

1 Like

I took some screenshots and wrote a description on them.
However, I seem to have restrictions on posting pictures,
I hope I conveyed my intentions well.

provisionally,

  1. Don’t upgrade apparmor.
  2. Everything else, upgrade.
  3. No need to edit smb.conf
  4. No need to edit apparmor settings.
  5. Use apparmor with 3.0.4-2.

Sorry for my bad English. I only know my native language, Japanese.

My share is below.

  1. xfs
  2. zfs
  3. btrfs
  4. ext4 (/home)

from iOS, XPERIA, GALAXy is Okay.
Sharing from kvm(w10,ubuntu) is also no problem.

It now seems to be working exactly as it has for years.

1 Like

Please do not advise to not update packages and bring systems to an (unsupported) partial update state.

I know!! thank you.
If I can find a way to make it work in 24 hours, I will.

Thanks again.
I don’t want to do that either. Of course.

Thank you for posting this solution @TheInvisible. I’m close to the fix but don’t seem to have the correct pathname. Desired folders are on a network NAS that Dolphin has worked with for months.

“smb://bigmamou.local/” is the path in the “File or folder…does not exist.” message and that’s what I tried in usr.sbin.smbd with the two lines:

 "smb://bigmamou.local/" rk,
 "smb://bigmamou.local/**" lrwk

Normally, in Dolphin, I would browse Network > Shared Folders (SMB) > BigMamou

Switched to Linux a few short months ago and am a total Noob when it comes to solving these situations.

Disabling AppArmor did the trick for me. My Samba shares are including symlinks, mounted directories from veracrypt and other specialties and I just for the love of god could not make AppArmor accept these shares as exception in usr.sbin.smbd. Not the ideal solution, but at least a workaround for now.

I installed a fresh copy of Manjaro (manjaro-kde-21.3.7-220816-linux515.iso), which doesn’t come with apparmor by default (not in /etc/default/grub or systemctl), and I’m getting the same issue when adding users to shares within Dolphin:

net usershare add: cannont convert name “my_username” to a SID. The transport connection is now disconnected.

1 Like

Hi!!
I’ve found this:
https://bbs.archlinux.org/viewtopic.php?id=276044

It seems a bug upstream…

1 Like

I’m having the same problem, and whitelisting the paths didn’t seem to solve it. Had to temporarily disable apparmor. Is apparmor useful anyway? I’ve been using Manjaro for years and never know its existence

Modifying apparmor policy file for smbd didn’t fix the problem (even after restarting computer). I also needed to disable apparmor…