hide unreadable bug ?
Pierre Filippone
pierre.filippone at retail-sc.com
Tue Aug 16 13:28:34 GMT 2005
Hi,
I think, I found a bug in 3.0.20rc2 regarding "hide unreadable".
I have set up 3 Windows domains:
domA - Samba domain (3.0.20rc2), PDC is also file server.
domB - NT 4 domain
domC - Win2003 AD
I have bi-directional trust between the samba domain and the others.
winbind on the samba PDC/fileserver is configured with "winbind trusted
domain only = yes".
The trust works fine: whenever I access a share on the samba fileserver
from a trusted domain (as domB\myuid or domC\myuid) and myuid exists in
domA it is mapped to that uid and I can access all resources that are
accessible for domA\myuid or a group that user is member of.
The error occurs, when I use "hide unreadable" on a share on the samba
fileserver. Access as domA\myuid works as designed - working as a foreign
user (domB/C\myuid) I cannot see files which should be readable for me
(rwx------ myuid mygid). When I change permissions to (rwxr----- myuid
mygid) I can see the files.
When I try to access the hidden files directly the log says:
se_access_check: ACE 0: type 0, flags = 0x00, SID =
S-1-5-21-1745916536-3417616236-1505230456-21006 mask = 1f01ff, current
desired = 1
se_access_check: ACE 1: type 0, flags = 0x00, SID =
S-1-5-21-1745916536-3417616236-1505230456-14333 mask = 0, current desired
= 1
se_access_check: ACE 2: type 0, flags = 0x00, SID = S-1-1-0 mask = 0,
current desired = 1
[2005/08/16 14:59:33, 5, effective(10003, 6666), real(10003, 0)]
lib/util_seaccess.c:se_access_check(314)
se_access_check: access (1) denied.
The SIDS are those of domA\myuid and its primary group sid. So the mapping
works.
When I remove "hide unreadable" I can even write the files and directories
I could not see before.
BUG ?
Regards,
Pierre Filippone
More information about the samba-technical
mailing list