Samba errors?
Spiros B.
spiros at elefsina.timeplex.com
Tue Aug 12 13:38:13 GMT 1997
>
> this is a little confusing, however i think i follow you. the access
> that you are seeing, namely, C->A->PC is correct. your server A is
> exporting a directory on C. therefore, the PC, when connecting to A,
> will cause A to contact C.
>
> there are two ways round this:
>
> 1) upgrade samba to "DFS-aware"; upgrade your clients to "DFS-aware".
> this will involve some code writing in samba.
>
> 2) use the (new) automap features (that i don't fully understand) which
> will allow you to mount the user's home directory from the NIS auto.home
> map. this specifies the host as well as the directory. you will need to
> be running a samba server on _every_ host referred to in the auto.home
> map. i suspect that there is more work to do in this area.
>
Thank you very much for replying to my post Luke.
I am already using the auto.home NIS map in all of our systems and I have used
the nis homedir = Yes flag as well. What I do not understand is why would we
have to use samba on _every_ host in the automounter entries. Shouldn't samba
deny access to untrusted hosts?
Suppose the following :
3 Solaris machines... 1,2 & 3
If 1 is running an automounter , then 2 can mount from 1 no prob as long as it
is allowed to export the filesystem. Now, if 3 wants to mount that same
filesystem that 2 is mounting from 1, but being served by the 2 machine, the
cross mount will not work.
So, shouldn't samba by default not mount a filesystem that is not explicitly
exported as a local filesystem on a machine the server is running on?
> > Furthermore in this release, the following flags are not working as stated:
> >
> > wide links = No ( you have called it an Service specific attribute, while it
> > only gets read by the program if placed on the global section ) and it is
> > mounting the link point but does not follow it... Is there a reason to mount
if
> > you won't follow the link?
>
> don't know about this one.
>
> > invalid users = root, sys, daemon, anonymous, sync, nobody, guest
> > but yet I can do the following and mount with no problem:
> >
> > //A/root
>
> that depends on whether you have allowed guest access or not (which,
> amongst other things, is a compilation option).
>
> you will probably find that "invalid users", with the right kind of guest
> access compiled in, will be mapped to the guest account. set "guest ok
> = no" in each share that you do not wish to allow guest access. and
> check the guest compilation options.
>
I set guest ok = no , and I can still mount \\A\root . As far as compilation is
concerned, GUESTACCOUNT = nobody like default on the Makefile. One more thing...
In this distribution, people with the acc compiler will experience some internal
compiler errors; therefore, not being able to compile...An easy and necessary
workaround is to disable FLAGS1 in the Makefile or any other optimization flag
they may be using.... ( Found out the hard way ).
> > Also, invalid users is a (S) feature and not global according to the manual,
but
> > both services have to be placed on the global section in order to be read by
the
> > daemon. testparm executable program shows me that fact as soon as I place
the
> > services in [Global].
>
Thank you for this tip Luke,
Regards,
Spiros
More information about the samba
mailing list