BUG: Incompatibility between Samba & Secure kernels (fwd)

David Collier-Brown davecb at canada.sun.com
Thu Jul 5 14:04:26 GMT 2001 

Xavier ROCHE <roche at serianet.com> wrote:
> Once security disabled in the SECURITY section, everything seems to work
> fine (no errors in the logs). I didn' have yet found exacly which
> security option is causing this mess, but I can try to compile several
> kernel releases and try to activate each option at time.
> 
> Is there a way to specify an option in smb.conf to disable shared memory,
> or to disable shared memory automatically when secured kernels are being
> used?
> 

	I find this problem puzzling:  I'm more familiar 
	with formal security such as the Orange Book set
	(I run Trusted Solaris on a machine at home), and
	wonder why a security kernel would have to be turned
	entirely off to reenable mmap... The README
	implies taht uoi only need to turn off the
	mmap-destroyer.

	On the other hand, Samba's behavior on failure
	is a bit frightening (:-)) In tdb_mmap() intdb.c,
	we return NULL to the callers, but the callers
	behave differently...

Functions calling this function: tdb_mmap
  File  Function   Line
1 tdb.c tdb_oob     209 tdb->map_ptr = tdb_mmap(tdb->map_size,
                        tdb->read_only,tdb->fd);
2 tdb.c tdb_expand  465 tdb->map_ptr = tdb_mmap(tdb->map_size, 0,
tdb->fd);
3 tdb.c tdb_open   1139 tdb.map_ptr = tdb_mmap(st.st_size,
tdb.read_only,
                        tdb.fd);

tdb_oob() and tdb_expand() just stuff the null into tdb->map_ptr,
and tdb_open() returns a pointer to the null.  None of the three
check for failure, although they have code to check for other
failures. This is arguably A Bad Thing.

I tentatively reccomend:
--- tdb.c       Thu Apr 19 08:47:24 2001
+++ tdb.c.new   Thu Jul  5 10:01:56 2001
@@ -1136,7 +1136,8 @@
         tdb.locked = calloc(tdb.header.hash_size+1,
sizeof(tdb.locked[0]));
         if (!tdb.locked) goto fail;
        if (!(tdb.flags & TDB_NOMMAP)) 
-               tdb.map_ptr = tdb_mmap(st.st_size, tdb.read_only,
tdb.fd);
+               if ((tdb.map_ptr = tdb_mmap(st.st_size, tdb.read_only,
tdb.fd)) == NULL)
+                       goto fail;
        if (locked) {
                tdb_clear_spinlocks(&tdb);
                tdb_brlock(&tdb, ACTIVE_LOCK, F_UNLCK, F_SETLK);


--dave





> --
> Xavier Roche
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
David Collier-Brown,           | Always do right. This will gratify 
Performance & Engineering Team | some people and astonish the rest.
Americas Customer Engineering  |                      -- Mark Twain
(905) 415-2849                 | davecb at canada.sun.com

More information about the samba-technical mailing list