Samba caching directory handles? (Writes to incorrect home dir)

James Sutherland jas88 at cam.ac.uk
Tue May 15 13:04:15 GMT 2001 

On Tue, 15 May 2001, Andrew Bartlett wrote:
> James Sutherland wrote:
> > On Tue, 15 May 2001, Andrew Bartlett wrote:
> > > James Sutherland wrote:
> > > > On Tue, 15 May 2001, Andrew Bartlett wrote:
> > > >

> > It is: Windows caches the connection even after you log out. Stupid,
> > broken and insecure, but unless you're planning to send Microsoft a patch
> > to fix it, I think we're stuck with it :-)
>
> But the connection can't be resumed without another session setup, and
> hence another utmp entry.  Can it?

It isn't resumed, it's been retained from the previous session.

> > > Note that this is not a 'domain logon', its a normal file-share
> > > connction, and the drive is successfuly un-mapped when the user hits the
> > > 'disconnect' button on our logon applet.
> >
> > The drive is unmapped, but Windows doesn't drop the connection: it keeps
> > it cached.
>
> Note that the unmmapping is sufficient to avoid the crediential
> conflict, and we have no reports of users being able to intentionaly
> access the shares of others.  The attempted unmapping is also doing
> enough that it fails if there are files open over it.

> > The "feature" of \\server\homes doesn't work properly, and since this is a
> > Windows bug not a Samba one, there's nothing that can be done. Either
> > change to using \\server\username (which should be transparent, at least
> > if you're using something like NET USE /HOME) or put up with Windows
> > occasionally getting different users mixed up.
>
> These are NOT domain logons, they are file-share connects from NT
> machines in a compleatly different administrative domain.
>
> In any case, the problem with the \homes thing was the the previous
> connection would NOT allow users to access their new profile due to
> permissions.

Or rather, Windows would access the previous user's files (and fail),
because it would have cached the previous user's \\server\homes
connection.

> There is no permissions error in this case, the files
> appear contary to a mode 0700 directory.

Hrm. Yes, that's a little different from the symptoms cited as reasons
never to use \\server\homes - but since this "feature" doesn't work
anyway, it isn't thoroughly understood :-)


James.
-- 
"Our attitude with TCP/IP is, `Hey, we'll do it, but don't make a big
system, because we can't fix it if it breaks -- nobody can.'"

"TCP/IP is OK if you've got a little informal club, and it doesn't make
any difference if it takes a while to fix it."
		-- Ken Olson, in Digital News, 1988

More information about the samba-technical mailing list