Samba caching directory handles? (Writes to incorrect home dir)
James Sutherland
jas88 at cam.ac.uk
Tue May 15 13:04:15 GMT 2001
On Tue, 15 May 2001, Andrew Bartlett wrote:
> James Sutherland wrote:
> > On Tue, 15 May 2001, Andrew Bartlett wrote:
> > > James Sutherland wrote:
> > > > On Tue, 15 May 2001, Andrew Bartlett wrote:
> > > >
> > It is: Windows caches the connection even after you log out. Stupid,
> > broken and insecure, but unless you're planning to send Microsoft a patch
> > to fix it, I think we're stuck with it :-)
>
> But the connection can't be resumed without another session setup, and
> hence another utmp entry. Can it?
It isn't resumed, it's been retained from the previous session.
> > > Note that this is not a 'domain logon', its a normal file-share
> > > connction, and the drive is successfuly un-mapped when the user hits the
> > > 'disconnect' button on our logon applet.
> >
> > The drive is unmapped, but Windows doesn't drop the connection: it keeps
> > it cached.
>
> Note that the unmmapping is sufficient to avoid the crediential
> conflict, and we have no reports of users being able to intentionaly
> access the shares of others. The attempted unmapping is also doing
> enough that it fails if there are files open over it.
> > The "feature" of \\server\homes doesn't work properly, and since this is a
> > Windows bug not a Samba one, there's nothing that can be done. Either
> > change to using \\server\username (which should be transparent, at least
> > if you're using something like NET USE /HOME) or put up with Windows
> > occasionally getting different users mixed up.
>
> These are NOT domain logons, they are file-share connects from NT
> machines in a compleatly different administrative domain.
>
> In any case, the problem with the \homes thing was the the previous
> connection would NOT allow users to access their new profile due to
> permissions.
Or rather, Windows would access the previous user's files (and fail),
because it would have cached the previous user's \\server\homes
connection.
> There is no permissions error in this case, the files
> appear contary to a mode 0700 directory.
Hrm. Yes, that's a little different from the symptoms cited as reasons
never to use \\server\homes - but since this "feature" doesn't work
anyway, it isn't thoroughly understood :-)
James.
--
"Our attitude with TCP/IP is, `Hey, we'll do it, but don't make a big
system, because we can't fix it if it breaks -- nobody can.'"
"TCP/IP is OK if you've got a little informal club, and it doesn't make
any difference if it takes a while to fix it."
-- Ken Olson, in Digital News, 1988
More information about the samba-technical
mailing list