Macros in service names

ian j hart spoofer at ntlworld.com
Thu Jan 24 17:16:37 GMT 2002


ian j hart wrote:
> 
> What's the status on %u in [homes] path? I know this
> was removed some time ago for security reasons.
> 
> I'd like to upgrade to 2.2.2 to see if it fixes my
> oplock problems, but I need path = /home/pcusers/%u
> (or %S?)
> 
> I'm getting share not found. At first I thought that
> the code had not been fixed, but I just noticed a weird
> thing.
> 
> If /home/user exists I can log in, and I get the
> right directory ie /home/pcusers/user.
> 
> AHA, changing master.passwd to suit allows a login
> (I'm using NIS if that matters) without /home/user.
> 
> Well this is okay, BUT I normally run with login.conf
> set to requirehome. This is a safety net if some idiot
> (ie me) enables telnet et al. This is a change in
> behavior from 2.2.1a is it not? FWIW I tested both
> with and without requirehome. Seems to make no
> difference.
> 
> This is on FreeBSD and it's release + port patches
> not a cvs version.
> 
> While I'm waxing lyrical, any chance of (plain) NIS
> support for smbpasswd? The FreeBSD version is quite
> secure. I'm doing a manual scp at present. I managed
> to configure NIS to distribute the map and was
> quite dissapointed when I found that samba only
> supports NISPLUS.

No takers?

I've looked at the code and confirmed that it works
the way I descibed. If you don't have a "unix" home
directory, you can't connect to your samba home
directory.

*** smbd/service.c

int find_service(char *service)
{
   int iService;

   all_string_sub(service,"\\","/",0);

   iService = lp_servicenumber(service);

   /* now handle the special case of a home directory */
   if (iService < 0)
   {
      char *phome_dir = get_user_home_dir(service);
*** ie get_UNIX_home_dir

      if(!phome_dir)
      {
        /*
         * Try mapping the servicename, it may
         * be a Windows to unix mapped user name.
         */
        if(map_username(service))
          phome_dir = get_user_home_dir(service);
      }

      DEBUG(3,("checking for home directory %s gave %s\n",service,
            phome_dir?phome_dir:"(NULL)"));

      iService = add_home_service(service,phome_dir);
...

int add_home_service(char *service, char *homedir)
{
        int iHomeService;
        int iService;
        fstring new_service;
        char *usr_p = NULL;

        if (!service || !homedir)
                return -1;

        if ((iHomeService = lp_servicenumber(HOMES_NAME)) < 0)
                return -1;

        /*
         * If this is a winbindd provided username, remove
         * the domain component before adding the service.
         * Log a warning if the "path=" parameter does not
         * include any macros.
         */

        fstrcpy(new_service, service);

        if ((usr_p = strchr(service,*lp_winbind_separator())) != NULL)
                fstrcpy(new_service, usr_p+1);

        lp_add_home(new_service,iHomeService,homedir);
...

*** param/loadparm.c

BOOL lp_add_home(char *pszHomename, int iDefaultService, char *pszHomedir)
{
        int i;
        SMB_STRUCT_STAT buf;

        /* if the user's home directory doesn't exist, then don't
           add it to the list of available shares */
        if (sys_stat(pszHomedir, &buf))
                return False;
*** dies here
        i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
...

If the "unix" home directory exists this works because
add_a_service only checks that the pszHomename is not an
existing service. It also does this...

        if (name)
        {
                string_set(&ServicePtrs[i]->szService, name);
        }

but I have no idea what this does :)

-- 
ian j hart




More information about the samba-technical mailing list