IPC User Problem (was Situational Deadlock)

Esh, Andrew Andrew_Esh at adaptec.com
Wed Jan 28 19:16:10 GMT 2004 

After more digging, I have learned more about the problem I am seeing. I noticed the log entries which were reporting the problem were referring to "\srvsvc", not the share I was trying to access:

[2004/01/28 11:59:59, 5, pid=10907, effective(0, 0), real(0, 0)] lib/util.c:show_msg(459)
  size=100
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=24
  smb_flg2=32771
  smb_tid=1
  smb_pid=57376
  smb_uid=103
  smb_mid=1152
  smt_wct=24
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=    0 (0x0)
  smb_vwv[ 2]= 3584 (0xE00)
  smb_vwv[ 3]= 1536 (0x600)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=40704 (0x9F00)
  smb_vwv[ 8]=  513 (0x201)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=  768 (0x300)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=  256 (0x100)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=  512 (0x200)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=  256 (0x100)
  smb_bcc=17
[2004/01/28 11:59:59, 10, pid=10907, effective(0, 0), real(0, 0)] lib/util.c:dump_data(1830)
  [000] 9C 5C 00 73 00 72 00 76  00 73 00 76 00 63 00 00  .\.s.r.v .s.v.c..
  [010] 00                                                . 
[2004/01/28 11:59:59, 3, pid=10907, effective(0, 0), real(0, 0)] smbd/process.c:switch_message(685)
  switch message SMBntcreateX (pid 10907)
[2004/01/28 11:59:59, 2, pid=10907, effective(0, 0), real(0, 0)] smbd/uid.c:change_to_user(141)
  change_to_user: Invalid vuid used 103 or vuid not permitted access to share.
[2004/01/28 11:59:59, 3, pid=10907, effective(0, 0), real(0, 0)] smbd/error.c:error_packet(114)
  error packet at smbd/process.c(739) cmd=162 (SMBntcreateX) NT_STATUS_NETWORK_ACCESS_DENIED

This is trying to create a connection to the $IPC service. The user name is "golem_", and golem's vuid is 103. The $IPC services had been opened by "nobody", which is the "guest" or default user, whose vuid is 100:

[root at r2c1n114 upgradetfs]# smbstatus

Samba version 3.0.1_adaptec
PID     Username      Group         Machine                        
-------------------------------------------------------------------
10907   golem_        friends       r4c5w115     (10.55.45.115)

Service         uid                  gid                  pid     machine  (connect from ip) on date
-------------------------------------------------------------------------------------------------------------
golem_          golem_               friends              10907   r4c5w115 (10.55.45.115) Wed Jan 28 11:59:20 2004
upgrade         golem_               root                 10907   r4c5w115 (10.55.45.115) Wed Jan 28 12:40:19 2004
IPC$            nobody               friends              10907   r4c5w115 (10.55.45.115) Wed Jan 28 12:38:38 2004
No locked files

Because of this, the following snippet of code in smbd/uid.c:check_user_ok(68) denies access, because I am using "force group", and "golem_" (vuid=103) does not match user "nobody" (vuid=100).

	if ((conn->force_user || conn->force_group) 
	    && (conn->vuid != vuser->vuid)) {
		return False;
	}

During the debugging session, I left gdb stopped long enough (while I stared at this) for the process to become stale. The client severed the connection and started a new one. The new connection has no problem accessing "\srvsvc", because it was connected to by the right user:

[root at r2c1n114 /root]# smbstatus

Samba version 3.0.1_adaptec
PID     Username      Group         Machine                        
-------------------------------------------------------------------
21208   golem_        friends       r4c5w115     (10.55.45.115)

Service         uid                  gid                  pid     machine  (connect from ip) on date
-------------------------------------------------------------------------------------------------------------
upgrade         golem_               root                 21208   r4c5w115 (10.55.45.115) Wed Jan 28 12:57:42 2004
IPC$            golem_               friends              21208   r4c5w115 (10.55.45.115) Wed Jan 28 12:57:29 2004
No locked files

So my question is: Is there something I can do to make sure the IPC connection is obtained by or converted for the user of the right user. Or, should I add something to the code on check_user_ok to allow any user's vuid to connect to the IPC service?

I'll try the latter while you're thinking about it.

---
Andrew C. Esh                mail:Andrew_Esh[at]adaptec.com
Adaptec, Inc.
2905 Northwest Blvd., Suite 20        763-557-9005 (main)
Plymouth, MN 55441-2644 USA      763-551-6418 (direct)

More information about the samba-technical mailing list