hide unreadable bug ?

Pierre Filippone pierre.filippone at retail-sc.com
Tue Aug 16 13:28:34 GMT 2005


I think, I found a bug in 3.0.20rc2 regarding "hide unreadable".

I have set up 3 Windows domains:
domA - Samba domain (3.0.20rc2), PDC is also file server.
domB - NT 4 domain
domC - Win2003 AD

I have bi-directional trust between the samba domain and the others.
winbind on the samba PDC/fileserver is configured with "winbind trusted 
domain only = yes".
The trust works fine: whenever I access a share on the samba fileserver 
from a trusted domain (as domB\myuid or domC\myuid) and myuid exists in 
domA it is mapped to that uid and I can access all resources that are 
accessible for domA\myuid or a group that user is member of.

The error occurs, when I use "hide unreadable" on a share on the samba 
fileserver. Access as domA\myuid works as designed - working as a foreign 
user (domB/C\myuid) I cannot see files which should be readable for me 
(rwx------ myuid mygid). When I change permissions to (rwxr----- myuid 
mygid) I can see the files.

When I try to access the hidden files directly the log says:

  se_access_check: ACE 0: type 0, flags = 0x00, SID = 
S-1-5-21-1745916536-3417616236-1505230456-21006 mask = 1f01ff, current 
desired = 1
  se_access_check: ACE 1: type 0, flags = 0x00, SID = 
S-1-5-21-1745916536-3417616236-1505230456-14333 mask = 0, current desired 
= 1
  se_access_check: ACE 2: type 0, flags = 0x00, SID = S-1-1-0 mask = 0, 
current desired = 1
[2005/08/16 14:59:33, 5, effective(10003, 6666), real(10003, 0)] 
  se_access_check: access (1) denied. 

The SIDS are those of domA\myuid and its primary group sid. So the mapping 

When I remove "hide unreadable" I can even write the files and directories 
I could not see before. 



Pierre Filippone

More information about the samba-technical mailing list