A bug maybe; Write list access to Read only share; security = share?

Tony Gaddis tony at permastor.net
Thu Feb 3 18:38:47 GMT 2005

I wanted to think about this discussion overnight and collect my thoughts.
First, I will say again that with the "map to guest = bad user" option, I
can accomplish what I wanted.

Now if you will indulge me to neglect the complexities of Windows, legacy
installations and existing code complexity, I would like to share how it
might work more intuitively:

Global Configuration Options
-Security = {Samba, Server} -> Means authentication is performed by this
Samba instance or an external server; then there would be various Samba
authentication options, external server names and external authentication

-Guest account = {Existing user, Non existing user} -> Means that if
authentication fails and there is an Existing User as guest, authenticate
the user to have guest access privileges (including initial IPC connection).
If Non existing user, have Windows send the USER/Password message.

Share Configuration Options
-Read only = {yes, no}
-Guest ok = {yes, no}
-Write list = {user1, user2, ...}
-Valid user = {user1, user2, ...}

Then for an authenticate user or guest user:

Read Access to Share= Guest ok || Valid User; if fails, have Windows send
user/password message

Write Access to Share=(!Read only && Read Access) || (Read only && Write
list); if fails have Windows send user/password message

Now, it seems to me that the 'map to guest', which is set by default, never,
is a bit of a kludge, because I would have expected that since the Guest
account is typically set by default to a known user typically in smb.conf; a
non authenticated user should have been automatically mapped in security =
user mode.  Why else have a Guest account if this is not so?

My concern about the documentation, comes from the fact that I have always
found man pages a great place to go once you understand how something works.
Foolish me, I started with 2nd Edition Samba, which by the way only mentions
"map to guest" in the Configuration Appendix and neglects its mention at all
in the whole chapter on Users and Security, although there are examples of
configurations in the chapter that would not work without "map to user".
Then I went to the Samba download and went through the smb.conf.example
file, which also shows similar configuration options that would not work
without "map to guest".  By the way, "map to guest" is not mentioned
anywhere in the examples directory.  Now knowing that it exists, I find it
in the man pages and I also find it in the smb.conf that comes with RedHat.

I also realize that as developers, the focus is typically on the man page
and that others typically work on the "fluffy" documentation that beginners
start with.  Hopefully they will see this; I will send it to the Using Samba
authors, too. I guess I would also suggest that since the smb.conf.example
is part of the distribution, it might be a good idea to be a lot more
explicit about the interaction of authentication and share access options.

Thanks for listening, and I hope this is helpful.

Tony Gaddis

| I am referring smb.conf(5), simply adding to the last
| of write list, read list and admin users description in
| smb.conf(5) like:
|   This parameter will not work with the security =
|   share in Samba 3.0, this is by design.

Done.  Changes checked in for 3.0.11.  Thanks for the advice.

More information about the samba-technical mailing list