Samba, CIFS and mkfifo

Jeremy Allison jra at samba.org
Fri Jan 26 08:31:36 GMT 2007


On Fri, Jan 26, 2007 at 07:48:42AM +0000, Anders Karlsson wrote:
> On Thu, 2007-01-25 at 19:08 -0800, Jeremy Allison wrote:
> > Ok, I can see the problem in the capture trace. The
> > mkfifo call is being done with uid and gid of zero
> > - this is explicitly refused in the server.
> 
> In the trace, there is two attempts. One with the FIFO being called
> 'abc' - done as root. The other, a bit further on, called 'aabb' done as
> the user 'cifs' which is the mount user (and admin user for the share).
> 
> Using a different user still yield a EACCES error.
> 
> >  See this
> > code from smbd/trans2.c:
> > 
> > ---------------server code---------------------
> > uid_t myuid = geteuid();
> > gid_t mygid = getegid();
> > 
> > /* We can only create as the owner/group
> >  * we are. */
> > 
> > if ((set_owner != myuid) && (set_owner != (uid_t)SMB_UID_NO_CHANGE))
> > 	return(ERROR_DOS(ERRDOS,ERRnoaccess));
> > if ((set_grp != mygid) && (set_grp != (gid_t)SMB_GID_NO_CHANGE))
> > 	return(ERROR_DOS(ERRDOS,ERRnoaccess));
> > ---------------end server code---------------------

This code in the server is very clear. It won't allow
you to create a fifo as any user other than the one you
have connected as. If you set uid/gid == -1 then it
assumes you want the connected user, otherwise it checks
that the uid/gid you've sent is the same as the connected
user (actually this is redundent as the server will *never*
allow the client to specify a particular uid or gid so
might as well ignore it here).

> > Once you make sure the uid/gid that you're logged in on
> > the client match the uid/gid that you are using on the
> > server (ie. when you give username and password then
> > the uid and gid must be the same on both server and
> > client) then this should start working for you.
> 
> Okay, I am trying this.

That will be the problem. For 3.0.24 I might just
remove this check due to the fact I mention above,
the server will always ignore the requested values
anyway.

Jeremy.


More information about the samba-technical mailing list