Samba, CIFS and mkfifo

Anders Karlsson anders.karlsson at redhat.com
Fri Jan 26 09:48:38 GMT 2007


On Fri, 2007-01-26 at 00:31 -0800, Jeremy Allison wrote:
> On Fri, Jan 26, 2007 at 07:48:42AM +0000, Anders Karlsson wrote:
> > On Thu, 2007-01-25 at 19:08 -0800, Jeremy Allison wrote:
> > >  See this
> > > code from smbd/trans2.c:
> > > 
> > > ---------------server code---------------------
> > > uid_t myuid = geteuid();
> > > gid_t mygid = getegid();
> > > 
> > > /* We can only create as the owner/group
> > >  * we are. */
> > > 
> > > if ((set_owner != myuid) && (set_owner != (uid_t)SMB_UID_NO_CHANGE))
> > > 	return(ERROR_DOS(ERRDOS,ERRnoaccess));
> > > if ((set_grp != mygid) && (set_grp != (gid_t)SMB_GID_NO_CHANGE))
> > > 	return(ERROR_DOS(ERRDOS,ERRnoaccess));
> > > ---------------end server code---------------------
> 
> This code in the server is very clear. It won't allow
> you to create a fifo as any user other than the one you
> have connected as. If you set uid/gid == -1 then it
> assumes you want the connected user, otherwise it checks
> that the uid/gid you've sent is the same as the connected
> user (actually this is redundent as the server will *never*
> allow the client to specify a particular uid or gid so
> might as well ignore it here).

Okay, let me see if I understand this correctly. The 'connected user' in
this instance is the user specified in the 'mount.cifs' command with the
option 'user=xxxxx', or if left out, the user that issues the mount
request, not the user that subsequently attempts to create the FIFO in
the directory where the share is mounted - correct?

> > > Once you make sure the uid/gid that you're logged in on
> > > the client match the uid/gid that you are using on the
> > > server (ie. when you give username and password then
> > > the uid and gid must be the same on both server and
> > > client) then this should start working for you.
> > 
> > Okay, I am trying this.
> 
> That will be the problem. For 3.0.24 I might just
> remove this check due to the fact I mention above,
> the server will always ignore the requested values
> anyway.

So mounting the share with 'setuids' will simply not have any effect at
all when requesting the creation of a FIFO (and potentially other
filetypes) as the Samba server will (in future) _only_ use the uid/gid
supplied when initiating the session?

Thanks!

/Anders

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3679 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070126/6571228f/smime.bin


More information about the samba-technical mailing list