Disabling of "wide links" violates "principle of least surprise"

Volker Lendecke Volker.Lendecke at SerNet.DE
Sat May 8 06:10:23 MDT 2010 

On Sat, May 08, 2010 at 01:45:53PM +0200, Alain Knaff (Samba Lists) wrote:
> 1. Would it be possible to change the order of option parsing? Or do
> some kind of double pass over the file to handle these situations?

This is also not consistently possible. For the simple case
of just a single smb.conf file it might be possible. But it
will fall over if you have include statements with %U as
part of the path. In the initial run we do not see the
include file, and we have to tell the client about the unix
extensions before we know which user is about to connect.

> 2. Why not handle it the same way as read-only is handled:
> 
> We have a share declared as follows:
> 
> [netlogon]
>         comment = Network Logon Service
>         path=/samba/netlogon/%G
>         browseable = yes
>         writeable = no
>         guest ok = no
> 
> ... and we get:
> 
> root at hal:~# smbclient //hal/netlogon -U aknaff
> Password:
> Domain=[INFO] OS=[Unix] Server=[Samba 3.0.28a]
> smb: \> link /etc etc
> NT_STATUS_NETWORK_ACCESS_DENIED linking files (\etc -> \/etc)
> smb: \>
> 
> So, if it is possible to make symlinking unavailable for "writeable =
> no", why shouldn't it be possible to make it unavailable if "wide links
> = yes" is set.?

Just to make sure I understand you right: You want Samba to
report and follow existing wide links but not allow setting
them at all from the client if wide links are enabled? This
might indeed be a compromise. Jeremy should comment here.

> >> 2. or, if above is too complicated to implement, make it so that more
> >> well-known, or older options (that are more likely to be in wide,
> >> wanted, use) have priority over the new and more obscure options.
> > 
> > This is a bit hard to argue into either direction. We don't
> > really know which of the options are more popular.
> 
> When was the wide links option introduced?

Ages ago.

> When was the unix extensions option introduced?

Later than wide links. But it is not always clear from the
age of an option how popular it is. For example
"security=user" came later than "security=share", but I
would very much guess that security=user is the more popular
one.

> What is the main purpose of samba?

To serve our users best. Unfortunately, it is not always
possible to stay 100% compatible with all existing setups.

In this case we had to make a choice for which users we have
to cause trouble, and we decided to not break the users of
unix extensions. It was just not possible technically to
keep compatible with all setups.

All I can do is to express my regret about the grief we
caused for you. We have really tried to do our best to make
the consequences clear in our release notes. Unfortunately
as a daemon Samba is not able to pop up a message after an
upgrade to warn users about possible changes, so we have to
rely on people reading release notes. This might not in all
cases be possible due to time restrictions in urgency
situations, which is why minimize breaking existing setups
at VERY high cost. But sometimes we have to just step on
someones toes.

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100508/750eb2eb/attachment.pgp>

More information about the samba-technical mailing list