[PATCH] Making shares unaccessible at root level mountable (aka solving bsc#8950 ...again)
Aurélien Aptel
aaptel at suse.com
Thu Jun 9 16:50:27 UTC 2016
Small update: I've written a powershell script to reproduce the problem
(attached). If you're wondering I'm not using samba see my notes
about it [1].
On the window server:
- Edit $Dir (script will create parent dirs)
- Edit $LimitedUser/$AdminUser to an existing one
- Run the script as admin
On the linux client:
- Mount the share sub dir with the limited user credentials:
mount //lutze/bug8950/sub/dir' /mnt \
-o 'domain=LURCH,ip=10.160.5.42,username=bill,password=*****,rw'
My second solution fails for the case when the dir *containing* the
shared dir restricts the limited user. See "HARD MODE" at the end
of the script.
1: http://diobla.info/stuff/bugs/bsc799133/#sec-4
--
Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97 8C99 03C8 A49B 521B D5D3
SUSE Linux GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG
Nürnberg)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: repro-8950.ps1
Type: application/octet-stream
Size: 1497 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160609/4899936b/repro-8950.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160609/4899936b/attachment.sig>
More information about the samba-technical
mailing list