FW: Sporadic permission denied error in Samba 4.3 and 4.4, 4.2 OK

Jeremy Allison jra at samba.org
Tue Nov 15 18:44:50 UTC 2016


On Tue, Nov 15, 2016 at 06:37:23PM +0000, Youzhong Yang wrote:
> Thanks Jeremy and Volker.
> 
> I tested messaging using unix_msg_test_drain and unix_msg_test_source, there's nothing out of ordinary.
> 
> I dtraced sendmsg() and here are 3 error codes that it returns during the testing:
> 
> 13: EACCES
> 2: ENOENT
> 11: EAGAIN
> 
> What concerns me is the error code EACCES, its stack looks like the following:
> 
>               libc.so.1`__so_sendmsg+0xa
>               libsocket.so.1`sendmsg+0x1e
>               libmessages-dgm-samba4.so`unix_dgram_send_job+0x4e
>               libmessages-dgm-samba4.so`pthreadpool_server+0x17e
>               libc.so.1`_thrp_setup+0x8a
>               libc.so.1`_lwp_start
> 
> And indeed its euid is not 0(root) when EACCES was returned.
> 
> I tried to set euid and egid to 0 inside unix_dgram_send_job() at the beginning and the restore them at the end, then some of the smbd processes crashed with the following stack trace:

You can't use become_root()/unbecome_root() inside a
pthread_pool function - they're not thread safe.

It looks like on Solaris the permission check is
being done on every sendmsg, rather than only on
the connect() - that's a strange decision to make
and would make things slower - for a connected
socket you really only need to check permissions
on the connect() call.

Solaris doesn't have per-thread credentials, which
means changing to root in a thread for sendmsg()
will cause the entire process to change creds, again,
not what you want.

Given this sendmsg() seems very broken on Solaris :-(.



More information about the samba-technical mailing list