SEC_STD_DELETE not granted in smb2.maximum_allowed in smbtorture

vvghnnjk vvghnnjk at
Fri Nov 24 08:44:42 UTC 2023

Hi, recently I have been using smbtorture as a testing tool to test my
Samba server and have encountered a failure in smb2.maximum_allowed
testcase. Upon inspecting the log, it was identified that SEC_STD_DELETE
access mask is getting denied:

se_access_check: MAX desired = 0x2010000, granted = 0x170089, remaining =
smbd_calculate_maximum_allowed_access_fsp: Status NT_STATUS_ACCESS_DENIED
on file torture_maximum_allowed: when calculating maximum access
open_file_ntcreate: smbd_calculate_access_mask_fsp on file
torture_maximum_allowed returned NT_STATUS_ACCESS_DENIED
create_file_unixpath: NT_STATUS_ACCESS_DENIED
streams_xattr_close: streams_xattr_close called [torture_maximum_allowed]
fd [30]

While it should be NT_STATUS_OK in source4/torture/smb2/max_allowed.c:
 for (i = 0; i < 32; i++) {
uint32_t mask = SEC_FLAG_MAXIMUM_ALLOWED | (1u << i);
* SEC_GENERIC_EXECUTE is a complete subset of
* SEC_GENERIC_READ when mapped to specific bits,
* so we need to include it in the basic OK mask.

Here is my settings:
Samba server version: 4.18.8
smbtorture version: 4.15.13-Ubuntu
storage backend: CephFS kernel mount
OS: Ubuntu22.04 / linux 5.15.0-88-generic

Here is my smb.conf:
disable spoolss = yes
dos charset = ascii
fileid:algorithm = fsid
load printers = no
printcap name = /dev/null
printing = bsd
smb ports = 445
vfs objects = fileid acl_xattr streams_xattr
hide files = /hidefile/
strict rename = no
netbios name = smbserver

browseable = yes
path = /mnt/smbserver/smbshare1
read only = no

I am wondering if the failure is caused by smbtorture or my config settings
or others. Thanks for any advice!

More information about the samba-technical mailing list