2.0.7pre3: misc issues
Giulio Orsero
giulioo at pobox.com
Mon Apr 3 07:32:59 GMT 2000
My systems: rh61, 2.2.14 + smbfs-nls.patch.
=== 1) Samba seems to override unix permissions in a particular case.
I get the very same behavior of:
http://us1.samba.org/listproc/samba-technical/February2000/0476.html
=== 2) browsing behavior: anonymous login
There is a different behavior doing
smbclient -L -U%
if the server is samba or nt/w2k
nt wants a correct user/pass pair if guest account is disabled, wants
whatever user (even a wrong one, but it wants it) if guest account is
enabled, example:
smbclient -L nt -U%
never shows the shares
smbclient -L samba -U%
shows the shares
If nt has the guest account you need
smbclient -L nt -Uany_wrong_user%
to get the share
Could -U% somehow trigger the use of the guest account on an nt machine
with guest account enabled?
=== 3) docs
- DOMAIN.txt is to be updated for logon_path/logon_home switch for
win9x.
- smbmount.txt: every occurrence of "-t smb" should be changed in "-t
smbfs"
- man smbmount: "-t smb" --> "-t smbfs"
- A.Tridgell said that "writable" as no effect for a print share
---------- from an email on the list:
> The setting of the writeable parameter doesn't seem to have any effect
> on access to the printer so what does setting writeable = no actually
> do?
it doesn't do anything :)
----------
if this is true then the following example, and its comment, in man
smb.conf
[aprinter]
path = /usr/spool/public
writeable = false
printable = true
guest ok = true
is misleading.
The same is true for occurrences in PRINTER_DRIVER.txt and Faxing.txt.
I think it's better to take out every writable/read only/write ok
parameters from print shares examples if they don't do anything.
=== 4) sighup/log reopening logs.
Even if the release notes of 2.0.6 say the issue is solved, this is not
the case for my systems: connections that are already active keep
logging to the old logs; logrotate rotates/zips the logs and samba stops
logging completely till restart.
I think you could put a note about the "copytruncate" directive as a
comment in the samba.log (logrotate config file) file, so that if
someone has problems he can quickly see one possible solution.
The "copytruncate" option didn't exist in old logrotate versions.
=== 5) wins-hook fires for group names <00> and <1E> (A.Tridgell said it
should fire for unique names only)
pre1
2000-02-17 10:23:12 add OEMWORKGROUP 00 518400 255.255.255.255
2000-02-27 11:00:49 add WORKGROUP 00 518400 255.255.255.255
2000-02-27 11:00:49 add WORKGROUP 1e 518400 255.255.255.255
2000-03-01 10:48:48 add WORKGROUP 00 518400 255.255.255.255
2000-03-01 10:48:48 add WORKGROUP 1e 518400 255.255.255.255
2000-03-01 18:44:21 add OEMWORKGROUP 00 518400 255.255.255.255
2000-03-06 21:27:45 add WORKGROUP 00 518400 255.255.255.255
2000-03-06 21:27:46 add WORKGROUP 1e 518400 255.255.255.255
2000-03-10 11:45:12 add OEMWORKGROUP 00 518400 255.255.255.255
2000-03-10 11:57:59 add OEMWORKGROUP 1e 518400 255.255.255.255
pre2 is the same
2000-03-18 15:10:23 add WORKGROUP 00 518400 255.255.255.255
2000-03-18 15:10:23 add WORKGROUP 1e 518400 255.255.255.255
pre3
2000-04-02 12:12:40 add WORKGROUP 00 518400 255.255.255.255
2000-04-02 12:12:40 add WORKGROUP 1e 518400 255.255.255.255
=== 6) logging: connection attempts with wrong password
samba doesn't log (at standard log level) the ip address of a machine
from where a user tries to connect with a wrong password, or without
being in "valid users". I'd like to know who is trying to access a
non-public share using every possible password.
Example:
$ smbclient '\\myserver\myhome' -Ufffff%dddd
produces on myserver
[2000/04/02 12:05:40, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'fffff' in UNIX password database.
[2000/04/02 12:05:40, 1] smbd/password.c:pass_check_smb(492)
Couldn't find user 'fffff' in UNIX password database.
No ip of client, double log (2 lines of log) if the test is done from a
2.0.7 smbclient, just 1 line of log if from 1.9.18 smbclient.
=== 7) logging: samba domain member
There are two 2.0.7: the 1st is PDC, the other is domain member of the
1st PDC.
Authentication works ok, the domain member has an empty smbpasswd file.
When I connect to my homeshare on the domain member I get in the member
logfile
[2000/04/02 12:10:43, 1] smbd/password.c:pass_check_smb(500)
Couldn't find user 'go' in smb_passwd file.
[2000/04/02 12:10:47, 1] smbd/password.c:pass_check_smb(500)
Couldn't find user 'go' in smb_passwd file.
[2000/04/02 12:10:47, 1] smbd/service.c:make_connection(550)
notebook (10.0.0.179) connect to service go as user go (uid=801,
gid=801) (pid 2282)
I don't understand why it logs that it can't find "go" in smbpasswd
(twice) since the primary auth source is the pdc which gives ok to my
userid/password pair. It shouldn't look at the smbpasswd file at all if
the pdc is there online, should it?
All works, but the log says something that could be interpreted
as a problem. I routinely grep the logs for anomalies and these are
false positives.
--
giulioo at pobox.com
--
giulioo at pobox.com
More information about the samba
mailing list