[Samba] utmp grievances

Tom Crane uhap023 at sun.rhul.ac.uk
Mon Sep 22 20:39:12 GMT 2003

Dear All,

I have installed the current version of Slackware Linux which includes samba-2.2.8a. My previous system
had samba-2.0.7 with the utmp patch by David Lee applied. The original/patched utmp support had a 'utmp
hostname' parameter to select between logging by hostname or netbios name. This very useful parameter is
missing from 2.2.8a. IMHO this is a real pity. Is this an oversight or was there a reason for this?

Even worse, 2.2.8a actually logs by IP address rather than hostname despite the relevant variable in
smbd/utmp.c being 'hostname'. My machine is running bind so I presume this is intentional? If so it seems
a bit ugly -- I mean eg. telnet connections are logged in utmp/wtmp by hostname if one exists.

One other thing: My old system ran with 'security = share' and the new one I've configured with 'security
= user'. I found (after much initial puzzlement) that this was necessary on 2.2.8a to get the utmp
logging to work! I have a 'username map' file with entries like;

!unixuser1 = Windows user1
!unixuser2 = Windows user2
myguest = *

where myguest is a real user (with passwd & smbpasswd) passwords. I have some 'guest ok' plus 'guest
only' shares which should be accessible to everyone -- eg. public access printer and readonly /pub

My 'objection' is that utmp/wtmp logs connections to these public shares as being from user myguest,
despite the remote PC user not knowing/specifying the password for myguest. I have a 'guest account =
nobody' global record in smb.conf where the nobody user is password-less. Surely utmp/wtmp should log
such connections as coming from nobody (as the patched 2.0.7 + 'security = share' system does). Again,
this seems misleading and undesirable.

I'm tempted to try back-porting the 'utmp directory' feature into 2.2.8a --  Are there any pitfalls
I should be aware of?

Tom Crane

More information about the samba mailing list