[Samba] Database Problems

Andrew Bartlett abartlet at samba.org
Sun Apr 10 23:45:15 GMT 2005

On Fri, 2005-04-08 at 13:10 -0700, Tom Skeren wrote:

> [tabs3]
>         path = /usr/home/camarillo/open/STI_Remote
>         force user = root
>         read only = No
>         create mask = 0740
>         force create mode = 0740
>         force directory mode = 0740
>         directory security mask = 0740
>         guest ok = Yes
>         veto oplock files = rmtfee.dat, rmtfee.idx

Just a quick note to others - this looks like a security nightmare -
imagine a user connecting in with a unix client, as guest, and creating
a setuid executable.  I don't think we block that...

ON the issue of database sharing, the issues are almost never related to
permissions (a simple edit of text files will show what permission
issues there are).  Provided the users are all in a group with write
permission (and possibly g+s set on the directory) it usually works
pretty well.

Instead, these are matters of locking - does this DB support multiple
access on other network servers (win2k?).  Avoiding oplocks is good for
performance and stability, but if the underlying DB is getting exclusive
locks, then you won't get far.

What does smbstatus show?

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050411/a3cc0d68/attachment.bin

More information about the samba mailing list