[Samba] Re: What file gets corrupted in Samba when perms stop
working correctly?
Michael Lueck
mlueck at lueckdatasystems.com
Thu Nov 10 16:34:32 GMT 2005
Think I found something... Jerry, seems like an old setting is leaking up through the floor boards.
Before the "net rpc rights grant domain\\account SeMachineAccountPrivilege" stuff existed, I used "admin users = @domadmin" to get the job done. That unfortunately made accounts "root" on the server.
So, admin users is now commented out and rpc rights has been in use since that went production.
HOWEVER, here's the connection from my special account... (as it shows up in lsof)
smbd 2614 root cwd DIR 8,9 4096 100663424 /srv/shares/stage
Sure looks like "admin users" is leaking through the floor boards somehow. Obviously since "root" is not a member of the group which has write perms, no write perms granted.
So, how else could this user become root on the server if "admin users" is commented out? I properly see the user name for other connections to the server.
--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/
Remove the upper case letters NOSPAM to contact me directly.
More information about the samba
mailing list