[Samba] What in samba 4.1 prevents a '/' share?
David C. Rankin
drankinatty at suddenlinkmail.com
Tue Jan 7 20:50:43 MST 2014
On 01/07/2014 12:23 AM, David C. Rankin wrote:
> I have captured tcpdump traffic during the mount attempts and they point to
> smb issuing the error, but I'm not that great at reading packet contents, so I'm
> not entirely sure. But basically, after successful AndX session setup (Tree
> Connect AndX Request, Path: \\phoinix\config), the request for \\phoinix\config
> is made and it is found successfully by the server, but then the server response
> with (Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED) The full ASCII
> dump of the packet dissection for the STATUS_ACCESS_DENIED packet is:
>
>
> No. Time Source Destination Protocol Length Info
> 25 3.487933 192.168.7.16 192.168.7.124 SMB 105
> Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED
smb gurus,
I think I have made headway. I pulled another level 10 debug on the connection
attempt and in summary when from any client machine, I try to connect to the '/'
share, the share_access.c:237(user_ok_token) for (user david [me]) is ok for
//phoinix/config, but when samba then attempts the check for user 'root' is
fails with User root not in 'valid users'. Basically a terse summary of the
entries on connect with:
mount.cifs //phoinix/config /mnt/phx-cfg/ -v -o
uid=1000,domain=rlfpllc,credentials=/root/cnf/mountcfile,noperm
[2014/01/07 20:32:58.157111, 5, pid=5405, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user david
<snip>
[2014/01/07 20:32:58.158932, 10, pid=5405, effective(0, 0), real(0, 0)]
../source3/smbd/share_access.c:237(user_ok_token)
user_ok_token: share config is ok for unix user david
[2014/01/07 20:32:58.159036, 5, pid=5405, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user root
<big snip>
[2014/01/07 20:32:58.176304, 10, pid=5405, effective(0, 0), real(0, 0)]
../source3/smbd/share_access.c:215(user_ok_token)
User root not in 'valid users'
<snip>
[2014/01/07 20:32:58.176620, 3, pid=5405, effective(0, 0), real(0, 0)]
../source3/smbd/error.c:82(error_packet_set)
NT error packet at ../source3/smbd/reply.c(952) cmd=117 (SMBtconX)
NT_STATUS_ACCESS_DENIED
I've put the full log here:
http://www.rlfpllc.com/dl/srv/smb/phoinix-level-10.txt.bz2
If anyone has any suggestions, I would appreciate them. Thanks.
--
David C. Rankin, J.D.,P.E.
More information about the samba
mailing list