[Samba] What in samba 4.1 prevents a '/' share?

David C. Rankin drankinatty at suddenlinkmail.com
Tue Jan 7 20:50:43 MST 2014


On 01/07/2014 12:23 AM, David C. Rankin wrote:
>   I have captured tcpdump traffic during the mount attempts and they point to
> smb issuing the error, but I'm not that great at reading packet contents, so I'm
> not entirely sure. But basically, after successful AndX session setup (Tree
> Connect AndX Request, Path: \\phoinix\config), the request for \\phoinix\config
> is made and it is found successfully by the server, but then the server response
> with (Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED) The full ASCII
> dump of the packet dissection for the STATUS_ACCESS_DENIED packet is:
> 
> 
> No.     Time        Source                Destination           Protocol Length Info
>      25 3.487933    192.168.7.16          192.168.7.124         SMB      105
> Tree Connect AndX Response, Error: STATUS_ACCESS_DENIED

smb gurus,

  I think I have made headway. I pulled another level 10 debug on the connection
attempt and in summary when from any client machine, I try to connect to the '/'
share, the share_access.c:237(user_ok_token) for (user david [me]) is ok for
//phoinix/config, but when samba then attempts the check for user 'root' is
fails with User root not in 'valid users'. Basically a terse summary of the
entries on connect with:

mount.cifs //phoinix/config /mnt/phx-cfg/ -v -o
uid=1000,domain=rlfpllc,credentials=/root/cnf/mountcfile,noperm

[2014/01/07 20:32:58.157111,  5, pid=5405, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
  Finding user david

<snip>

[2014/01/07 20:32:58.158932, 10, pid=5405, effective(0, 0), real(0, 0)]
../source3/smbd/share_access.c:237(user_ok_token)
  user_ok_token: share config is ok for unix user david
[2014/01/07 20:32:58.159036,  5, pid=5405, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
  Finding user root

<big snip>

[2014/01/07 20:32:58.176304, 10, pid=5405, effective(0, 0), real(0, 0)]
../source3/smbd/share_access.c:215(user_ok_token)
  User root not in 'valid users'

<snip>

[2014/01/07 20:32:58.176620,  3, pid=5405, effective(0, 0), real(0, 0)]
../source3/smbd/error.c:82(error_packet_set)
  NT error packet at ../source3/smbd/reply.c(952) cmd=117 (SMBtconX)
NT_STATUS_ACCESS_DENIED

  I've put the full log here:

http://www.rlfpllc.com/dl/srv/smb/phoinix-level-10.txt.bz2

  If anyone has any suggestions, I would appreciate them. Thanks.

-- 
David C. Rankin, J.D.,P.E.


More information about the samba mailing list