[Samba] Reload config with SIGHUP does not immediately revoke access to host removed from hosts allow
Akash Jain
akash.jain110683 at gmail.com
Thu Feb 1 05:20:59 UTC 2018
Hello All
My samba-4.x server has lot of registry shares added. There are windows
clients connected to it and I wanted to remove the access to one of the
hosts.
I did net conf setparm to set the updated list of IPs in "hosts allow"
param and then reloaded samba config with killall -1 smbd .
I see that the host which is not part of the hosts allow but already have a
open window in Windows Explorer still continues to get the access for good
amount of time which is a security flaw.
I see that the smbd process serving that host (which we see in smbstatus
command) received the reload config with and logs show that it reads the
latest configuration for that registry share, but we do not see the effect
immediately.
Any idea why is it happening so? Is it a known behaviour or known issue?
Thanks,
Akash
More information about the samba
mailing list