[Samba] Reload config with SIGHUP does not immediately revoke access to host removed from hosts allow
Andrew Bartlett
abartlet at samba.org
Thu Feb 1 06:39:25 UTC 2018
On Thu, 2018-02-01 at 10:50 +0530, Akash Jain via samba wrote:
> Hello All
>
> My samba-4.x server has lot of registry shares added. There are windows
> clients connected to it and I wanted to remove the access to one of the
> hosts.
>
> I did net conf setparm to set the updated list of IPs in "hosts allow"
> param and then reloaded samba config with killall -1 smbd .
> I see that the host which is not part of the hosts allow but already have a
> open window in Windows Explorer still continues to get the access for good
> amount of time which is a security flaw.
>
> I see that the smbd process serving that host (which we see in smbstatus
> command) received the reload config with and logs show that it reads the
> latest configuration for that registry share, but we do not see the effect
> immediately.
>
> Any idea why is it happening so? Is it a known behaviour or known issue?
To disconnect a client, see smbcontrol kill-client-ip.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list