[Samba] big share problem

Rowland penny rpenny at samba.org
Mon Nov 25 18:25:34 UTC 2019 

On 25/11/2019 18:12, Tom via samba wrote:
> Hi,
>
> I've a big problem with my shares on a domain AD member server.
>
> On this server there is severals shares directories :
>
> - \data\dir1 [share_one]
> - \data\dir2 [share_two]
> - \data\dir3 [share_three]
>
> \data is a mounted partition
>
> when I browse one of my share in windows, \\myserver\share_one for 
> exmple, I can see all directories of my server !! : bin, boot, dev, 
> lib, ..... data directory is here but I can't access it.
>
> The samba status deamon log :
>
> [2019/11/25 19:05:31.753338,  0] 
> ../source3/smbd/uid.c:417(change_to_user_internal)
> nov. 25 19:05:31 myserver.mydomain smbd[75484]: 
> change_to_user_internal: chdir_current_service() failed!
>
> The samba logs :
>
> [2019/11/25 19:06:42.602821,  2] 
> ../source3/smbd/vfs.c:1305(check_reduced_name)
>   check_reduced_name: Bad access attempt: . is a symlink outside the 
> share path
>   conn_rootdir =/data/dir2
>   resolved_name=/
> [2019/11/25 19:06:42.602889,  3] 
> ../source3/smbd/filename.c:1382(get_real_filename_full_scan)
>   scan dir didn't open dir [.]
> [2019/11/25 19:06:42.602923,  3] 
> ../source3/smbd/smb2_server.c:3190(smbd_smb2_request_error_ex)
>   smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] 
> status[NT_STATUS_NOT_SUPPORTED] || at ../source3/smbd/smb2_create.c:296
>
> The smb.conf :
>
> [global]
>
> workgroup = REALM
> realm = REALM.DOMAIN.COM
> security = ADS
>
> bind interfaces only = yes
> interfaces = lo em1
>
> log level = 3 passdb:5 auth:5
> log file = /var/log/samba/samba.log
> max log size = 5000
>
>
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
>
> idmap config ENSIMLAN:backend = ad
> idmap config ENSIMLAN:schema_mode = rfc2307
> idmap config ENSIMLAN:range = 10000-999999
> idmap config ENSIMLAN:unix_nss_info = yes
>
>
> acl allow execute always = yes
>
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
>
> socket options = TCP_NODELAY TCP_KEEPIDLE=240 TCP_KEEPCNT=4 
> TCP_KEEPINTVL=15
>
> unix extensions = no
>
> [share_one]
> path = /data/dir1/
> read only = no
> force create mode = 0600
> force directory mode = 0700
> follow symlinks = yes
> wide links = yes
> browseable = no
> hide files = /desktop.ini/$RECYCLE.BIN/
>
> [share_two]
> path = /data/dir2/
> browseable = no
> read only = No
> force create mode = 0600
> force directory mode = 0700
> csc policy = disable
> store dos attributes = yes
> vfs objects = acl_xattr
> hide files = /desktop.ini/$RECYCLE.BIN/
>
> [share_three]
> path = /data/dir3/
> browseable = no
> read only = No
> force create mode = 770
> force directory mode = 770
> csc policy = disable
> store dos attributes = yes
> vfs objects = acl_xattr
> hide dot files = yes
> hide files = /desktop.ini/$RECYCLE.BIN/
>
> I really don't know what happened '-(
>
> Any ideas ??
>
You have shot yourself in the foot with 'unix extensions = no' and 'wide 
links = yes'

Rowland

More information about the samba mailing list