New VFS Module: linktrans

Mike Gerdts gerdts at bellsouth.net
Tue Aug 13 14:40:01 GMT 2002 

I have written a new VFS module that translates symbolic links to MS DFS
links.  You can get it at
http://www.cae.wisc.edu/~gerdts/samba/vfs-linktrans.c

What does it really do?

    When a symbolic link to a directory is encountered, a mapping of
    UNIX Directories to share names is consulted.  If a match is found,
    readlink() translates the standard UNIX symbolic link format into
    the format normally expected by the DFS code.  This causes a
    redirect to be sent to the SMB client.
    
    The code is smart enough to recognize symbolic links that point to
    someplace other than just the root of a share.  That is, if you have
    a mapping 
    
    /projects/d1 	projserv\d1
    
    A symbolic link to /projects/d1/someproject/somepart will redirect
    the client to \\projserv\d1\someproject\somepart

Why?

    Suppose you have an environment where users were encouraged to just
    create symbolic links to get to areas that were not shared out via
    Samba.  You are now not happy with the mess that exists because
    people may be using the "wrong" server (samba ends up acting as a
    CIFS <-> NFS gateway), permissions that you intend to force are not
    being forced, or access restrictions that you intend to have in
    place are being bypassed.
    
    With this module you can transition from promiscuous use of symbolic
    links to using the option "follow symlinks = no" relatively
    painlessly.  Or at least that is the theory.

How?

    Build samba as you normally would.  Be sure to use --with-msdfs as
    one of your configure options.
    
    Copy vfs-linktrans.c to samba-2.2.5/examples/VFS/linktrans.c
    
    Edit samba-2.2.5/examples/VFS/Makefile.in.  Add linktrans.so to the
    VFS_OBJS
    
    In samba-2.2.5/examples/VFS, run ./configure, then make.
    
    Copy linktrans.so to a lib directory somewhere.  Presumably
    /usr/local/samba/linktrans.so would be a could choice.
    
    Edit /usr/local/samba/lib/smb.conf.  Add "host msdfs = yes" to the
    global section.  Add "msdfs root = yes" and "vfs object =
    /usr/local/lib/samba/linktrans.so" to each share that you want to
    try this out on.
    
    Create the file /etc/linktrans.map (defined in the .c file) with
    lines that perform the lowest level mapping.  For example, if all
    symbolic links to /project/d1 should really go to \\projserv\d1, add
    a line like "/project/d1 projserv\d1".
    
    Restart samba.
    
    Reboot the Windows client that will connect to this share.

Does it really work?

    As is said in the copyright notice at the top, there is no
    warranty.  It has, however, worked for me in a test environment
    using Solaris servers and a Windows 2000 client.  I have not yet
    used it with multiple clients at once, nor have I put it on any
    production servers.
    


Comments, suggestions for improvement, and patches are welcome.

Mike

More information about the samba-technical mailing list