qemu-trivial
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5


From: Samuel Thibault
Subject: Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
Date: Fri, 30 Apr 2021 18:51:31 +0200
User-agent: NeoMutt/20170609 (1.8.3)

Laurent Vivier, le ven. 30 avril 2021 18:48:29 +0200, a ecrit:
> CC: +Samuel

I don't know the smb code at all.

> Le 23/02/2021 à 03:41, Niklas Hambüchen a écrit :
> > As the added commend and `man smb.conf` explain, starting
> > with that samba version, `force user` must be configured
> > in `[global]` in order to access the configured `smb_dir`.
> > 
> > This broke `-net user,smb=/path/to/folder`:
> > 
> > The `chdir` into e.g. `/run/user/0/qemu-smb.DCZ8Y0` failed.
> > In verbose logs, this manifested as:
> > 
> >     [..., effective(65534, 65534), real(65534, 0)] 
> > /source3/smbd/service.c:159(chdir_current_service)
> >       chdir (/run/user/0) failed, reason: Permission denied
> > 
> >     [..., effective(65534, 65534), real(65534, 0)] 
> > /source3/smbd/service.c:167(chdir_current_service)
> >       chdir (/run/user/0) failed, reason: Permission denied
> > 
> >     [..., effective(65534, 65534), real(65534, 0)] 
> > /source3/smbd/uid.c:448(change_to_user_internal)
> >       change_to_user_internal: chdir_current_service() failed!
> > 
> > This commit fixes it by setting the `[global]` force user to
> > the user that owns the directories `smbd` needs to access.
> > 
> > Signed-off-by: Niklas Hambüchen <mail@nh2.me>
> > ---
> >  net/slirp.c | 6 ++++++
> >  1 file changed, 6 insertions(+)
> > 
> > diff --git a/net/slirp.c b/net/slirp.c
> > index be914c0be0..82387bdb19 100644
> > --- a/net/slirp.c
> > +++ b/net/slirp.c
> > @@ -850,6 +850,11 @@ static int slirp_smb(SlirpState* s, const char 
> > *exported_dir,
> >      }
> >      fprintf(f,
> >              "[global]\n"
> > +            "# In Samba 2.0.5 and above the 'force user' parameter\n"
> > +            "# also causes the primary group of the forced user to be 
> > used\n"
> > +            "# as the primary group for all file activity.\n"
> > +            "# This includes the various directories set below.\n"
> > +            "force user=%s\n"
> >              "private dir=%s\n"
> >              "interfaces=127.0.0.1\n"
> >              "bind interfaces only=yes\n"
> > @@ -871,6 +876,7 @@ static int slirp_smb(SlirpState* s, const char 
> > *exported_dir,
> >              "read only=no\n"
> >              "guest ok=yes\n"
> >              "force user=%s\n",
> > +            passwd->pw_name,
> >              s->smb_dir,
> >              s->smb_dir,
> >              s->smb_dir,
> > 
> 



reply via email to

[Prev in Thread] Current Thread [Next in Thread]