[Pkg-samba-maint] Bug#633651: Bug#633651: samba: Regression after security update - linux client unable to delete files
Peter Tuhársky
tuharsky at misbb.sk
Wed Jul 13 06:29:34 UTC 2011
Hallo, Christian
thank You for quick response.
During 8+ years of contact with reporting systems, I have learned that
excesive log/config postings are seldom invited for first glance.
Maintainer usually asks for the very piece of information he needs.
Moreover, the bug could already be known somehow.
I will of course provide any information needed.
Samba operates in security = domain and takes the records from OpenLDAP,
if this is what You asked. Under the term "samba client" I meant other
Debian Squeeze or Ubuntu 11.04 machine, fully updated.
Please, send me an example of command, how to correctly downgrade the
whole samba.
Yes, I have investigated the logs and found nothing special (although I
don't understand how is the SID supposedly "invalid".)
Here I connected to share, created the file and attempted to delete
(failed with "Permission denied"):
[2011/07/13 08:04:13.493244, 2] smbd/sesssetup.c:1391(setup_new_vc_session)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2011/07/13 08:04:13.521472, 2] auth/auth.c:304(check_ntlm_password)
check_ntlm_password: authentication for user [zalohydata] ->
[zalohydata] -> [zalohydata] succeeded
[2011/07/13 08:04:13.521737, 2] lib/smbldap.c:950(smbldap_open_connection)
smbldap_open_connection: connection opened
[2011/07/13 08:04:13.523745, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
init_sam_from_ldap: Entry found for user: zalohydata
[2011/07/13 08:04:13.524448, 2]
passdb/pdb_ldap.c:2446(init_group_from_ldap)
init_group_from_ldap: Entry found for group: 10014
[2011/07/13 08:04:13.524779, 2]
passdb/pdb_ldap.c:2446(init_group_from_ldap)
init_group_from_ldap: Entry found for group: 10014
[2011/07/13 08:04:13.525612, 0] passdb/passdb.c:627(lookup_global_sam_name)
User zalohydata with invalid SID
S-1-5-21-2222734727-3523169228-4078589058-21129 in passdb
[2011/07/13 08:04:13.528430, 2] lib/access.c:406(check_access)
Allowed connection from (::ffff:10.2.2.1)
[2011/07/13 08:04:13.531242, 1] smbd/service.c:1070(make_connection_snum)
__ffff_10.2.2.1 (::ffff:10.2.2.1) connect to service zalohyhome
initially as user zalohydata (uid=10129, gid=10014) (pid 7784)
[2011/07/13 08:04:22.498552, 2] smbd/open.c:633(open_file)
zalohydata opened file test.txt read=No write=Yes (numopen=1)
[2011/07/13 08:04:22.499191, 2] smbd/close.c:656(close_normal_file)
zalohydata closed file test.txt (numopen=0) NT_STATUS_OK
[2011/07/13 08:04:27.612872, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
init_sam_from_ldap: Entry found for user: zalohydata
[2011/07/13 08:05:33.298169, 1] smbd/service.c:1251(close_cnum)
__ffff_10.2.2.1 (::ffff:10.2.2.1) closed connection to service zalohyhome
Sincerely
Peter
Dňa 12.07.2011 18:51, Christian PERRIER wrote / napísal(a):
> Quoting tuharsky (tuharsky at misbb.sk):
>> Package: samba
>> Version: 2:3.5.6~dfsg-3squeeze4
>> Severity: important
>>
>> Recently I have installed security upgrade that has replaced version ...squeeze2 by ...squeeze4. I have not run the installation automatic script over samba config files because they are split to several parts.
>> Now I cannot delete any file from samba share using linux samba client, even the file that has been created by the same user and the same client just before. I don't use any extended ACLs, sticky bits or so.
> Have you tried investigating in the log files of the samba server
> before reporting this "regression"?
>
> As we'requite far away from having divination skills, there is no way
> we can help with so few information.
>
> No idea about the context (operation mode of the samba server, for
> instance...or what is "linux samba client"). No log information. No
> mention of attempting to revert to squeeze2...
>
> We really can't do anything with that bug report, sorry.
>
>
More information about the Pkg-samba-maint
mailing list