Bug 142352
Summary: | smbmount fails to heed specified uid,gid,fmask,dmask | ||
---|---|---|---|
Product: | [Retired] Fedora Legacy | Reporter: | kenneth gf brown <shadowplay> |
Component: | samba | Assignee: | Fedora Legacy Bugs <bugs> |
Status: | CLOSED DEFERRED | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | fc2 | CC: | fenlason, mattdm, shadowplay |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | LEGACY, 2, DEFER | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-08-13 13:52:24 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
kenneth gf brown
2004-12-09 06:59:32 UTC
additional comments... assuming the roll of the user on the client with the co-responding uid as on the server allows me to open the the file for editing... nano afile when a save occurs.. editing application hangs... /var/log/messages shows Dec 9 01:15:43 clientbox kernel: smb_trans2: invalid data, disp=0, cnt=0, tot=0, ofs=0 Dec 9 01:16:13 clientbox kernel: smb_add_request: request [2c9a6e00, mid=222] timed out! the server shows... -rwxr--r-- 1 526 526 0 Dec 9 01:15 afile and contents of file are destroyed!!! this is kinda scary!!! and explains why ive been having wierd 0 size file issues with my redhat samba shares and any attempt to write data into the file causes hangs and delays and loss of data. If you configure your Samba server with "unix extensions = no", it will act like a Windows server, and smbfs won't be able to act like NFS. Most users who use SMB between two *ix machines want the unix extensions enabled, which is why it is the default. It looks to me like the real bug is that mount.smbfs and mount.cifs don't have "disable unix extensions" options, so you can only disable them on the server. Also, smbfs is buggy and unmaintained. You should be using "mount -t cifs ..." instead. And any Samba related bug report is incomplete without smb.conf files from all the affected machines. Please attach them. i went to the smbserver .. the origninal smb.conf that works AS IS from all our RH9.0 machines... start smb.conf.orig--> [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = WORKGROUP # server string is the equivalent of the NT Description field server string = SERVER hosts allow = aaa.bbb.ccc. 127. log file = /var/log/samba/%m.log max log size = 0 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 guest ok = yes dns proxy = no [homes] comment = Home Directories browseable = no writeable = yes valid users = %S create mode = 0664 directory mode = 0775 [wurmlhtml] comment = wurml path = /home/wurml/public_html writeable = yes valid users = root <--end smb.conf.orig the new one... see the notes below... i am still experiencing HUGE issues start smb.conf--> [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = WORKGROUP # server string is the equivalent of the NT Description field server string = SERVER hosts allow = aaa.bbb.ccc. 127. unix extensions = no log file = /var/log/samba/%m.log max log size = 0 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* pam password change = yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 guest ok = yes dns proxy = no [homes] comment = Home Directories browseable = no writeable = yes valid users = %S create mode = 0664 directory mode = 0775 [wurmlhtml] comment = wurml path = /home/wurml/public_html writeable = yes valid users = root <--end smb.conf as you can see i added the unix extensions=no as you suggested... and so the continuing saga begins... restarted the server. fine no problem i have 2 test cases for you now... TEST CASE ONE using smbfs as root on the client fstab settings... //SERVER/wurmlhtml /home/wurml/public_html/ \ smbfs password=secret,uid=544,gid=545,fmask=775,dmask=775,\ defaults,rw 0 0 [root@eclipse wurml]# mount //FOCUS/wurmlhtml [root@eclipse wurml]# cd public_html/ [root@eclipse public_html]# ls -la total 559 drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:31 . drwxr-xr-x 4 wurml wurml 4096 Dec 9 18:27 .. drwxrwxr-x 1 wurml wurml 4096 Nov 29 14:42 imgs -rwxrwxr-x 1 wurml wurml 83 Dec 9 01:18 index.php drwxrwxr-x 1 wurml wurml 4096 Dec 9 17:48 usage . . . -rwxrwxr-x 1 wurml wurml 424 Nov 28 21:53 welcome.php -rwxrwxr-x 1 wurml wurml 314710 Nov 20 23:34 wurML_inked-kgbmod.psd -rwxrwxr-x 1 wurml wurml 200684 Nov 20 14:39 wurML_inked.psd [root@eclipse public_html]# cd usage/ [root@eclipse usage]# ls index.html [root@eclipse usage]# echo helpme > index.html -bash: index.html: Input/output error [root@eclipse usage]# ls -la total 8 drwxrwxr-x 1 wurml wurml 4096 Dec 9 17:48 . drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:31 .. -rwxrwxr-x 1 wurml wurml 0 Dec 9 17:49 index.html [root@eclipse usage]# su - httpd -bash-2.05b$ cd ~wurml/public_html/usage/ -bash-2.05b$ ls -la total 9 drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:41 . drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:31 .. -rwxrwxr-x 1 wurml wurml 7 Dec 9 18:41 index.html -rwxrwxr-x 1 wurml wurml 19 Dec 9 18:47 test2.html -bash-2.05b$ echo webtest > test2.html -bash: test2.html: Input/output error -bash-2.05b$ ls -la drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:51 . drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:31 .. -rwxrwxr-x 1 wurml wurml 7 Dec 9 18:41 index.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:48 test2.html NOTE ALL CONTENTS OF TEST2 ARE GONE this it the /etc/group entry for wurml wurml:x:545:httpd and according to the fmask i have rwx on the entire usage directory. -bash-2.05b$ echo interesting > httpdtest.html -bash-2.05b$ ls -la total 10 drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:53 . drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:31 .. -rwxrwxr-x 1 wurml wurml 12 Dec 9 18:53 httpdtest.html -rwxrwxr-x 1 wurml wurml 7 Dec 9 18:41 index.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:48 test2.html -rwxrwxr-x 1 wurml wurml 5 Dec 9 18:51 webtest.html but a second execution of -bash-2.05b$ echo interesting > httpdtest.html -bash: httpdtest.html: Input/output error -bash-2.05b$ ls -la total 9 drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:53 . drwxrwxr-x 1 wurml wurml 4096 Dec 9 18:31 .. -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:53 httpdtest.html -rwxrwxr-x 1 wurml wurml 7 Dec 9 18:41 index.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:48 test2.html -rwxrwxr-x 1 wurml wurml 5 Dec 9 18:51 webtest.html NOTE ALL CONTENTS OF httpdtest.html are gone !!! analysis smbmount is VERY BROKEN does not obey uid/gid permisions of files sent to the samba server and totally erases data on the next attempted write access to the server TEST CASE TWO using cifs as you suggested... //FOCUS/wurmlhtml /home/wurml/public_html/ \ cifs password=secret,uid=544,gid=545,file_mode=0775,dir_mode=0775,\ defaults,rw 0 0 [root@eclipse wurml]# mount //FOCUS/wurmlhtml [root@eclipse wurml]# ls -la total 15468 drwxr-xr-x 4 wurml wurml 4096 Dec 9 18:27 . drwxr-xr-x 45 root root 4096 Dec 5 23:53 .. drwxrwxr-x 12 wurml wurml 0 Dec 9 00:46 public_html UMMM this concerns me NOTE the 0 file size on public_html [root@eclipse wurml]# cd public_html/ [root@eclipse public_html]# ls -la total 596 drwxrwxr-x 12 wurml wurml 0 Dec 9 00:46 . drwxr-xr-x 4 wurml wurml 4096 Dec 9 18:27 .. drwxrwxr-x 1 wurml wurml 0 Nov 30 09:53 admin drwxrwxr-x 1 wurml wurml 0 Nov 21 01:51 archives -rwxrwxr-x 1 wurml wurml 181 Nov 29 16:05 conv2unix.sh -rwxrwxr-x 1 wurml wurml 356 Nov 28 14:15 DbTest.php -rwxrwxr-x 1 wurml wurml 701 Nov 28 22:03 detail.php drwxrwxr-x 1 wurml wurml 0 Dec 3 14:16 dtd drwxrwxr-x 1 wurml wurml 0 Nov 29 14:42 imgs drwxrwxr-x 1 wurml wurml 0 Nov 7 13:20 imgstmp -rwxrwxr-x 1 wurml wurml 83 Dec 9 01:18 index.php drwxrwxr-x 1 wurml wurml 0 May 26 2004 install drwxrwxr-x 1 wurml wurml 0 May 26 2004 mp3s -rwxrwxr-x 1 wurml wurml 1115 Nov 28 22:02 sect.php -rwxrwxr-x 1 wurml wurml 1597 Nov 20 13:40 style.css -rwxrwxr-x 1 wurml wurml 5 Nov 17 13:39 test.html drwxrwxr-x 1 wurml wurml 0 Nov 21 12:15 tmpl8 drwxrwxr-x 1 wurml wurml 0 Nov 30 09:50 tools -rwxrwxr-x 1 wurml wurml 448 Nov 29 12:10 tools.php drwxrwxr-x 1 wurml wurml 0 Dec 9 18:53 usage -rwxrwxr-x 1 wurml wurml 424 Nov 28 21:53 welcome.php -rwxrwxr-x 1 wurml wurml 314710 Nov 20 23:34 wurML_inked-kgbmod.psd -rwxrwxr-x 1 wurml wurml 200684 Nov 20 14:39 wurML_inked.psd note the 0 file length on all dirs. [root@eclipse public_html]# cd usage/ [root@eclipse usage]# ls -la total 16 drwxrwxr-x 2 wurml wurml 0 Dec 9 18:53 . drwxrwxr-x 12 wurml wurml 0 Dec 9 00:46 .. -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:53 httpdtest.html -rwxrwxr-x 1 wurml wurml 7 Dec 9 18:41 index.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:48 test2.html -rwxrwxr-x 1 wurml wurml 5 Dec 9 18:51 webtest.html [root@eclipse usage]# echo testing >cifs.root.html [root@eclipse usage]# echo testing >>cifs.root.html [root@eclipse usage]# cat cifs.root.html testing testing [root@eclipse usage]# echo cifstesting >> index.html [root@eclipse usage]# ls -la total 20 drwxrwxr-x 2 wurml wurml 0 Dec 9 19:06 . drwxrwxr-x 12 wurml wurml 0 Dec 9 00:46 .. -rw-r--r-- 1 wurml wurml 16 Dec 9 19:06 cifs.root.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:53 httpdtest.html -rwxrwxr-x 1 wurml wurml 19 Dec 9 19:06 index.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:48 test2.html -rwxrwxr-x 1 wurml wurml 5 Dec 9 18:51 webtest.html [root@eclipse usage]# cat index.html helpme cifstesting [root@eclipse usage]# su - httpd -bash-2.05b$ cd ~wurml/public_html/usage/ -bash-2.05b$ ls -la total 20 drwxrwxr-x 2 wurml wurml 0 Dec 9 19:06 . drwxrwxr-x 12 wurml wurml 0 Dec 9 00:46 .. -rw-r--r-- 1 wurml wurml 16 Dec 9 19:06 cifs.root.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:53 httpdtest.html -rwxrwxr-x 1 wurml wurml 19 Dec 9 19:06 index.html -rwxrwxr-x 1 wurml wurml 0 Dec 9 18:48 test2.html -rwxrwxr-x 1 wurml wurml 5 Dec 9 18:51 webtest.html -bash-2.05b$ echo httpdcifstesting >> index.html -bash-2.05b$ cat index.html helpme cifstesting httpdcifstesting -bash-2.05b$ echo httpdcifstesting >> cifs.root.html -bash: cifs.root.html: Permission denied shouldnt that file have been created as 775 ?? it should TOTALY be returning 775 in the ls because of the fmask and dmasks OVERALL in both cases attempting to connect to any of this as the httpd server for web service the following happens going to http://wurml.shadowplay.net gives access to the contents of THAT dir going to http://wurml.shadowplay.net/usage/index.html gives a 403 permission denied (?????) even tho httpd IS allowed access to that directory going to http://wurml.shadowplay.net/imgs/wurML_inked-banner.jpg returns the image. I repeat that none of this was an issue with a connection from RH9 samba client to RH9 samba server even with the lack of "unix extensions" in the samba.conf the smb client preformed as if it was set to off this is a major issue as various applications "touch" manipulate and create files inside of several directories. ie croned scritps etc and ALL are causing input/output errors and loss of data on the samba server. [Bulk move of FC2 bugs to Fedora Legacy. See <http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00020.html>.] Kenneth -- can you confirm if this problem still exists in the samba-3.0.10-1.fc2 package (released ~ Dec 20, 2004)? Thanks. This doesn't seem to be important enough to fix just on its own, so mark it DEFER. |