Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Samba security Prob
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
VorteX24
n00b
n00b


Joined: 03 Aug 2002
Posts: 14
PostPosted: Thu Nov 21, 2002 11:29 am    Post subject: Samba security Prob Reply with quote
My first problem: i recognized that i can look at every share of my samba server (acts as pdc) from a client that isnt authed by the domain server (samba). i mean, i can login as localadmin on a win2000 workstation, and look at samba shares that should be watchable to domain users. have a look at my conf:
http://suq.dyndns.org/~florian/smb.conf


then another problem: if i install any newer version of samba as 2.2.5-r1, i get the following error in the /var/log/samba/log.<user> users logfile (some thousands an hour like this).
ERROR: string overflow by 4 in string_sub(%u, 7)
[2002/11/21 12:23:43, 0] lib/util_str.c:string_sub(1219)

samba looks like running, but the users doesnt see any shares and cannot auth.

Thanks alot!
Back to top
View user's profile Send private message
VorteX24
n00b
n00b


Joined: 03 Aug 2002
Posts: 14
PostPosted: Thu Nov 21, 2002 3:38 pm    Post subject: Reply with quote
*push*
Back to top
View user's profile Send private message
Lin_Matt
Guru
Guru


Joined: 23 Jun 2002
Posts: 581
Location: TechWasteland (Mississippi)
PostPosted: Thu Nov 21, 2002 6:17 pm    Post subject: Reply with quote
hmmm.... gonna take this step-by-step here...

Code:
; where to store user profiles?
    logon path =

This can't be blank... Either comment it out, or give a valid path.

Code:
;logon drive = H:
    ;logon home = \\homeserver\%u
    logon drive =
    logon home =

Same here...

Code:

[Public$]
   path = /public/public
   force directory mode = 770
   browseable = yes
   create mode = 770
   directory mode = 770
   force create mode = 770
   force group = NT-User
   valid users = @NT-User,@NT-Admin
   force user = root
   write list = @NT-User,@NT-Admin

[cd$]
   path = /mnt/cdrom
   read list = @NT-Admin,@NT-User
   valid users = @NT-Admin,@NT-User

[telcd$]
   path = /var/lib/samba/telcd
   force directory mode = 740
   create mode = 740
   directory mode = 740
   force create mode = 740
   force group = NT-User
   read list = @NT-User
   valid users = @NT-Admin,@NT-User
   force user = root
   write list = @NT-Admin

[florian$]
   path = /home/florian
   writable = yes
   force directory mode = 755
   force create mode = 755
   force group = NT-User
   valid users = florian
   force user = florian
   write list = florian


These shares shouldn't end in the dollar sign ($)... Also, check all of your acl entries (valid users, force user, etc...)

I would highly recommend reading up on the documentation in your /usr/share/doc/samba-(version) directory. Also, the smb.conf man page has a ton of information you might find helpful.[/code]
Back to top
View user's profile Send private message
LosD
n00b
n00b


Joined: 12 Jun 2002
Posts: 61
Location: Taastrup, Denmark
PostPosted: Sat Nov 23, 2002 3:01 pm    Post subject: Reply with quote
My Samba works, but I have the problem with samba flooding my /var/log/everything with

Nov 23 15:58:59 [smbd] ERROR: string overflow by 4 in string_sub(%H, 15)
Nov 23 15:58:59 [smbd] [2002/11/23 15:58:59, 0] lib/util_str.c:string_sub(1219)

In fact so often that metalog logrotates every second!

It began when I emerged samba 2.2.7, do anybody have a reason/solution?

Thx,
Dennis
Back to top
View user's profile Send private message
VorteX24
n00b
n00b


Joined: 03 Aug 2002
Posts: 14
PostPosted: Sun Nov 24, 2002 9:03 am    Post subject: Reply with quote
jep got same problem

LosD, got you a smp system? i got one two, perhaps could this be the reason ?
Back to top
View user's profile Send private message
LosD
n00b
n00b


Joined: 12 Jun 2002
Posts: 61
Location: Taastrup, Denmark
PostPosted: Sun Nov 24, 2002 4:48 pm    Post subject: Reply with quote
Nope, just a single processor... I think it has something to do with the clients, because if I look in /var/log/samba/log.* it happens for some of the clients... One of the problems I think happened when I renamed my server from 'dserver' to 'tux'...

The client had a network drive which still referred to the server as dserver, and it was still able to connect to the server, even after reboot of the client, but it seems it made the server log errors (and the smbd processes spawned for the client only killable with -9/-SIGKILL)...

But it also happens for a few other clients, which do not have network drives connected to the server (and has string overflows by 8 and 9), so this isn't the only problem...

I have filed a bug report on bugs.samba.org, I am looking forward to see if it's known, and if it's indeed a bug, or if it's a configuration problem... I'll post the answer here....

Dennis
Back to top
View user's profile Send private message
VorteX24
n00b
n00b


Joined: 03 Aug 2002
Posts: 14
PostPosted: Wed Jan 15, 2003 8:43 pm    Post subject: Reply with quote
emerge -u world
theres an depency thats necessary, dunno what dep., but after emerge -u world, new samba works :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy