Dragan Krnic
2002-Nov-27 18:24 UTC
[Samba] "attrib +R myowndir" fails to write-protect my own dir
A trivial case:
executing the following DOS command from the prompt line on a Win2K SP3:
%windir%\system32\attrib.exe +R H:\dir
can't set the R(eadonly) flag on my home dirs (2.2.7):
drwxrwsr-x 4 me users 4096 Nov 27 17:59 .
drwxr-sr-x 2 me users 4096 Nov 27 17:59 dir
-r--r--r-- 1 me users 0 Nov 27 17:59 empty.txt
drwxr-sr-x 2 me users 4096 Nov 27 17:27 profile
The relevant settings are:
create mask = 664
directory mask = 0775
[homes]
valid users = %S
read only = No
inherit permissions = No
directory security mask = 0777
browseable = No
The packets exchanged very quickly between my WS and the server:
Win2K SP3 Client SuSE 8.1/samba 2.2.7 server
================================= ===============================Tr2 Rq
Q_PATH_INFO, Path: Tr2 Rs Q_PATH_INFO
Tr2 Rq FIND_FIRST2, Pattern: \dir Tr2 Rs FIND_FIRST2, Files: dir
NT Create AndX Req, Path: \dir NT Create AndX Resp, FID: 0x2f70
Tr2 Rq SET_FILE_INFO, FID: 0x2f70 Tr2 Rs SET_FILE_INFO
Close Request, FID 0x270 Close Response
nfs>netbios-ssn[ACK]...
The log at level 3 shows no error:
smbd/process.c:process_smb(878) Transaction 35 of length 79
smbd/process.c:switch_message(685) switch message SMBtrans2(pid 10017
smbd/trans2.c:call_trans2qfilepathinfo(1702)call_trans2qfilepathinfo:
TRANSACT2_QPATHINFO: level = 1004
lib/util.c:unix_clean_name(387) unix_clean_name []
lib/util.c:unix_clean_name(387) unix_clean_name [.]
smbd/trans2.c:call_trans2qfilepathinfo(1734)
call_trans2qfilepathinfo . level=1004 call=5 total_data=0
smbd/process.c:process_smb(878) Transaction 36 of length 98
smbd/process.c:switch_message(685)switch message SMBtrans2(pid 10017
smbd/trans2.c:call_trans2findfirst(900) call_trans2findfirst:
dirtype = 22, maxentries = 1366, close_after_first=1,
close_if_end = 1 requires_resume_key = 1 level = 260,
max_data_bytes = 16384
lib/util.c:unix_clean_name(387) unix_clean_name [/dir]
lib/util.c:unix_clean_name(387) unix_clean_name [dir]
lib/util.c:unix_clean_name(387) unix_clean_name [./]
smbd/dir.c:dptr_create(488) creating new dirptr 256 for path ./,
expect_close = 1
smbd/process.c:process_smb(878) Transaction 37 of length 101
smbd/process.c:switch_message(685)switch message SMBntcreateX(p.10017
lib/util.c:unix_clean_name(387) unix_clean_name [/dir]
smbd/dosmode.c:unix_mode(111) unix_mode(dir) returning 0664
lib/util.c:unix_clean_name(387) unix_clean_name [dir]
smbd/process.c:process_smb(878) Transaction 38 of length 120
smbd/process.c:switch_message(685)switch message SMBtrans2 (pid 10017
lib/util.c:unix_clean_name(387) unix_clean_name [dir]
lib/util.c:unix_clean_name(387) unix_clean_name [dir]
smbd/trans2.c:call_trans2setfilepathinfo(2418)
call_trans2setfilepathinfo(8) dir info_level=1004 totdata=40
smbd/dosmode.c:unix_mode(111) unix_mode(dir) returning 0755
smbd/process.c:process_smb(878) Transaction 39 of length 45
smbd/process.c:switch_message(685)switch message SMBclose (pid 10017)
smbd/reply.c:reply_close(3148) close directory fnum=12144
but the directory remains writeable.
At compile time there were only some warnings about implicit
declarations of functions, "__fork" in "smbwrapper/smbw.c"
and many
more with the pattern "smbw_some-syscall" in
"smbwrapper/wrapped.c"
but the comment in the file says not to try to get rid of them.
The only other suspect diagnostic was for functions "smbc_telldir"
and "smbc_lseekdir" in "libsmb/libsmbclient.c", lines 2279
and 2320:
cast to pointer from integer of different size, here the lines:
2279 return (off_t)fe->dir_next;
and
2320 struct smbc_dirent *dirent = (struct smbc_dirent *)offset;
Setting R-flag on a regular file works, but setting H(idden) or
A(rchive) flag doesn't.
If "inherit permissions" is changed to "Yes" then not even a
regular
file can be write-protected but then H and A flags can be set and
cleared.
I suspect the same problem causes "magic" folder links to lose their
magic, i.e. the R-flag.
Can anyone help?
Yours truly
Dragan
_____________________________________________________________
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
jra@dp.samba.org
2002-Nov-27 20:55 UTC
[Samba] "attrib +R myowndir" fails to write-protect my own dir
On Wed, Nov 27, 2002 at 07:23:30PM +0100, Dragan Krnic wrote:> A trivial case: > > executing the following DOS command from the prompt line on a Win2K SP3: > > %windir%\system32\attrib.exe +R H:\dir > > can't set the R(eadonly) flag on my home dirs (2.2.7): > > drwxrwsr-x 4 me users 4096 Nov 27 17:59 . > drwxr-sr-x 2 me users 4096 Nov 27 17:59 dir > -r--r--r-- 1 me users 0 Nov 27 17:59 empty.txt > drwxr-sr-x 2 me users 4096 Nov 27 17:27 profileThis is by design. From the source code : if (IS_DOS_DIR(dosmode)) { /* We never make directories read only for the owner as under DOS a user can always create a file in a read-only directory. */ Jeremy.
daniel.jarboe@custserv.com
2002-Nov-27 21:07 UTC
[Samba] "attrib +R myowndir" fails to write-protect my own dir
True, but was his desire to prevent deletion of the directory, like in DOS? C:\>mkdir test C:\>attrib +r test C:\>rmdir test Access is denied. C:\>attrib -r test C:\>rmdir test This works on windows mapped shares, but not on samba. ~ Daniel -----Original Message----- From: jra@dp.samba.org [mailto:jra@dp.samba.org] Sent: Wednesday, November 27, 2002 3:54 PM To: Dragan Krnic Cc: samba@lists.samba.org; dkrnic@t-online.de Subject: Re: [Samba] "attrib +R myowndir" fails to write-protect my own dir On Wed, Nov 27, 2002 at 07:23:30PM +0100, Dragan Krnic wrote:> A trivial case: > > executing the following DOS command from the prompt line on a Win2KSP3:> > %windir%\system32\attrib.exe +R H:\dir > > can't set the R(eadonly) flag on my home dirs (2.2.7): > > drwxrwsr-x 4 me users 4096 Nov 27 17:59 . > drwxr-sr-x 2 me users 4096 Nov 27 17:59 dir > -r--r--r-- 1 me users 0 Nov 27 17:59 empty.txt > drwxr-sr-x 2 me users 4096 Nov 27 17:27 profileThis is by design. From the source code : if (IS_DOS_DIR(dosmode)) { /* We never make directories read only for the owner as under DOS a user can always create a file in a read-only directory. */ Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ----------------------------------------------------------------------- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you.
Dragan Krnic
2002-Nov-27 21:34 UTC
[Samba] "attrib +R myowndir" fails to write-protect my own dir
I'm so glad there are kind souls at this time of night. Wait, it might
be day at your place. Good day!
I don't see a contradiction in setting Readonly flag on one's own
directories and then creating files in them anyways. It's very much
like any overruling root privilege. It's just a flag, Jeremy, it's
not our saviour's gospel. Bill knows we don't march over dead bodies
and he's taking unfair advantage of it.
I propose a new smb.conf feature for 3.0:
[homes & especially profiles]
overrule readonly dirs = Yes/No
Default is "No", but in exceptional cases, like on almost every samba
server, it may be enabled to write into one's own write-protected
directories, salvation be damned.
So it's not like samba team is committing a sin, but on the other
hand how far would you go to deny your neighbour a glass of beer if
he's thirsty, no matter what the Q'uran says.
Regards
Dragan
On Wed, 27 Nov 2002 20:54:12
jra wrote:>On Wed, Nov 27, 2002 at 07:23:30PM +0100, Dragan Krnic wrote:
>> A trivial case:
>>
>> executing the following DOS command from the prompt line on a Win2K
SP3:
>>
>> %windir%\system32\attrib.exe +R H:\dir
>>
>> can't set the R(eadonly) flag on my home dirs (2.2.7):
>>
>> drwxrwsr-x 4 me users 4096 Nov 27 17:59 .
>> drwxr-sr-x 2 me users 4096 Nov 27 17:59 dir
>> -r--r--r-- 1 me users 0 Nov 27 17:59 empty.txt
>> drwxr-sr-x 2 me users 4096 Nov 27 17:27 profile
>
>This is by design. From the source code :
>
> if (IS_DOS_DIR(dosmode)) {
> /* We never make directories read only for the owner as under DOS a user
> can always create a file in a read-only directory. */
>
>Jeremy.
>
_____________________________________________________________
Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
Dragan Krnic
2002-Nov-27 22:18 UTC
[Samba] "attrib +R myowndir" fails to write-protect my own dir
On Wed, 27 Nov 2002 21:10:19 jra wrote:>On Wed, Nov 27, 2002 at 04:06:53PM -0500, daniel.jarboe@custserv.com wrote: >> True, but was his desire to prevent deletion of the directory, like in >> DOS? >> >> C:\>mkdir test >> C:\>attrib +r test >> C:\>rmdir test >> Access is denied. >> C:\>attrib -r test >> C:\>rmdir test >> >> This works on windows mapped shares, but not on samba. > >Deletion of a file/directory in UNIX is dependent on the >'w' permissions of the enclosing directory (parent), not >the file/directory itself. > >Jeremy. >Yes, of course, so just push the w-bit aside for a second until a file is created and then put it back again. So, where's the problem? Is it woodoo? No, purest white magic. Like lifting the tombstone from Lazarus's grave. How else does restore of so many backups work? If it wouldn't restore write-protected directories, it shouldn't back 'em up either? Server side storage of profiles, off-line resources and so many new things of which our ancestors (Kernighan, Ritchie, Leighton) never dreamt are all instances of massive backup objects. There must be a way to handle it reasonably even on a legacy system like *nix. By now, Dragan _____________________________________________________________ Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
Dragan Krnic
2002-Nov-27 22:21 UTC
[Samba] "attrib +R myowndir" fails to write-protect my own dir
-- On Wed, 27 Nov 2002 21:48:21 jra wrote:>On Wed, Nov 27, 2002 at 10:33:11PM +0100, Dragan Krnic wrote: >> I'm so glad there are kind souls at this time of night. Wait, it might >> be day at your place. Good day! > >Yep, it's 1:30 in the afternoon here in California :-). > >> I don't see a contradiction in setting Readonly flag on one's own >> directories and then creating files in them anyways. It's very much >> like any overruling root privilege. It's just a flag, Jeremy, it's >> not our saviour's gospel. Bill knows we don't march over dead bodies >> and he's taking unfair advantage of it. >> >> I propose a new smb.conf feature for 3.0: >> >> [homes & especially profiles] >> overrule readonly dirs = Yes/No >> >> Default is "No", but in exceptional cases, like on almost every samba >> server, it may be enabled to write into one's own write-protected directories, salvation be damned. > >The flag "dos filemode" is usually used for this purpose, I'll >investigate using it. > >Thanks, > > Jeremy. >Yeah, it was deprecated and abolished somewhere between 2.0.7 and 2.2.7, donno exactly. Resurrect it, please. _____________________________________________________________ Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
Dragan Krnic
2002-Dec-01 19:24 UTC
[Samba] Re: "attrib +R myowndir" fails to write-protect my own dir
Hi Jeremy, after commenting out part of the line following the infamous quote "We never make directories read only for the owner..." in "samba/source/smbd/dosmode.c" as follows: - result |= (S_IFDIR | S_IWUSR); + result |= (S_IFDIR /* | S_IWUSR /* 2002/12/01*/ ); I can make my own directories read-only. The advantage is that with this modification "special" folder links get stored on samba server with correct attributes and can be recovered with them at every new login, thus preserving the "magic" of so many tricky treats in the profile. The disadvantage is that if I wants to create another file or delete an existing one from such read-only directory, I need to first restore writeability (remove read-only). The advantage far offsets the disadvantage. Thanks a lot for the tip. Dragan _____________________________________________________________ Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus