diff options
-rw-r--r-- | docs/samba.faq | 37 | ||||
-rw-r--r-- | examples/thoralf/smb.conf | 152 | ||||
-rwxr-xr-x | source/script/installscripts.sh | 26 | ||||
-rw-r--r-- | source/smbd/server.c | 5 |
4 files changed, 218 insertions, 2 deletions
diff --git a/docs/samba.faq b/docs/samba.faq index e58c88bc18f..6e3cf2943aa 100644 --- a/docs/samba.faq +++ b/docs/samba.faq @@ -511,6 +511,43 @@ To syncronize your PC's clock with your Samba server: Each time you start your computer (or login for Win95) your PC will synchronize it's clock with your Samba server. + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +* 4: Problems with WinDD, NTrigue, WinCenterPro etc + +All of the above programs are applications that sit on an NT box and +allow multiple users to access the NT GUI applications from remote +workstations (often over X). + +What has this got to do with Samba? The problem comes when these users +use filemanager to mount shares from a Samba server. The most common +symptom is that the first user to connect get correct file permissions +and has a nice day, but subsequent connections get logged in as the +same user as the first person to login. They find that they cannot +access files in their own home directory, but that they can access +files in the first users home directory (maybe not such a nice day +after all?) + +Why does this happen? The above products all share a common heritage +(and code base I believe). They all open just a single TCP based SMB +connection to the Samba server, and requests from all users are piped +over this connection. This is unfortunate, but not fatal. + +It means that if you run your Samba server in share level security +(the default) then things will definately break as described above. The +share level SMB security model has no provision for multiple user IDs +on the one SMB connection. See security_level.txt in the docs for more +info on share/user/server level security. + +If you run in user or server level security then you have a chance, +but only if you have a recent version of Samba (at least 1.9.15p6). In +older versions bugs in Samba meant you still would have had problems. + +If you have a trapdoor uid system in your OS then it will never work +properly. Samba needs to be able to switch uids on the connection and +it can't if your OS has a trapdoor uid system. You'll know this +because Samba will note it in your logs. + =============================================================================== SECTION FIVE: Specific client application problems ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/examples/thoralf/smb.conf b/examples/thoralf/smb.conf new file mode 100644 index 00000000000..f9f147474a8 --- /dev/null +++ b/examples/thoralf/smb.conf @@ -0,0 +1,152 @@ +; Configuration file for smbd (Samba 1.9.15p8) +; created by Thoralf Freitag. Send comments to: +; <Thoralf.Freitag@remserv.rz.fhtw-berlin.de> or +; <Thoralf.Freitag@t-online.de> +; last edit 24.04.1995 01:11 +; +; + +[global] + + protocol = NT1 + ;long filenames for win95 + mangle case = yes + ;lower and upper letters + mangled names = yes + default case = lower + case sensitive = no + preserve case = yes + short preserve case = yes + + printing = bsd + printcap name = /etc/printcap + lpq cache time = 0 + workgroup = WORKGROUP + admin users = su + ;su is allowed to do all !!! + guest account = ftp + ;guest is same as user ftp + default service = reference + ;is possibly helpful to browsing under win 95 + os level = 2 + log file = /var/adm/log.smb + max log size = 10 + debug level = 1 + share modes = yes + lock directory = /var/adm + +[JP_360_raw] + comment = Networkprinter queue for Olivetti JP 360 (untreated RAW format) + browseable = yes + available = yes + public = no + force user = root + writable = no + printable = yes + printer name = samba + ;samba is an alias name for an raw_printer in your /etc/printcap + path = /samba/tmp + create mode = 0700 + +[JP_360_mono] + comment = Networkprinter queue for Olivetti JP 360 Mono (with apsfilter) + browseable = yes + available = yes + public = no + force user = root + writable = no + printable = yes + printer name = lp + ;lp means the standard printer in your /etc/printcap + path = /samba/tmp + create mode = 0700 + +[JP_360_color] + comment = Networkprinter queue for Olivetti JP 360 Color (with apsfilter) + browseable = yes + available = yes + public = no + force user = root + writable = no + printable = yes + printer name = lp4 + ;my printer need this to print with his color cartridge + ;--> the lpd is drive to the printer as an color printer + path = /samba/tmp + create mode = 0700 + +[tmp] + comment = the garbage dump + browseable = yes + available = yes + public = yes + read only = no + printable = no + path = /samba/tmp + create mask = 0777 + +[transfer] + comment = the market place + browseable = yes + available = yes + public = yes + read only = no + printable = no + path = /samba/transfer + create mask = 0777 + +[homes] + comment = home directories + browseable = no + ;ONLY the home-dirs are visible, not the service itself + available = yes + guest ok = no + read only = no + printable = no + create mode = 0700 + +[install] + comment = all of the many install files + browsable = yes + available = yes + public = no + username = @root, @users + writable = yes + read list = @users + printable = no + path = /samba/install + create mode = 0755 + +[doc-help] + comment = documentations, helpfiles, FAQ's + browsable = yes + available = yes + public = no + username = @root, @users + writable = yes + read list = @users + printable = no + path = /samba/doc + create mode = 0755 + +[cd_rom_2] + comment = the CD in the CD-ROM drive on PANDORA + browsable = yes + available = yes + public = yes + writable = no + printable = no + path = /cdrom + +[reference] + ;the default, if invalid accesses + comment = PANDORA: Samba LAN manager + browsable = yes + ;only as an hint + available = no + ;however no access possible + public = yes + writable = no + printable = no + path = /samba/tmp + diff --git a/source/script/installscripts.sh b/source/script/installscripts.sh new file mode 100755 index 00000000000..a3defa16e1a --- /dev/null +++ b/source/script/installscripts.sh @@ -0,0 +1,26 @@ +#!/bin/sh +# this script courtesy of James_K._Foote.PARC@xerox.com +INSTALLPERMS=$1 +BINDIR=$2 +SRCDIR=$3 + +echo Installing scripts in $BINDIR + +for d in $BINDIR; do + if [ ! -d $d ]; then + mkdir $d + if [ ! -d $d ]; then + echo Failed to make directory $d + exit 1 + fi + fi +done + +cp $SRCDIR/smbtar $BINDIR +cp $SRCDIR/addtosmbpass $BINDIR +echo Setting permissions on scripts +chmod $INSTALLPERMS $BINDIR/smbtar +chmod $INSTALLPERMS $BINDIR/addtosmbpass + +echo Scripts installed +exit 0 diff --git a/source/smbd/server.c b/source/smbd/server.c index 00f8c9e0fd6..5ef92777b24 100644 --- a/source/smbd/server.c +++ b/source/smbd/server.c @@ -2626,6 +2626,7 @@ int reply_nt1(char *outbuf) int capabilities=0x300; /* has dual names + lock_and_read */ int secword=0; BOOL doencrypt = SMBENCRYPT(); + time_t t = time(NULL); if (lp_security()>=SEC_USER) secword |= 1; if (doencrypt) secword |= 2; @@ -2660,8 +2661,8 @@ int reply_nt1(char *outbuf) SIVAL(outbuf,smb_vwv3+1,0xFFFF); /* max buffer */ SIVAL(outbuf,smb_vwv5+1,0xFFFF); /* raw size */ SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */ - put_long_date(outbuf+smb_vwv11+1,time(NULL)); - SSVALS(outbuf,smb_vwv15+1,TimeDiff(time(NULL))/60); + put_long_date(outbuf+smb_vwv11+1,t); + SSVALS(outbuf,smb_vwv15+1,TimeDiff(t)/60); return (smb_len(outbuf)+4); } |