Hello, I have had a local samba server set up for a while (Debian/Etch). I recently upgraded my samba to the latest version, and now my "symlinks" are access denied. I believe this is tied to the "Wide Links" zero day exploit fix that the samba team put out. However, I can't seem to undo it with a "wide links = yes" command in the smb.conf file. The way I have been doing it has been working for the last two years -- so I'm scratching my head now.
My samba is configured that when they log into the "client" area, they are dropped into the directory: /srv/client/[machine name] Inside specific [machine name] directories is a symlink to /srv/common if that machine is to have access to the common files. Thanks, Dave === [ Here is my smb.conf file: ] === [global] workgroup = WORKGROUP netbios name = USURPER remote announce = 192.168.0.1 browseable = yes time server = yes follow symlinks = yes server string = %L server (%h hosted) wins support = yes dns proxy = yes name resolve order = lmhosts host wins bcast log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes guest account = nobody invalid users = root browseable = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . socket options = TCP_NODELAY #======================= Share Definitions ======================= [homes] comment = Home Directories browseable = no writable = no create mask = 0700 directory mask = 0700 valid users = %S [printers] comment = All Printers browseable = yes path = /var/spool/samba printable = yes public = yes writable = no create mode = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = yes [Public] comment = Public Serverspace browseable = yes path = /pub writeable = yes public = yes directory mode = 0777 [Client] comment = Client Machine Serverspace public = no browseable = yes path = /srv/client/%m writeable = yes directory mode = 0777 wide links = yes preexec = mkdir /srv/client/%m ; touch /srv/client/%m/hello-%m [Music] comment = Music for the masses public = yes browseable = yes path = /srv/music writeable = yes directory mode = 0777 /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
