Re: [Samba] smbd daemon running as wrong user ID

Fri, 15 Feb 2008 06:33:04 -0800 

On Fri, 2008-02-15 at 13:42 +0100, Guido Gonzato wrote:
> Hello,
> 
> I have a strange problem affecting samba-3.0.10-1.4E.12.2 on a Red Hat 
> Enterprise Linux AS release 4 system.
> 
> We have a multi-domain configuration here at University of Verona 
> (Italy). We use Samba as PDC for several faculties. Each faculty has its 
> own daemon instance and its own smb config file:
> 
> [EMAIL PROTECTED] ~]# ls /etc/samba/smb.*
> /etc/samba/smb.conf             /etc/samba/smb.giurisprudenza.conf 
> /etc/samba/smb.medicina.conf
> /etc/samba/smb.economia.conf    /etc/samba/smb.labfac.conf 
> /etc/samba/smb.motorie.conf
> /etc/samba/smb.erasmus.conf     /etc/samba/smb.lettere.conf 
> /etc/samba/smb.scienze.conf
> /etc/samba/smb.formazione.conf  /etc/samba/smb.lingue.conf 
> /etc/samba/smb.template.conf
> [EMAIL PROTECTED] ~]#
> 
> the problem is that sometimes we have one of the daemons running as the 
> 'nobody' user ID or, worse, as normal user. Extract of a 'ps uax' command:
> 
> root      6018  0.0  0.1 11416 2816 ?        S    12:44   0:00 
> /usr/sbin/smbd_motorie -D -s /etc/samba/smb.motorie.conf -l 
> /var/log/samba/motorie
> vr002419  6090  0.0  0.1 11820 2960 ?        S    12:47   0:00 
> /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l 
> /var/log/samba/economia
> root      6091  0.0  0.1 11556 2940 ?        S    12:47   0:00 
> /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l 
> /var/log/samba/economia
> nobody    6093  0.0  0.1 11412 2152 ?        S    12:47   0:00 
> /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l 
> /var/log/samba/economia
> root      6106  0.0  0.0  5628  632 pts/2    R+   12:47   0:00 grep smb
> 
> as you can see, process 6090 runs as user ID vr002419, while process 
> 6093 runs as 'nobody'. User IDs are provided by an external LDAP server.
> 
> I'm just a deputy sysadmin for this server (the Big Guy's on holiday), 
> and I must admit I don't have much experience with Samba. I searched the 
> docs but I didn't find any reference to this behaviour.
> 
> Any hints on how to fix this situation?
> Thanks a lot,
>       Guido

Samba switches to the authenticated user to perform file system
operations, so that the kernel can enforce the proper access control.

Can you be more specific and tell what problem exactly you have?

Ciao,
Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <[EMAIL PROTECTED]>
Senior Software Engineer at Red Hat Inc. <[EMAIL PROTECTED]>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to