Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
Hey all, just checking on an update. It would be great if this could be included in the coming/next QEMU release. Cheers! Niklas
Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
On 4/30/21 7:29 PM, Peter Maydell wrote: > If we add 'force user=whoever' to the [global] section, is it then > unnecessary to also specify it in the [qemu] section ? I believe it is, yes. Source: https://www.samba.org/~ab/output/htmldocs/manpages-3/smb.conf.5.html#id2506183 > All S parameters can also be specified in the [global] section - in which > case they will define the default behavior for all services. And `force user (S)` in those docs is an "S parameter". My patch does not remove the one in [qemu] because I found it somewhat nice to have the settings for "who owns management dirs like 'locks'" and "who owns the files inside the [qemu] share" both be stated explicitly. It makes it a bit more obvious what's going on.
Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
On Tue, 23 Feb 2021 at 05:06, Niklas Hambüchen wrote: > > As the added commend and `man smb.conf` explain, starting > with that samba version, `force user` must be configured > in `[global]` in order to access the configured `smb_dir`. > > This broke `-net user,smb=/path/to/folder`: > > The `chdir` into e.g. `/run/user/0/qemu-smb.DCZ8Y0` failed. > In verbose logs, this manifested as: > > [..., effective(65534, 65534), real(65534, 0)] > /source3/smbd/service.c:159(chdir_current_service) > chdir (/run/user/0) failed, reason: Permission denied > > [..., effective(65534, 65534), real(65534, 0)] > /source3/smbd/service.c:167(chdir_current_service) > chdir (/run/user/0) failed, reason: Permission denied > > [..., effective(65534, 65534), real(65534, 0)] > /source3/smbd/uid.c:448(change_to_user_internal) > change_to_user_internal: chdir_current_service() failed! > > This commit fixes it by setting the `[global]` force user to > the user that owns the directories `smbd` needs to access. > > Signed-off-by: Niklas Hambüchen > --- > net/slirp.c | 6 ++ > 1 file changed, 6 insertions(+) > > diff --git a/net/slirp.c b/net/slirp.c > index be914c0be0..82387bdb19 100644 > --- a/net/slirp.c > +++ b/net/slirp.c > @@ -850,6 +850,11 @@ static int slirp_smb(SlirpState* s, const char > *exported_dir, > } > fprintf(f, > "[global]\n" > +"# In Samba 2.0.5 and above the 'force user' parameter\n" > +"# also causes the primary group of the forced user to be used\n" > +"# as the primary group for all file activity.\n" > +"# This includes the various directories set below.\n" > +"force user=%s\n" > "private dir=%s\n" > "interfaces=127.0.0.1\n" > "bind interfaces only=yes\n" > @@ -871,6 +876,7 @@ static int slirp_smb(SlirpState* s, const char > *exported_dir, > "read only=no\n" > "guest ok=yes\n" > "force user=%s\n", > +passwd->pw_name, > s->smb_dir, > s->smb_dir, > s->smb_dir, > -- > 2.25.4 If we add 'force user=whoever' to the [global] section, is it then unnecessary to also specify it in the [qemu] section ? thanks -- PMM
Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
Laurent Vivier, le ven. 30 avril 2021 18:48:29 +0200, a ecrit: > CC: +Samuel I don't know the smb code at all. > Le 23/02/2021 à 03:41, Niklas Hambüchen a écrit : > > As the added commend and `man smb.conf` explain, starting > > with that samba version, `force user` must be configured > > in `[global]` in order to access the configured `smb_dir`. > > > > This broke `-net user,smb=/path/to/folder`: > > > > The `chdir` into e.g. `/run/user/0/qemu-smb.DCZ8Y0` failed. > > In verbose logs, this manifested as: > > > > [..., effective(65534, 65534), real(65534, 0)] > > /source3/smbd/service.c:159(chdir_current_service) > > chdir (/run/user/0) failed, reason: Permission denied > > > > [..., effective(65534, 65534), real(65534, 0)] > > /source3/smbd/service.c:167(chdir_current_service) > > chdir (/run/user/0) failed, reason: Permission denied > > > > [..., effective(65534, 65534), real(65534, 0)] > > /source3/smbd/uid.c:448(change_to_user_internal) > > change_to_user_internal: chdir_current_service() failed! > > > > This commit fixes it by setting the `[global]` force user to > > the user that owns the directories `smbd` needs to access. > > > > Signed-off-by: Niklas Hambüchen > > --- > > net/slirp.c | 6 ++ > > 1 file changed, 6 insertions(+) > > > > diff --git a/net/slirp.c b/net/slirp.c > > index be914c0be0..82387bdb19 100644 > > --- a/net/slirp.c > > +++ b/net/slirp.c > > @@ -850,6 +850,11 @@ static int slirp_smb(SlirpState* s, const char > > *exported_dir, > > } > > fprintf(f, > > "[global]\n" > > +"# In Samba 2.0.5 and above the 'force user' parameter\n" > > +"# also causes the primary group of the forced user to be > > used\n" > > +"# as the primary group for all file activity.\n" > > +"# This includes the various directories set below.\n" > > +"force user=%s\n" > > "private dir=%s\n" > > "interfaces=127.0.0.1\n" > > "bind interfaces only=yes\n" > > @@ -871,6 +876,7 @@ static int slirp_smb(SlirpState* s, const char > > *exported_dir, > > "read only=no\n" > > "guest ok=yes\n" > > "force user=%s\n", > > +passwd->pw_name, > > s->smb_dir, > > s->smb_dir, > > s->smb_dir, > > >
Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
CC: +Samuel Le 23/02/2021 à 03:41, Niklas Hambüchen a écrit : > As the added commend and `man smb.conf` explain, starting > with that samba version, `force user` must be configured > in `[global]` in order to access the configured `smb_dir`. > > This broke `-net user,smb=/path/to/folder`: > > The `chdir` into e.g. `/run/user/0/qemu-smb.DCZ8Y0` failed. > In verbose logs, this manifested as: > > [..., effective(65534, 65534), real(65534, 0)] > /source3/smbd/service.c:159(chdir_current_service) > chdir (/run/user/0) failed, reason: Permission denied > > [..., effective(65534, 65534), real(65534, 0)] > /source3/smbd/service.c:167(chdir_current_service) > chdir (/run/user/0) failed, reason: Permission denied > > [..., effective(65534, 65534), real(65534, 0)] > /source3/smbd/uid.c:448(change_to_user_internal) > change_to_user_internal: chdir_current_service() failed! > > This commit fixes it by setting the `[global]` force user to > the user that owns the directories `smbd` needs to access. > > Signed-off-by: Niklas Hambüchen > --- > net/slirp.c | 6 ++ > 1 file changed, 6 insertions(+) > > diff --git a/net/slirp.c b/net/slirp.c > index be914c0be0..82387bdb19 100644 > --- a/net/slirp.c > +++ b/net/slirp.c > @@ -850,6 +850,11 @@ static int slirp_smb(SlirpState* s, const char > *exported_dir, > } > fprintf(f, > "[global]\n" > +"# In Samba 2.0.5 and above the 'force user' parameter\n" > +"# also causes the primary group of the forced user to be used\n" > +"# as the primary group for all file activity.\n" > +"# This includes the various directories set below.\n" > +"force user=%s\n" > "private dir=%s\n" > "interfaces=127.0.0.1\n" > "bind interfaces only=yes\n" > @@ -871,6 +876,7 @@ static int slirp_smb(SlirpState* s, const char > *exported_dir, > "read only=no\n" > "guest ok=yes\n" > "force user=%s\n", > +passwd->pw_name, > s->smb_dir, > s->smb_dir, > s->smb_dir, >
Re: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
On 2/23/21 3:41 AM, Niklas Hambüchen wrote: > This broke `-net user,smb=/path/to/folder`: Hey, just a short ping on whether anyone would have a moment to review this `qemu-trivial` patch; it would be very nice to have SMB support to work out of the box again. Thanks!
[PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5
As the added commend and `man smb.conf` explain, starting with that samba version, `force user` must be configured in `[global]` in order to access the configured `smb_dir`. This broke `-net user,smb=/path/to/folder`: The `chdir` into e.g. `/run/user/0/qemu-smb.DCZ8Y0` failed. In verbose logs, this manifested as: [..., effective(65534, 65534), real(65534, 0)] /source3/smbd/service.c:159(chdir_current_service) chdir (/run/user/0) failed, reason: Permission denied [..., effective(65534, 65534), real(65534, 0)] /source3/smbd/service.c:167(chdir_current_service) chdir (/run/user/0) failed, reason: Permission denied [..., effective(65534, 65534), real(65534, 0)] /source3/smbd/uid.c:448(change_to_user_internal) change_to_user_internal: chdir_current_service() failed! This commit fixes it by setting the `[global]` force user to the user that owns the directories `smbd` needs to access. Signed-off-by: Niklas Hambüchen --- net/slirp.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/net/slirp.c b/net/slirp.c index be914c0be0..82387bdb19 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -850,6 +850,11 @@ static int slirp_smb(SlirpState* s, const char *exported_dir, } fprintf(f, "[global]\n" +"# In Samba 2.0.5 and above the 'force user' parameter\n" +"# also causes the primary group of the forced user to be used\n" +"# as the primary group for all file activity.\n" +"# This includes the various directories set below.\n" +"force user=%s\n" "private dir=%s\n" "interfaces=127.0.0.1\n" "bind interfaces only=yes\n" @@ -871,6 +876,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir, "read only=no\n" "guest ok=yes\n" "force user=%s\n", +passwd->pw_name, s->smb_dir, s->smb_dir, s->smb_dir, -- 2.25.4