[Samba] smbd daemon running as wrong user ID - Samba

This is a discussion on [Samba] smbd daemon running as wrong user ID - Samba ; Hello, I have a strange problem affecting samba-3.0.10-1.4E.12.2 on a Red Hat Enterprise Linux AS release 4 system. We have a multi-domain configuration here at University of Verona (Italy). We use Samba as PDC for several faculties. Each faculty has ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: [Samba] smbd daemon running as wrong user ID

  1. [Samba] smbd daemon running as wrong user ID

    Hello,

    I have a strange problem affecting samba-3.0.10-1.4E.12.2 on a Red Hat
    Enterprise Linux AS release 4 system.

    We have a multi-domain configuration here at University of Verona
    (Italy). We use Samba as PDC for several faculties. Each faculty has its
    own daemon instance and its own smb config file:

    [root@ldapvr1 ~]# ls /etc/samba/smb.*
    /etc/samba/smb.conf /etc/samba/smb.giurisprudenza.conf
    /etc/samba/smb.medicina.conf
    /etc/samba/smb.economia.conf /etc/samba/smb.labfac.conf
    /etc/samba/smb.motorie.conf
    /etc/samba/smb.erasmus.conf /etc/samba/smb.lettere.conf
    /etc/samba/smb.scienze.conf
    /etc/samba/smb.formazione.conf /etc/samba/smb.lingue.conf
    /etc/samba/smb.template.conf
    [root@ldapvr1 ~]#

    the problem is that sometimes we have one of the daemons running as the
    'nobody' user ID or, worse, as normal user. Extract of a 'ps uax' command:

    root 6018 0.0 0.1 11416 2816 ? S 12:44 0:00
    /usr/sbin/smbd_motorie -D -s /etc/samba/smb.motorie.conf -l
    /var/log/samba/motorie
    vr002419 6090 0.0 0.1 11820 2960 ? S 12:47 0:00
    /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l
    /var/log/samba/economia
    root 6091 0.0 0.1 11556 2940 ? S 12:47 0:00
    /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l
    /var/log/samba/economia
    nobody 6093 0.0 0.1 11412 2152 ? S 12:47 0:00
    /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l
    /var/log/samba/economia
    root 6106 0.0 0.0 5628 632 pts/2 R+ 12:47 0:00 grep smb

    as you can see, process 6090 runs as user ID vr002419, while process
    6093 runs as 'nobody'. User IDs are provided by an external LDAP server.

    I'm just a deputy sysadmin for this server (the Big Guy's on holiday),
    and I must admit I don't have much experience with Samba. I searched the
    docs but I didn't find any reference to this behaviour.

    Any hints on how to fix this situation?
    Thanks a lot,
    Guido

    --
    Guido Gonzato, Ph.D. - Sysadmin
    Universita' di Verona (Italy), Servizi Informatici di Ateneo
    Via S. Francesco 22, 37129 Verona (Italy)
    "If you think education is expensive, try ignorance."
    -- Derek Bok
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] smbd daemon running as wrong user ID


    On Fri, 2008-02-15 at 13:42 +0100, Guido Gonzato wrote:
    > Hello,
    >
    > I have a strange problem affecting samba-3.0.10-1.4E.12.2 on a Red Hat
    > Enterprise Linux AS release 4 system.
    >
    > We have a multi-domain configuration here at University of Verona
    > (Italy). We use Samba as PDC for several faculties. Each faculty has its
    > own daemon instance and its own smb config file:
    >
    > [root@ldapvr1 ~]# ls /etc/samba/smb.*
    > /etc/samba/smb.conf /etc/samba/smb.giurisprudenza.conf
    > /etc/samba/smb.medicina.conf
    > /etc/samba/smb.economia.conf /etc/samba/smb.labfac.conf
    > /etc/samba/smb.motorie.conf
    > /etc/samba/smb.erasmus.conf /etc/samba/smb.lettere.conf
    > /etc/samba/smb.scienze.conf
    > /etc/samba/smb.formazione.conf /etc/samba/smb.lingue.conf
    > /etc/samba/smb.template.conf
    > [root@ldapvr1 ~]#
    >
    > the problem is that sometimes we have one of the daemons running as the
    > 'nobody' user ID or, worse, as normal user. Extract of a 'ps uax' command:
    >
    > root 6018 0.0 0.1 11416 2816 ? S 12:44 0:00
    > /usr/sbin/smbd_motorie -D -s /etc/samba/smb.motorie.conf -l
    > /var/log/samba/motorie
    > vr002419 6090 0.0 0.1 11820 2960 ? S 12:47 0:00
    > /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l
    > /var/log/samba/economia
    > root 6091 0.0 0.1 11556 2940 ? S 12:47 0:00
    > /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l
    > /var/log/samba/economia
    > nobody 6093 0.0 0.1 11412 2152 ? S 12:47 0:00
    > /usr/sbin/smbd_economia -D -s /etc/samba/smb.economia.conf -l
    > /var/log/samba/economia
    > root 6106 0.0 0.0 5628 632 pts/2 R+ 12:47 0:00 grep smb
    >
    > as you can see, process 6090 runs as user ID vr002419, while process
    > 6093 runs as 'nobody'. User IDs are provided by an external LDAP server.
    >
    > I'm just a deputy sysadmin for this server (the Big Guy's on holiday),
    > and I must admit I don't have much experience with Samba. I searched the
    > docs but I didn't find any reference to this behaviour.
    >
    > Any hints on how to fix this situation?
    > Thanks a lot,
    > Guido


    Samba switches to the authenticated user to perform file system
    operations, so that the kernel can enforce the proper access control.

    Can you be more specific and tell what problem exactly you have?

    Ciao,
    Simo.

    --
    Simo Sorce
    Samba Team GPL Compliance Officer
    Senior Software Engineer at Red Hat Inc.

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread