Bug 10127 - smbstatus stopped working as non-root user
Summary: smbstatus stopped working as non-root user
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.6
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.6.9
Hardware: All All
: P5 normal
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
: 9432 (view as bug list)
Depends on:
Blocks:
 
Reported: 2013-09-05 11:31 UTC by Guenther Deschner
Modified: 2013-09-09 08:05 UTC (History)
1 user (show)

See Also:

Attachments
patch for v3-6-test (6.33 KB, patch)
2013-09-05 11:31 UTC, Guenther Deschner 		vl: review+
asn: review+
Details
patch for v3-6-test (fixed typos) (6.33 KB, patch)
2013-09-05 14:45 UTC, Guenther Deschner 		asn: review+
Details
followup patches for v3-6-test (7.23 KB, patch)
2013-09-06 16:21 UTC, Guenther Deschner 		asn: review+
Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Guenther Deschner 2013-09-05 11:31:05 UTC 
Since refactoring work in d6a687250625b62242efc8be0aa50ffc448a503a smbstatus can no longer be called sucessfully as non-root user. The sessionid.tdb is created 0644 as root by smbd usually but smbstatus now tries to open that tdb with O_RDWR which fails with access denied.

Attached patchset adds an optional mode to open the sessionid.tdb readonly to make cmdline tools like smbstatus and net still work like previous 3.6.x versions.
Comment 1 Guenther Deschner 2013-09-05 11:31:51 UTC 
Created attachment 9191 [details]
patch for v3-6-test
Comment 2 Andreas Schneider 2013-09-05 11:55:44 UTC 
Comment on attachment 9191 [details]
patch for v3-6-test

LGTM
Comment 3 Guenther Deschner 2013-09-05 14:11:48 UTC 
Ok, Karolin, please add to v3-6-test.

This is NOT needed for for 4.x as in 4.x only root can access session related tdbs (which then contain sensitive key material).
Comment 4 Andreas Schneider 2013-09-05 14:16:07 UTC 
*** Bug 9432 has been marked as a duplicate of this bug. ***
Comment 5 Guenther Deschner 2013-09-05 14:45:50 UTC 
Created attachment 9192 [details]
patch for v3-6-test (fixed typos)

Sorry, had some typos in printf error output. This patch has them fixed.
Comment 6 Andreas Schneider 2013-09-06 09:17:16 UTC 
Comment on attachment 9192 [details]
patch for v3-6-test (fixed typos)

LGTM
Comment 7 Karolin Seeger 2013-09-06 09:19:42 UTC 
Pushed to v3-6-test.
Closing out bug report.

Thanks!
Comment 8 Guenther Deschner 2013-09-06 16:20:29 UTC 
Still some patches missing to also display sharedmodes, etc.
Comment 9 Guenther Deschner 2013-09-06 16:21:33 UTC 
Created attachment 9195 [details]
followup patches for v3-6-test
Comment 10 Volker Lendecke 2013-09-09 07:12:21 UTC 
Comment on attachment 9195 [details]
followup patches for v3-6-test

What is the deeper reason behind these patches? What functionality was not covered in the first set, what am I supposed to test further on? Is there any further followup patch in the queue?
Comment 11 Andreas Schneider 2013-09-09 07:12:40 UTC 
Comment on attachment 9195 [details]
followup patches for v3-6-test

LGTM
Comment 12 Karolin Seeger 2013-09-09 08:05:49 UTC 
(In reply to comment #11)
> Comment on attachment 9195 [details]
> followup patches for v3-6-test
> 
> LGTM

Pushed to v3-6-test.
Closing out bug report.

Thanks!