Bug 1316 - Hide unreadable only works when security=user and not when security=domain
Summary: Hide unreadable only works when security=user and not when security=domain
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.3
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-05-03 07:10 UTC by Sten Sletbak
Modified: 2006-04-08 11:41 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sten Sletbak 2004-05-03 07:10:41 UTC
When using "hide unreadable=yes" then this only works if "security=user".

As a sample, some files:

# ls -ld /data/felles/

drwxrws---   40 root     alu          8192 Feb 25 12:45 readable_by_group_alu
drwxr-xr-x    2 root     root         4096 May  3 15:04 public_readable/

Using the account "aluit14" as a test case we have:

# groups aluit14
aluit14 : aluit14 lu alu

So "aluit14" can read "readable_by_group_alu".

With samba 2.2 :

# smbclient //teststudfelles/filer -U aluit14
Password:
Domain=[JDHTEST] OS=[Unix] Server=[Samba 2.2.7a-security-rollup-fix]
smb: \> ls
  .                                   D        0  Mon May  3 15:05:37 2004
  ..                                  D        0  Mon Feb 23 12:52:05 2004
  public_readable                     D        0  Mon May  3 15:04:56 2004
  readable_by_group_alu               D        0  Wed Feb 25 12:45:53 2004

As expected.

However with Samba 3.0.* :

# smbclient //teststudfelles/filer -U aluit14
Password:
Domain=[JDHTEST] OS=[Unix] Server=[Samba 3.0.3]
smb: \> ls
  .                                   D        0  Mon May  3 15:05:37 2004
  ..                                  D        0  Mon Feb 23 12:52:05 2004
  public_readable                     D        0  Mon May  3 15:04:56 2004


The "readable_by_group_alu" directory is now missing.
Comment 1 Gerald (Jerry) Carter (dead mail address) 2006-04-08 11:41:19 UTC
please reopen if the bug still exists in a current release.