Bug 1971 - afs adds all tokens to the same pag
afs adds all tokens to the same pag
Status: RESOLVED WONTFIX
Product: Samba 3.0
Classification: Unclassified
Component: File Services
3.0.7
All Linux
: P3 normal
: none
Assigned To: Volker Lendecke
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-10-25 11:31 UTC by Mattias Amnefelt
Modified: 2004-12-17 05:58 UTC (History)
1 user (show)

See Also:


Attachments
Patch for new pag in afs_settoken() (501 bytes, patch)
2004-10-25 11:32 UTC, Mattias Amnefelt
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Mattias Amnefelt 2004-10-25 11:31:30 UTC
When afs tokens are inserted into the kernel, they are inserted into a pag.
There is usualy one pag per user, but new pags can be created for the current
process by calling AFSCALL_SETPAG.

Since smbd is run as root all users currently share the same pag. This means
that all users will use the tokens installed for the last authenticated user.
This is probably not desired, and basicly renders the afs support unusable in a
multi-user environment.

My patch fixes this by creating a new pag before installing the token into the
kernel.
Comment 1 Mattias Amnefelt 2004-10-25 11:32:55 UTC
Created attachment 745 [details]
Patch for new pag in afs_settoken()
Comment 2 Derek Harkness 2004-12-15 12:29:33 UTC
I am preparing to deploy Samba with AFS support into a medium size environment 12k+ users and 
during my testing started having random unexplained behavior.  After applying this patch 99% of my 
problems have been eliminated.  Would it be possible to get this patch added to the next Samba 
release?
Comment 3 Volker Lendecke 2004-12-17 04:48:40 UTC
I don't think this is correct, as smbd needs to be able to act as different users. 
Think of a connection coming from a terminal server, multiple users coming in to
the same smbd. What probably needs to be done if you really need a new PAG would
be to do a getgroups right after the setpag() call, and add the pag groups to
the current_user struct.

Closing this bug, feel free to re-open it if you have more comments or an
expanded patch that addresses the multi-user smbd issue.

Volker
Comment 4 Love 2004-12-17 05:40:36 UTC
Mattias patch is correct.

To make the problem happy for you with an unpatched server do like this:


pagsh
start samba server inside PAG

Not, there are no way to leave the PAG once you enterd it. That they reason
you have to create a new pag for each user.

When you say that samba needs to be diffrent users, I assume you are talking
about root and the user currently logged in. Given that tridge have expressed
his hate for threads, I wouldn't think that running several users (ie threads)
inside the same smbd would be a problem, certenly not for samba3.

There tools, like sshd,telnetd and login that will give the user a PAG
unconditionally. This is a real issue. Please deal with it.

We are running with mattias patch with 5 terminal servers and 500+ workstations
loadshared over 3 samba servers using DFS with no ill effekt. Not using Mattias patch
make our sysadmin always shot themself in their feet.

If you still think you have issue with the patch, feel free to talk to me on irc
or I can call you if you leave me a phone number and we can talk about the issue.
Comment 5 Volker Lendecke 2004-12-17 05:48:12 UTC
Hmmm. smbd has to seteuid() to user1, come back to root and then seteuid() to
user2 and be able to switch between both. Sorry for my possible
misunderstanding, but does the unconditional SETPAG call handle this correctly?

Volker
Comment 6 Love 2004-12-17 05:54:50 UTC
> Mattias patch is correct.

maybe this was a little bit too strong.

Mattias patch makes the world much better, even though its slighly wrong.

More information, you currently can't join a pag at will by using setgroups.
You are stuck in it, and you can only get a new PAG, or exit.
Comment 7 Love 2004-12-17 05:58:07 UTC
(In reply to comment #5)
> Hmmm. smbd has to seteuid() to user1, come back to root and then seteuid() to
> user2 and be able to switch between both. Sorry for my possible
> misunderstanding, but does the unconditional SETPAG call handle this correctly?

No, you are correct, however, if you already are in a pag when entering smbd
not calling SETPAG will make you loose horribly from the users view with random errors.