Bug 5311 - hosts deny configuration doesn't work with 3.2.0pre2
Summary: hosts deny configuration doesn't work with 3.2.0pre2
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.2
Classification: Unclassified
Component: File services (show other bugs)
Version: 3.2.0
Hardware: x86 Linux
: P3 critical
Target Milestone: ---
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-03-06 07:45 UTC by Magnus Mertens
Modified: 2008-03-07 11:02 UTC (History)
0 users

See Also:

Attachments
Patch (1.30 KB, patch)
2008-03-06 16:29 UTC, Jeremy Allison 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Magnus Mertens 2008-03-06 07:45:42 UTC 
Connecting with smbclient from a host which was locked out with the "hosts deny" parameter before on a Samba 3.2.0pre2 server the clientaccess works nevertheless. 
The same configuration with Samba 3.0.28 works well.

the serverside (smbtest3):
****
smbtest3:~ # testparm /etc/sambatest/smb.conf.hostsdeny
Load smb config files from /etc/sambatest/smb.conf.hostsdeny
Processing section "[test]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
        workgroup = LINUX
        netbios name = SAMBATEST

[test]
        path = /tmp
        read only = No
        hosts deny = 172.16.13.1
****

****
smbtest3:~ # testparm /etc/sambatest/smb.conf.hostsdeny localhost 172.16.13.1
Load smb config files from /etc/sambatest/smb.conf.hostsdeny
Processing section "[test]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Deny connection from localhost (172.16.13.1) to test
*****

*****
smbtest3:~ # ps auxf | grep smbd
root     25777  0.0  0.2   1884   624 pts/0    S+   14:43   0:00          \_ grep smbd
root     25617  0.0  1.2  11776  3228 ?        Ss   14:28   0:00 smbd -s /etc/sambatest/smb.conf.hostsdeny
root     25618  0.0  0.4  11776  1100 ?        S    14:28   0:00  \_ smbd -s /etc/sambatest/smb.conf.hostsdeny
smbtest3:~ # 
*****


clientside (smbtest2):

*****
smbtest1:~# ifconfig  | grep "inet addr"
          inet addr:172.16.13.1  Bcast:172.16.13.0  Mask:255.240.0.0
          inet addr:127.0.0.1  Mask:255.0.0.0
*****

*****
smbtest1:~# smbclient //172.16.13.3/test -Uroot -c 'dir'
Password: 
Domain=[SAMBATEST] OS=[Unix] Server=[Samba 3.2.0pre2-SerNet-SuSE]
  .                                   D        0  Thu Mar  6 14:45:01 2008
  ..                                  D        0  Mon Jul 23 17:11:46 2007
  cif                                 D        0  Mon Sep 25 23:27:32 2006
  new                                 D        0  Mon Mar  3 09:51:16 2008
******


smbtest3 smbstatus at the access time:
*****
Samba version 3.2.0pre2-SerNet-SuSE
PID     Username      Group         Machine                        
-------------------------------------------------------------------
25865     root          root          smbtest1     (::ffff:172.16.13.1)

Service      pid     machine       Connected at
-------------------------------------------------------
test         25865   smbtest1      Thu Mar  6 14:48:37 2008

No locked files
***********
Comment 1 Jeremy Allison 2008-03-06 15:54:01 UTC 
Reproduced this. It's an IPv6 issue with the incoming address being returned as ::ffff:A.B.C.D and the smb.conf parameter being A.B.C.D. String match is failing. I'll fix this.

Jeremy.
Comment 2 Jeremy Allison 2008-03-06 16:29:49 UTC 
Created attachment 3163 [details]
Patch

This patch fixes the problem for me. I'd appreciate it if you'd try more complex allow/deny settings to make sure I got this right. Thanks,
Jeremy.
Comment 3 Magnus Mertens 2008-03-07 09:37:13 UTC 
Hi Jeremy,

thanks, your patches fixes the problem for me too. I tried out some different confgurations with hosts deny and allow with success.

Magnus
Comment 4 Jeremy Allison 2008-03-07 11:02:02 UTC 
Confirmed fixed by submitter.
Thanks,
Jeremy.