Bug 5930 - A user lost access to his home directory if he removes directory from the root directory of his home directory
Summary: A user lost access to his home directory if he removes directory from the roo...
Status: RESOLVED WORKSFORME
Alias: None
Product: Samba 3.3
Classification: Unclassified
Component: Domain Control (show other bugs)
Version: 3.3.9
Hardware: x86 FreeBSD
: P3 major
Target Milestone: ---
Assignee: Volker Lendecke
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-01 05:59 UTC by docker (dead mail address)
Modified: 2011-03-03 01:26 UTC (History)
1 user (show)

See Also:


Attachments
smbd.log file related to this bug (192.72 KB, text/plain)
2009-02-03 06:44 UTC, docker (dead mail address)
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description docker (dead mail address) 2008-12-01 05:59:11 UTC
Hello,

I see one problem on 3.2.4 and 3.0.32.

My Samba server is responsible for domain logons, users home
directories.  Settings of all users are saved in LDAP.

For security reasons smb.conf has "follow symlinks = no".

A user logins to Windows Server 2003, enters to the domain and
has access to his home directory, available as z:\ on Windows
server.  Now, a user creates a directory z:\dir and then removes
it, and lost access to his home directory.

Samba log says:

[2008/12/01 13:28:42,  1] smbd/vfs.c:check_reduced_name(921)
  reduce_name: couldn't get realpath for .

If a user just tries to see properties of its home directory,
then Windows Server mounts it again.

This problem does not exist with z:\dir\subdir and z:\file.

If smb.conf has "follow symlinks = yes", then this problem does
not exist.  But in my environment such settings are unacceptable.

I've just created one public share (available as y:\) and repeated
the same with it and there is no any problem with removing y:\dir
directories by domain users.

Here is my configuration:

[global]
    netbios name = LABSERVER
    workgroup = LAB
    server string = LABSERVER Samba Server
    interfaces = 127.0.0.1 10.1.2.1
    bind interfaces only = yes
    security = user
    os level = 255
    domain master = yes
    local master = yes
    preferred master = yes
    hosts allow = 127.0.0.1 10.1.2.2
    load printers = no
    domain logons = yes
    passdb backend = ldapsam:ldapi:///
    ldap suffix = o=lab
    ldap user suffix = ou=users
    ldap group suffix = ou=groups
    ldap machine suffix = ou=users
    ldap admin dn = "cn=adminsamba,o=lab"
    ldap delete dn = no
    ldap passwd sync = yes

    guest account = guest
    max log size = 5000

    follow symlinks = no

    unix charset = koi8-r
    dos charset = CP866

[public]
    comment = Public Share
    path = /home/samba/public
    guest ok = yes
    writeable = yes

[homes]
    browsable = no
    writeable = yes
    path = %H/.Windows/home

[profiles]
    browsable = no
    writeable = yes
    path = %H/.Windows/profile
Comment 1 docker (dead mail address) 2009-01-24 04:47:57 UTC
The same issue exists with 3.2.7.
Comment 2 Volker Lendecke 2009-01-24 05:50:06 UTC
Please send a full debug level 10 log of smbd leading to this error.

Thanks,

Volker
Comment 3 docker (dead mail address) 2009-02-03 06:44:07 UTC
Created attachment 3909 [details]
smbd.log file related to this bug
Comment 4 docker (dead mail address) 2009-02-03 06:47:10 UTC
Thanks for reply.  A part of smbd.log file is in attachment: a user creates z:\superdir, then removes z:\superdir (z:\ is his home directory). A user was the only one user on Windows (I connected to Windows via remote desktop).
Comment 5 docker (dead mail address) 2009-03-18 11:31:02 UTC
The same situation with 3.3.2.
Comment 6 docker (dead mail address) 2009-04-25 09:04:28 UTC
The same situation with 3.3.3.
Comment 7 docker (dead mail address) 2009-06-06 04:48:31 UTC
I have just installed 3.3.4 and situation is absolutely the same: a user lost access to his home directory if he removes directory from his home root directory. The log message is also the same.
Comment 8 docker (dead mail address) 2009-07-03 05:01:32 UTC
Version 3.3.6 gives the same result.

I also changed:

[homes]
    ...
    path = %H

[profiles]
    ...
    path = %H

But again bug still exists.

On my server the .Windows directory has FreeBSD's
"system immutable" flag for each user and I wanted
to verify whether this bug is related to this flag).
Comment 9 docker (dead mail address) 2009-09-03 04:45:06 UTC
The same bug in 3.3.7.
Comment 10 Volker Lendecke 2009-09-07 18:06:05 UTC
What is the LDAP field "sambaHomePath" for the user in question?

Volker
Comment 11 docker (dead mail address) 2009-09-09 04:40:13 UTC
All users have the same value for sambaHomePath and sambaProfilePath:

sambaHomePath=\\LABSERVER\homes
sambaProfilePath=\\LABSERVER\profiles

With this configuration I do not see any other problem in my environment.
Comment 12 docker (dead mail address) 2009-10-12 04:27:32 UTC
See the same issue with 3.3.8.
Comment 13 docker (dead mail address) 2009-10-24 07:46:32 UTC
Enabling symlinks and disabling wide links do not help.
This configuration gives the same problem:

follow symlinks = yes
wide links = no

Path to a user home directory does not have any symlinks.
Comment 14 docker (dead mail address) 2010-02-09 05:22:24 UTC
I upgraded Samba to version 3.4.5 and the problem described in
this bug report disappeared.
Comment 15 Björn Jacke 2011-03-03 01:26:40 UTC
close this out - never seen this effect in any setup and fortunately it also works for you since 3.4.