On Mon, Jun 27, 2011 at 10:41:03AM +0200, Anders Norrbring wrote:

...

Hi.. I’m trying to make smbd to follow symlinks on a machine based on openSUSE 11.4 x86_64, in my smb.conf I have this for the share in question:

[global]         workgroup = norrbring         passdb backend = tdbsam         printing = cups         printcap name = cups         printcap cache time = 750         cups options = raw         map to guest = Bad User         include = /etc/samba/dhcp.conf         logon path = \\%L\profiles\.msprofile         logon home = \\%L\%U\.9xprofile         logon drive = P:         usershare allow guests = No         add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s /bin/false %m$         domain logons = No         domain master = No         security = user

[WEBsites]         follow symlinks = yes         comment = My websites         guest ok = No         inherit acls = Yes         path = /srv         read only = No         valid users = anders         force user = root         force create mode = 0644         create mask = 0000

It doesn’t work neither from WinXP nor Win 7, any ideas on what I’m doing wrong? I’m getting an access error whenever I try to open a symlink, and I’ve tried to set the target directory for the symlink to 777 just to try, no luck.

smbd is protected by apparmor, perhaps its rules trigger.

Use

complain /usr/sbin/smbd to switch the smbd profile to complain mode and run logprof.

Ciao, Marcus

Marcus, it can't be.. I don't even have AppArmor installed on that machine. But I found a hint when googling on this problem, apparently I should add "unix extensions = no". But as what I understand it also adds a risk using it. Anders. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

On 6/27/2011 2:10 AM, Anders Norrbring wrote:

...

������� usershare allow guests = No

Is this somehow involved Anders?

Its new as of 3.0.23.

--

I don't think so as I connect to the share as user "anders" and have full access to everything below the share. I've tested with both Yes and No, still the same problem. It's only the symlink that doesn't work. And of course "anders" is added with correct password with both "passwd" and "smbpasswd". -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

On Mon, 2011-06-27 at 10:41 +0200, Anders Norrbring wrote:

...

Hi.. I’m trying to make smbd to follow symlinks on a machine based on openSUSE 11.4 x86_64, in my smb.conf I have this for the share in question:

(a) this is a bad idea (b) man smb.conf --> "wide links"

<QUOTE> This parameter controls whether or not links in the UNIX file system may be followed by the server. Links that point to areas within the directory tree exported by the server are always allowed; this parameter controls access only to areas that are outside the directory tree being exported. </QUOTE>

The symlink does point outside the exported tree. The export is /srv/www and the symlink is /srv/www/homes which points to /home Anyway, I tried setting this in the global section: unix extensions = no follow symlinks = yes as well as follow symlinks = yes in the share config. I still can't access the symlinked directory from /srv/www so the question is if there's a bug in openSUSE's implementation of the samba server. Anders. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org