[Qemu-devel] [patch] make '-smb $HOME' work
The most common use case for the '-smb' option may be '-smb $HOME'. There is a problem with this case: Windows attempts to connect as user nobody. Smbd allows the connection -- unfortunately, it also maps the nobody accesses to the host's nobody account, so all write accesses fail. How are people using '-smb'? Am I the only person that runs into this? One lame workaround is to point '-smb' at an area on /tmp that everybody, including nobody, has access to. The problem happens with a Windows 2000 guest, and maybe other NT derivatives. This patch sets up smbd to only allow guest access from Windows, and no other access. (I suspect and hope that smbd can coax any version of Windows into doing a guest access, by rejecting everything else. This is only tested with Win2K.) When smbd receives a guest access, it maps that onto the account of the same user who is running qemu. This fixes the common, personal use, '-smb $HOME' case. For more complicated cases, for example if you don't trust the guest, you may want to craft your own 'smb.conf' rather than relying on '-smb'. From a security standpoint, the patched '-smb' has no authentication to break, and it constrains smb access to a single user on the host. So while the gates are wide open to whatever directory you share, you at least know what you're getting. -- John --- qemu-0.7.2-dmapatch/vl.c2005-09-04 13:11:31.0 -0400 +++ qemu-0.7.2-broken/vl.c 2005-10-08 14:41:55.0 -0400 @@ -29,6 +29,8 @@ #include time.h #include errno.h #include sys/time.h +#include sys/types.h +#include pwd.h #ifndef _WIN32 #include sys/times.h @@ -1605,15 +1607,17 @@ log file=%s/log.smbd\n smb passwd file=%s/smbpasswd\n security = share\n + guest account=%s\n [qemu]\n path=%s\n read only=no\n -guest ok=yes\n, +guest only=yes\n, smb_dir, smb_dir, smb_dir, smb_dir, smb_dir, + getpwuid( geteuid( ) )-pw_name, exported_dir ); fclose(f); ___ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
Re: [Qemu-devel] [patch] make '-smb $HOME' work
Which smbd are you using? The one on debian sarge wants to have write access to some /var/run and /var/lib directories to coordinate locking. Because it gets run as a regular user, (and is not suid root), it winds up spitting out an error to the logfile and dying. It took me a while to figure this out, since there's no error message display by qemu. On Sat, Oct 08, 2005 at 03:30:36PM -0400, John Coiner wrote: The most common use case for the '-smb' option may be '-smb $HOME'. There is a problem with this case: Windows attempts to connect as user nobody. Smbd allows the connection -- unfortunately, it also maps the nobody accesses to the host's nobody account, so all write accesses fail. How are people using '-smb'? Am I the only person that runs into this? One lame workaround is to point '-smb' at an area on /tmp that everybody, including nobody, has access to. The problem happens with a Windows 2000 guest, and maybe other NT derivatives. This patch sets up smbd to only allow guest access from Windows, and no other access. (I suspect and hope that smbd can coax any version of Windows into doing a guest access, by rejecting everything else. This is only tested with Win2K.) When smbd receives a guest access, it maps that onto the account of the same user who is running qemu. This fixes the common, personal use, '-smb $HOME' case. For more complicated cases, for example if you don't trust the guest, you may want to craft your own 'smb.conf' rather than relying on '-smb'. From a security standpoint, the patched '-smb' has no authentication to break, and it constrains smb access to a single user on the host. So while the gates are wide open to whatever directory you share, you at least know what you're getting. -- John --- qemu-0.7.2-dmapatch/vl.c2005-09-04 13:11:31.0 -0400 +++ qemu-0.7.2-broken/vl.c 2005-10-08 14:41:55.0 -0400 @@ -29,6 +29,8 @@ #include time.h #include errno.h #include sys/time.h +#include sys/types.h +#include pwd.h #ifndef _WIN32 #include sys/times.h @@ -1605,15 +1607,17 @@ log file=%s/log.smbd\n smb passwd file=%s/smbpasswd\n security = share\n + guest account=%s\n [qemu]\n path=%s\n read only=no\n -guest ok=yes\n, +guest only=yes\n, smb_dir, smb_dir, smb_dir, smb_dir, smb_dir, + getpwuid( geteuid( ) )-pw_name, exported_dir ); fclose(f); ___ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel -- -- Troy Benjegerdes'da hozer'[EMAIL PROTECTED] Somone asked me why I work on this free (http://www.fsf.org/philosophy/) software stuff and not get a real job. Charles Shultz had the best answer: Why do musicians compose symphonies and poets write poems? They do it because life wouldn't have any meaning for them if they didn't. That's why I draw cartoons. It's my life. -- Charles Shultz ___ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
Re: [Qemu-devel] [patch] make '-smb $HOME' work
Troy Benjegerdes wrote: Which smbd are you using? The one on debian sarge wants to have write access to some /var/run and /var/lib directories to coordinate locking. Because it gets run as a regular user, (and is not suid root), it winds up spitting out an error to the logfile and dying. It took me a while to figure this out, since there's no error message display by qemu. I'm running smbd that came with slackware 10-dot-something... [EMAIL PROTECTED]:~$ /usr/sbin/smbd -V Version 3.0.14a It's not suid root either. The 'smb.conf' contains a lock directory entry, which (you would think!) tells smbd to use the temporary directory as the lock directory. Are you sure that smbd actually found and read the 'smb.conf' file which qemu generated? The qemu-generated 'smb.conf' file overrides all samba default paths in '/var' except for the utmp directory and wtmp directory parameters. Maybe your smbd was compiled with '--with-utmp' in which case you might need qemu to specify utmp directory and wtmp directory in 'smb.conf'. -- john ___ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
