samba cluster active-active configuration.
Hi all, Sorry for posting this one here, I guess it is a bit out of topic, But I tried about 4 or 5 other mailing lists - no luck yet. I'm trying to configure my samba on a RedHat AS 2.1, to run in an active-active configuration. The Red Hat Cluster Manager Installation and Administration Guide says on chapter 6.2 : Allows the setup of an active-active configuration to maximize equipment utilization. More details on active-active configurations appear below. But - no luck for me :-) , because no such details appear below... My questions are: 1. How do I make samba run in active-active configuration ? 2. What happens to nmbd - which node runs this one ? (I guess both of them can't) 3. Should the netbios name be the same for both nodes ? Is there an netbios name alias option so both nodes will be accessed by same netbios name ? 4. In case I use security = domain, and my node names are RHCLU0 and RHCLU1 , should I add both of them as a computer account in my domain ? Do I also need an alias for them ? Your help is appreciated Nir
Question - Latest security alery of samba
Hi all, Just wanted to know if the latest security alert is all about quotas.c. An upgrade (for me) is a bit problematic at the moment. If I patch this specific source code myself and recompile smbd - is it (basically) enough ? Thanks, Nir
RE: Question - Latest security alery of samba
I've read the announcement carefully. The announcement does not point a specific threat in the samba code. It mentions that This version of Samba adds explicit overrun and overflow checks on fragment re-assembly of SMB/CIFS packets to ensure that only valid re-assembly is performed by smbd. It also mentions that samba is highly vulnerable to attacks from an external network, And that 1. host based protection 2. interface protection 3. Using a firewall 4. Using a IPC$ share deny May reduce vulnerability to such attacks. There is no access to my samba servers from the internet, but I would like to know more about this security issue - specially, which source codes are involved. (SMB client code is currently no issue for me) Any list of affected source files would be appreciated. Thanks, Nir -Original Message- From: Alexander Bokovoy [mailto:[EMAIL PROTECTED] Sent: Sunday, March 16, 2003 4:31 PM To: Nir Livni; [EMAIL PROTECTED] Subject: Re: Question - Latest security alery of samba On Sun, Mar 16, 2003 at 04:27:04PM +0200, Nir Livni wrote: Hi all, Just wanted to know if the latest security alert is all about quotas.c. An upgrade (for me) is a bit problematic at the moment. If I patch this specific source code myself and recompile smbd - is it (basically) enough ? No, it is not all about quotas.c. Please read carefully announcement. You will also find there some suggestions how to make break harder in mean time, when you are working on upgrade. The upgrade is really required. -- / Alexander Bokovoy Samba Team http://www.samba.org/ ALT Linux Team http://www.altlinux.org/ Midgard Project Ry http://www.midgard-project.org/
RE: Question - Latest security alery of samba
:-) I guess my only proof could be Jeremy. Jeremy knows me a bit. I gave him a little help with one of the latest fixes in 2.2.8 (delete on close). Appreciate your help, Nir Livni -Original Message- From: Richard Sharpe [mailto:[EMAIL PROTECTED] Sent: Sunday, March 16, 2003 8:06 PM To: Nir Livni Cc: [EMAIL PROTECTED] Subject: RE: Question - Latest security alery of samba On Sun, 16 Mar 2003, Nir Livni wrote: I've read the announcement carefully. The announcement does not point a specific threat in the samba code. It mentions that This version of Samba adds explicit overrun and overflow checks on fragment re-assembly of SMB/CIFS packets to ensure that only valid re-assembly is performed by smbd. It also mentions that samba is highly vulnerable to attacks from an external network, And that 1. host based protection 2. interface protection 3. Using a firewall 4. Using a IPC$ share deny May reduce vulnerability to such attacks. There is no access to my samba servers from the internet, but I would like to know more about this security issue - specially, which source codes are involved. (SMB client code is currently no issue for me) Any list of affected source files would be appreciated. How can we be sure that you are not a script-kiddie? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
delete on close problems
Title: Message I've noticed that if user A has opened a filewith GENERIC_READ , SHARE_READ | SHARE_DELETE , FILE_FLAG_DELETE_ON_CLOSE then user B cannot open the file for reading. samba will return error code : NT_STATUS_DELETE_PENDING, and it is mentioned in the code that - "this is a nasty hack, but necessary until we rewrite our open handling to use a NTCreateX call as the basic call. NT may open a file with neither read nor write access, and in this case it expects the open not to conflict with any existing deny modes. This happens (for example) during a "xcopy /o" where the second file descriptor is used for ACL sets (tridge)" BUT if user B opens the file for read (and SHARE_READ | SHARE_DELETE) and only then user A opens the file for DELETE_ON_CLOSE, both open requests succeed. 1. Is this behaviour normal ? 2. Could it be that in scenario similar to scenario B a file will be deleted by the user that hasn't opened it to DELETE_ON_CLOSE ? I'm asking that because I had two users messing up with the same excel file, and it was deleted ... Thanks, Nir
RE: delete on close problems(Content Filtered by PrivateArk)
Samba does not allow user B to open the file for read after user A has opened it for delete_on_close. NT/2K server allows it. My question is why samba allows user A to open delete_on_close after user B opens for read, And does not allow user B open for read after user A opens for delete_on_close. -Original Message- From: Simo Sorce [mailto:[EMAIL PROTECTED]] Sent: Monday, January 06, 2003 3:03 PM To: Nir Livni Cc: [EMAIL PROTECTED] Subject: Re: delete on close problems(Content Filtered by PrivateArk) On Mon, 2003-01-06 at 13:48, Nir Livni wrote: if user B opens the file for read (and SHARE_READ | SHARE_DELETE) and only then user A opens the file for DELETE_ON_CLOSE, both open requests succeed. 1. Is this behaviour normal ? Unfortunately there's no way to tell something is normal if not testing the same against an NT/2k server. If the same happens there, then it is normal. Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 Attachment signature.asc cannot reside in virus free safe, file deleted.
delete on close problems - more info
Title: Message It also seems that if user A opens a file, and after a while calls trans2setpathinfo or trans2setfileinfo and sets the DELETE_ON_CLOSE flags, then when user B closes that file (user B did NOT open it to delete on close) the file will be deleted. -Original Message-From: Nir Livni Sent: Monday, January 06, 2003 2:49 PMTo: '[EMAIL PROTECTED]'Subject: delete on close problems I've noticed that if user A has opened a filewith GENERIC_READ , SHARE_READ | SHARE_DELETE , FILE_FLAG_DELETE_ON_CLOSE then user B cannot open the file for reading. samba will return error code : NT_STATUS_DELETE_PENDING, and it is mentioned in the code that - "this is a nasty hack, but necessary until we rewrite our open handling to use a NTCreateX call as the basic call. NT may open a file with neither read nor write access, and in this case it expects the open not to conflict with any existing deny modes. This happens (for example) during a "xcopy /o" where the second file descriptor is used for ACL sets (tridge)" BUT if user B opens the file for read (and SHARE_READ | SHARE_DELETE) and only then user A opens the file for DELETE_ON_CLOSE, both open requests succeed. 1. Is this behaviour normal ? 2. Could it be that in scenario similar to scenario B a file will be deleted by the user that hasn't opened it to DELETE_ON_CLOSE ? I'm asking that because I had two users messing up with the same excel file, and it was deleted ... Thanks, Nir
RE: delete on close problems(Content Filtered by PrivateArk)
I've been tryin' to do this with Win2K. Here are the results: Scenario: User A opens for delete on close, and then user B opens for read Samba: User B fails Win2K: User B successful I used win2k clients that run CreateFile(GENERIC_READ ,... , SHARE_READ | SHARE_DELETE ,..., FILE_DELETE_ON_CLOSE , ...) for user A CreateFile(GENERIC_READ ,... , SHARE_READ | SHARE_DELETE ,..., 0 , ...) for user B THEY DO NOT BEHAVE THE SAME WAY! Now, the second thing is, if we take a DIFFERENT scenario, Where user A opens for read Then user B opens for read Then user A causes trans2setpathinfo and sets the delete_on_close bit in samba When user B closes the file, it MIGHT be deleted, although user B did not open it for delete on close, because the check For delete_on_close relies on the share_entry, and it does not check if the pid that marked delete_on_close is the pid that now closes the file. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, January 06, 2003 7:00 PM To: Nir Livni Cc: 'Simo Sorce'; [EMAIL PROTECTED] Subject: Re: delete on close problems(Content Filtered by PrivateArk) On Mon, Jan 06, 2003 at 03:14:51PM +0200, Nir Livni wrote: Samba does not allow user B to open the file for read after user A has opened it for delete_on_close. NT/2K server allows it. My question is why samba allows user A to open delete_on_close after user B opens for read, And does not allow user B open for read after user A opens for delete_on_close. Because that's what W2K does :-). Seriously, check out the torture tester which tries to determine the exact delete-on-close semantics. Samba just mimics the W2K ones. Jeremy.