[Bug 1939968] Re: Directory traversal permission not respected even with noperm
** Description changed: I'm trying to mount a Samba share on an Ubuntu system. Both server and client are Ubuntu machines. On the server, the directory shared (outer directory) belongs to a user different from mine, but the owner of the outer directory has granted everyone traverse permission (chmod 0711, basically) to access an inner directory, of which I have been given read access (using setfacl, rx permission). When I am running as myself locally on the server, I can access the inner directory. I can also do so logging in as myself from a Windows machine and accessing the inner directory. However, when accessing the inner directory via an Ubuntu client, I get permission denied even with `noperm` set (but expected this to succeed, exactly like the Windows client.) I have tried to distil this down into a reproduce script which can be run on a single machine: # Install dependencies sudo apt install --yes samba cifs-utils sudo smbpasswd -a $USER # Add a password # Set up shares mkdir ~/samba sudo mkdir -p ~/samba/outer/inner sudo chmod 0711 ~/samba/outer ~/samba/outer/inner sudo setfacl -m u:$USER:rx ~/samba/outer/inner cat <<-SAMBA | sudo tee -a /etc/samba/smb.conf [test] path = $HOME/samba browseable = yes read only = no guest ok = no SAMBA sudo systemctl restart smbd nmbd # Mount the share sudo mkdir /media/$USER sudo chown $USER /media/$USER mkdir /media/$USER/samba sudo mount //localhost/test /media/$USER/samba -t cifs -o vers=3.1.1,user=$USER,noperm # Test local access ls -la ~/samba ~/samba/outer ~/samba/outer/inner # ~/samba lists fine, ~/samba/outer Permission denied, ~/samba/outer/inner lists fine. # Test mount access - ls -la /media/$USER/samba /media/$USER/samba/outer /media/$USER/samba/outer/inner # /media/$USER/samba lists fine, others Permission denied + ls -la /media/$USER/samba /media/$USER/samba/outer /media/$USER/samba/outer/inner # /media/$USER/samba lists fine, others Permission denied (inner should have listed fine) # On a Windows machine net use T: \\\test /User:$USER * dir T:\ # OK dir T:\outer # File not found dir T:\outer\inner # OK I have run this script on a fresh Ubuntu 21.04 desktop install and observed this behaviour. However, the trigger for this investigation was observed on an Ubuntu 20.04.2 server install (both server and client). lsb_release -rd: Ubuntu 21.04 uname -srv: Linux 5.11.0-25-generic #27-Ubuntu SMP Fri Jul 9 23:06:29 UTC 2021 cifs-utils package version: 2:6.11-1ubuntu1 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1939968 Title: Directory traversal permission not respected even with noperm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1939968/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1939968] Re: Directory traversal permission not respected even with noperm
(I've tried to figure out how to attach an `ubuntu-bug` report, but since this isn't exactly a bug with a specific program, I don't know what to do in that circumstance. Guidance would be much appreciated.) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1939968 Title: Directory traversal permission not respected even with noperm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1939968/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1939968] [NEW] Directory traversal permission not respected even with noperm
Public bug reported: I'm trying to mount a Samba share on an Ubuntu system. Both server and client are Ubuntu machines. On the server, the directory shared (outer directory) belongs to a user different from mine, but the owner of the outer directory has granted everyone traverse permission (chmod 0711, basically) to access an inner directory, of which I have been given read access (using setfacl, rx permission). When I am running as myself locally on the server, I can access the inner directory. I can also do so logging in as myself from a Windows machine and accessing the inner directory. However, when accessing the inner directory via an Ubuntu client, I get permission denied even with `noperm` set (but expected this to succeed, exactly like the Windows client.) I have tried to distil this down into a reproduce script which can be run on a single machine: # Install dependencies sudo apt install --yes samba cifs-utils sudo smbpasswd -a $USER # Add a password # Set up shares mkdir ~/samba sudo mkdir -p ~/samba/outer/inner sudo chmod 0711 ~/samba/outer ~/samba/outer/inner sudo setfacl -m u:$USER:rx ~/samba/outer/inner cat <<-SAMBA | sudo tee -a /etc/samba/smb.conf [test] path = $HOME/samba browseable = yes read only = no guest ok = no SAMBA sudo systemctl restart smbd nmbd # Mount the share sudo mkdir /media/$USER sudo chown $USER /media/$USER mkdir /media/$USER/samba sudo mount //localhost/test /media/$USER/samba -t cifs -o vers=3.1.1,user=$USER,noperm # Test local access ls -la ~/samba ~/samba/outer ~/samba/outer/inner # ~/samba lists fine, ~/samba/outer Permission denied, ~/samba/outer/inner lists fine. # Test mount access ls -la /media/$USER/samba /media/$USER/samba/outer /media/$USER/samba/outer/inner # /media/$USER/samba lists fine, others Permission denied (inner should have listed fine) # On a Windows machine net use T: \\\test /User:$USER * dir T:\ # OK dir T:\outer # File not found dir T:\outer\inner # OK I have run this script on a fresh Ubuntu 21.04 desktop install and observed this behaviour. However, the trigger for this investigation was observed on an Ubuntu 20.04.2 server install (both server and client). lsb_release -rd: Ubuntu 21.04 uname -srv: Linux 5.11.0-25-generic #27-Ubuntu SMP Fri Jul 9 23:06:29 UTC 2021 cifs-utils package version: 2:6.11-1ubuntu1 ** Affects: cifs-utils (Ubuntu) Importance: Undecided Status: New ** Description changed: I'm trying to mount a Samba share on an Ubuntu system. Both server and client are Ubuntu machines. On the server, the directory shared (outer directory) belongs to a user different from mine, but the owner of the outer directory has granted everyone traverse permission (chmod 0711, basically) to access an inner directory, of which I have been given read access (using setfacl, rx permission). When I am running as myself locally on the server, I can access the inner directory. I can also do so logging in as myself from a Windows machine and accessing the inner directory. However, when accessing the inner directory via an Ubuntu client, I get permission denied even with `noperm` set (but expected this to succeed, exactly like the Windows client.) - I have tried to distil this down into a reproduce script: + I have tried to distil this down into a reproduce script which can be + run on a single machine: # Install dependencies sudo apt install --yes samba cifs-utils sudo smbpasswd -a $USER # Add a password # Set up shares mkdir ~/samba sudo mkdir -p ~/samba/outer/inner sudo chmod 0711 ~/samba/outer ~/samba/outer/inner sudo setfacl -m u:$USER:rx ~/samba/outer/inner cat <<-SAMBA | sudo tee -a /etc/samba/smb.conf [test] - path = $HOME/samba - browseable = yes - read only = no - guest ok = no + path = $HOME/samba + browseable = yes + read only = no + guest ok = no SAMBA sudo systemctl restart smbd nmbd # Mount the share sudo mkdir /media/$USER sudo chown $USER /media/$USER/samba - sudo mount //localhost/test /media/$USER/samba -t cifs -o vers=3.1.1,user=$USER,noperm + sudo mount //localhost/test /media/$USER/samba -t cifs -o vers=3.1.1,user=$USER,noperm # Test local access ls -la ~/samba ~/samba/outer ~/samba/outer/inner # ~/samba lists fine, ~/samba/outer Permission denied, ~/samba/outer/inner lists fine. # Test mount access ls -la /media/$USER/samba /media/$USER/samba/outer /media/$USER/samba/outer/inner # /media/$USER/samba lists fine, others Permission denied # On a Windows machine net use T: \\\test /User:$USER * dir T:\ # OK dir T:\outer # File not found dir T:\outer\inner # OK I have run this script on a fresh Ubuntu 21.04 desktop install and observed this behaviour. However, the trigger for this investigation was observed on an Ubuntu 20.04.2 server install (both server and client). lsb_release -rd: Ubuntu 21.04 uname -srv: Linux 5.11.0-25-generic #27-Ubuntu SMP Fri Jul 9
[Bug 1751294] Re: Kernel linux-image-4.4.0-112-generic prevent the boot on Microsoft Hyper-v 2016 Gen2 VM
This seems to be a duplicate of https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1745349 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1751294 Title: Kernel linux-image-4.4.0-112-generic prevent the boot on Microsoft Hyper-v 2016 Gen2 VM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta-lts-xenial/+bug/1751294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1751294] Re: Kernel linux-image-4.4.0-112-generic prevent the boot on Microsoft Hyper-v 2016 Gen2 VM
I'm not sure if this is the cause or a red herring, but I found this on one of the machines which got stuck on boot. Other instances usually don't print anything. ** Attachment added: "Untitled2.png" https://bugs.launchpad.net/ubuntu/+source/linux-meta-lts-xenial/+bug/1751294/+attachment/5082309/+files/Untitled2.png -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1751294 Title: Kernel linux-image-4.4.0-112-generic prevent the boot on Microsoft Hyper-v 2016 Gen2 VM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta-lts-xenial/+bug/1751294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1751294] Re: Kernel linux-image-4.4.0-112-generic prevent the boot on Microsoft Hyper-v 2016 Gen2 VM
I see the same behaviour, but I'm not sure if the cause is the same, on 4.4.0-112-generic and 4.4.0-116-generic. In my case, the VM remains responsive for a variable amount of time. Sometimes it works long enough to login via SSH, at other times it does not get to the login screen. In almost all circumstances I cannot see what is wrong with the system (nothing gets printed to screen), and I see the VM use up all available CPUs. Likewise, the only way to get out of that is to do a hard reset. Booting with 4.4.0-109 never gives this problem. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1751294 Title: Kernel linux-image-4.4.0-112-generic prevent the boot on Microsoft Hyper-v 2016 Gen2 VM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta-lts-xenial/+bug/1751294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs