Permissions issue after upgrade from 0.4.8 to 0.4.9

1. offizieller Beitrag

    I'm baffled.


    Yesterday I was running 0.4.8 and could access the NAS over the network from my Western Digital Live media player. The shares have the user nobody with read-only permissions (except for an upload folder with read-write) and no rights specified for the users I created, so that Samba allows anonymous access. And it worked beautifully.


    This morning I upgraded to 0.4.9 and suddenly the anonymous browsing is gone. From my computer I have to authenticate, and I couldn't get it to work yet from the media player.


    Any clues? :evil:

    • Offizieller Beitrag

    This is due a fixed bugreport. The problem now with public shares seems to be that Windows displays a login dialog as soon as there exists a linux user with the same name that you are using in your Windows system. The Samba docu says that SMB/CIFS submits the current username when connecting to a shared folder, thus SMB (on OMV) recognizes that there exists a linux user and now uses this for accessing the shared folder.


    http://www.samba.org/samba/doc…onf.5.html#VALIDATIONSECT
    http://www.samba.org/samba/doc…/smb.conf.5.html#SECURITY (security = user)


    I think this bug must be reopened, see http://bugtracker.openmediavault.org/view.php?id=681

    • Offizieller Beitrag

    As far as i understood the SMB mauals this is normal behaviour and can't be fixed without changing the security model. Note, the described behaviour only occurs if there is a linux user available with the same name that is send by the SMB request coming from Windows/client.


    Taken from the manuals:

    Code
    This is the default security setting in Samba 3.0. With user-level security a client must first "log-on" with a valid username and password (which can be mapped using the username map parameter). Encrypted passwords (see the encrypted passwords parameter) can also be used in this security mode. Parameters such as user and guest only if set	are then applied and may change the UNIX user to use on this connection, but only after the user has been successfully authenticated.


Note that the name of the resource being requested is not sent to the server until after the server has successfully authenticated the client. This is why guest shares don't work in user level security without allowing the server to automatically map unknown users into the guest account. See the map to guest parameter for details on doing this.


    To fix your problem you have to check if the user that is used to access the share has the correct privileges. Changing/setting the privileges for the given user fixes the problem on my test systems.

    Hm, okay. Issue is, I want to access the share anonymously from other computers as well as from the media player, and it doesn't work. From my Windows, I was prompted to enter my logon credentials despite the fact that my Windows account is defined on OMV and has the same password.


    [later edit] This is strange, I just had the box offline for a couple of hours, turned it back on and enabled NFS, connected from the media player with user anonymous, and it works. I'm just baffled.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden