From: Michael Tokarev <mjt@tls.msk.ru>
To: Peter Wu <peter@lekensteyn.nl>, qemu-devel@nongnu.org
Cc: qemu-trivial@nongnu.org, Jan Kiszka <jan.kiszka@siemens.com>
Subject: Re: [Qemu-trivial] [PATCH] slirp/smbd: disable printer in smb config
Date: Mon, 03 Nov 2014 17:15:24 +0300 [thread overview]
Message-ID: <54578DFC.3070807@msgid.tls.msk.ru> (raw)
In-Reply-To: <1415011930-1964-1-git-send-email-peter@lekensteyn.nl>
03.11.2014 13:52, Peter Wu wrote:
> The file sharing module should not handle printers, so disable it.
> The options 'load printers' and 'printing' have been available since the
> beginning (May 1996, commit 0e8fd3398771da2f016d72830179507f3edda51b).
> Option 'disable spoolss' is available since Samba 2.0.4, commit
> de5f42c9d9172592779fa2504d44544e3b6b1c0d).
>
> Next, "socket address" was reported as deprecated, use a combination of
> "interfaces" and "bind interfaces only" instead (available since October
> 1997, commit 79f4fb52c1ed56fd843f81b4eb0cdd2991d4d0f4).
>
> Override cache directory to avoid writing to a global directory. Option
> available since Samba 3.4.0, Jan 2009, commit
> 19a05bf2f485023b11b41dfae3f6459847d55ef7.
>
> Set "usershare max shared=0" to prevent a global directory from being
> used. Option available since Samba 3.0.23, February 2006, commit
> 5831715049f2d460ce42299963a5defdc160891b.
>
> The most recently option was introduced with Samba 3.4.0, but previously
> "state directory" was already added which exists in Samba 3.4.0. As
> unknown parameters are ignored (while printing a warning), it should be
> safe to add another option.
I think this all makes very good sense. Let's apply it to -trivial too,
for now anyway, -- if we'll ever decide to factor it out to a helper
script, that script will be more complete.
BTW, I'm not sure `socket address' paraameter is relevant in this context
at all, -- smbd should not use it in inetd mode. It'd be interesting to
know why this option is here to start with, and whenever we really need
the new interfaces/bind-interfacs-only replacement.
I picked it up for -trivial, and also Cc'ing Jan.
Thank you!
/mjt
> Signed-off-by: Peter Wu <peter@lekensteyn.nl>
> ---
> Hi,
>
> While trying to share a folder with a guest, I noticed that the option -net
> user,smb=... would time out in the guest due to an incompatibility with Samba 4
> (see also mailing list message "slirp-smb broken with Samba 4.1" from Jan Kiska
> and https://bugs.debian.org/747636). FYI, the bug is fixed in newer Samba
> (tested with samba-4.2.0rc1-388-ga3b333a).
>
> While trying to fix that, I found that Samba would try to communicate with CUPS.
> This patch disables that fixes some other paths as well. Looking through the
> smb.conf manual for "{prefix}", it seems that no other directory is forgotten
> now.
>
> As the inetd mode is broken, I work around by starting smbd with the generated
> config:
>
> smbd -s smb.conf -p 1337
>
> Then I forward the ports to the guest with (newline inserted for readability):
>
> -user net,
> guestfwd=tcp:0.0.0.0:139-cmd:'nc 127.0.0.1 1337',
> guestfwd=tcp:0.0.0.0:445-cmd:'nc 127.0.0.1 1337'
>
> This "works" but is certainly not optimal.
>
> Kind regards,
> Peter
> ---
> net/slirp.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/net/slirp.c b/net/slirp.c
> index c171119..bad427b 100644
> --- a/net/slirp.c
> +++ b/net/slirp.c
> @@ -523,15 +523,21 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
> fprintf(f,
> "[global]\n"
> "private dir=%s\n"
> - "socket address=127.0.0.1\n"
> + "interfaces=127.0.0.1\n"
> + "bind interfaces only=yes\n"
> "pid directory=%s\n"
> "lock directory=%s\n"
> "state directory=%s\n"
> + "cache directory=%s\n"
> "ncalrpc dir=%s/ncalrpc\n"
> "log file=%s/log.smbd\n"
> "smb passwd file=%s/smbpasswd\n"
> "security = user\n"
> "map to guest = Bad User\n"
> + "load printers = no\n"
> + "printing = bsd\n"
> + "disable spoolss = yes\n"
> + "usershare max shares = 0\n"
> "[qemu]\n"
> "path=%s\n"
> "read only=no\n"
> @@ -544,6 +550,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
> s->smb_dir,
> s->smb_dir,
> s->smb_dir,
> + s->smb_dir,
> exported_dir,
> passwd->pw_name
> );
>
WARNING: multiple messages have this Message-ID (diff)
From: Michael Tokarev <mjt@tls.msk.ru>
To: Peter Wu <peter@lekensteyn.nl>, qemu-devel@nongnu.org
Cc: qemu-trivial@nongnu.org, Jan Kiszka <jan.kiszka@siemens.com>
Subject: Re: [Qemu-devel] [Qemu-trivial] [PATCH] slirp/smbd: disable printer in smb config
Date: Mon, 03 Nov 2014 17:15:24 +0300 [thread overview]
Message-ID: <54578DFC.3070807@msgid.tls.msk.ru> (raw)
In-Reply-To: <1415011930-1964-1-git-send-email-peter@lekensteyn.nl>
03.11.2014 13:52, Peter Wu wrote:
> The file sharing module should not handle printers, so disable it.
> The options 'load printers' and 'printing' have been available since the
> beginning (May 1996, commit 0e8fd3398771da2f016d72830179507f3edda51b).
> Option 'disable spoolss' is available since Samba 2.0.4, commit
> de5f42c9d9172592779fa2504d44544e3b6b1c0d).
>
> Next, "socket address" was reported as deprecated, use a combination of
> "interfaces" and "bind interfaces only" instead (available since October
> 1997, commit 79f4fb52c1ed56fd843f81b4eb0cdd2991d4d0f4).
>
> Override cache directory to avoid writing to a global directory. Option
> available since Samba 3.4.0, Jan 2009, commit
> 19a05bf2f485023b11b41dfae3f6459847d55ef7.
>
> Set "usershare max shared=0" to prevent a global directory from being
> used. Option available since Samba 3.0.23, February 2006, commit
> 5831715049f2d460ce42299963a5defdc160891b.
>
> The most recently option was introduced with Samba 3.4.0, but previously
> "state directory" was already added which exists in Samba 3.4.0. As
> unknown parameters are ignored (while printing a warning), it should be
> safe to add another option.
I think this all makes very good sense. Let's apply it to -trivial too,
for now anyway, -- if we'll ever decide to factor it out to a helper
script, that script will be more complete.
BTW, I'm not sure `socket address' paraameter is relevant in this context
at all, -- smbd should not use it in inetd mode. It'd be interesting to
know why this option is here to start with, and whenever we really need
the new interfaces/bind-interfacs-only replacement.
I picked it up for -trivial, and also Cc'ing Jan.
Thank you!
/mjt
> Signed-off-by: Peter Wu <peter@lekensteyn.nl>
> ---
> Hi,
>
> While trying to share a folder with a guest, I noticed that the option -net
> user,smb=... would time out in the guest due to an incompatibility with Samba 4
> (see also mailing list message "slirp-smb broken with Samba 4.1" from Jan Kiska
> and https://bugs.debian.org/747636). FYI, the bug is fixed in newer Samba
> (tested with samba-4.2.0rc1-388-ga3b333a).
>
> While trying to fix that, I found that Samba would try to communicate with CUPS.
> This patch disables that fixes some other paths as well. Looking through the
> smb.conf manual for "{prefix}", it seems that no other directory is forgotten
> now.
>
> As the inetd mode is broken, I work around by starting smbd with the generated
> config:
>
> smbd -s smb.conf -p 1337
>
> Then I forward the ports to the guest with (newline inserted for readability):
>
> -user net,
> guestfwd=tcp:0.0.0.0:139-cmd:'nc 127.0.0.1 1337',
> guestfwd=tcp:0.0.0.0:445-cmd:'nc 127.0.0.1 1337'
>
> This "works" but is certainly not optimal.
>
> Kind regards,
> Peter
> ---
> net/slirp.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/net/slirp.c b/net/slirp.c
> index c171119..bad427b 100644
> --- a/net/slirp.c
> +++ b/net/slirp.c
> @@ -523,15 +523,21 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
> fprintf(f,
> "[global]\n"
> "private dir=%s\n"
> - "socket address=127.0.0.1\n"
> + "interfaces=127.0.0.1\n"
> + "bind interfaces only=yes\n"
> "pid directory=%s\n"
> "lock directory=%s\n"
> "state directory=%s\n"
> + "cache directory=%s\n"
> "ncalrpc dir=%s/ncalrpc\n"
> "log file=%s/log.smbd\n"
> "smb passwd file=%s/smbpasswd\n"
> "security = user\n"
> "map to guest = Bad User\n"
> + "load printers = no\n"
> + "printing = bsd\n"
> + "disable spoolss = yes\n"
> + "usershare max shares = 0\n"
> "[qemu]\n"
> "path=%s\n"
> "read only=no\n"
> @@ -544,6 +550,7 @@ static int slirp_smb(SlirpState* s, const char *exported_dir,
> s->smb_dir,
> s->smb_dir,
> s->smb_dir,
> + s->smb_dir,
> exported_dir,
> passwd->pw_name
> );
>
next prev parent reply other threads:[~2014-11-03 14:15 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-03 10:52 [Qemu-trivial] [PATCH] slirp/smbd: disable printer in smb config Peter Wu
2014-11-03 10:52 ` [Qemu-devel] " Peter Wu
2014-11-03 14:15 ` Michael Tokarev [this message]
2014-11-03 14:15 ` [Qemu-devel] [Qemu-trivial] " Michael Tokarev
2014-11-03 14:19 ` Michael Tokarev
2014-11-03 14:19 ` [Qemu-devel] " Michael Tokarev
2014-11-03 17:59 ` [Qemu-trivial] [Qemu-devel] " Peter Wu
2014-11-03 17:59 ` [Qemu-devel] [Qemu-trivial] " Peter Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54578DFC.3070807@msgid.tls.msk.ru \
--to=mjt@tls.msk.ru \
--cc=jan.kiszka@siemens.com \
--cc=peter@lekensteyn.nl \
--cc=qemu-devel@nongnu.org \
--cc=qemu-trivial@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.