[Qemu-devel] Fix SMB security configuration on newer samba versions

[Qemu-devel] Fix SMB security configuration on newer samba versions

[Michael Büsch]

[-- Attachment #1: Type: text/plain, Size: 984 bytes --]

The following changes fix the samba security configuration on
newer samba versions.

samba version 4.0.10-Debian throws this warning:

>   WARNING: Ignoring invalid value 'share' for parameter 'security'

Which makes it fall back to security=user without guest login.

Fix this by selecting 'user' explicitly and mapping unknown users to guest logins.

Signed-off-by: Michael Buesch <m@bues.ch>

---
Index: qemu-1.6.1/net/slirp.c
===================================================================
--- qemu-1.6.1.orig/net/slirp.c	2013-10-09 21:20:32.000000000 +0200
+++ qemu-1.6.1/net/slirp.c	2013-10-21 13:49:39.918960448 +0200
@@ -529,7 +529,8 @@
             "state directory=%s\n"
             "log file=%s/log.smbd\n"
             "smb passwd file=%s/smbpasswd\n"
-            "security = share\n"
+            "security = user\n"
+            "map to guest = Bad User\n"
             "[qemu]\n"
             "path=%s\n"
             "read only=no\n"

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

Re: [Qemu-devel] Fix SMB security configuration on newer samba versions

[Amos Kong]

On Mon, Oct 21, 2013 at 7:50 PM, Michael Büsch <m@bues.ch> wrote:
> The following changes fix the samba security configuration on
> newer samba versions.
>
> samba version 4.0.10-Debian throws this warning:
>
>>   WARNING: Ignoring invalid value 'share' for parameter 'security'
>
> Which makes it fall back to security=user without guest login.
>
> Fix this by selecting 'user' explicitly and mapping unknown users to guest logins.
>
> Signed-off-by: Michael Buesch <m@bues.ch>
>
> ---
> Index: qemu-1.6.1/net/slirp.c
> ===================================================================
> --- qemu-1.6.1.orig/net/slirp.c 2013-10-09 21:20:32.000000000 +0200
> +++ qemu-1.6.1/net/slirp.c      2013-10-21 13:49:39.918960448 +0200
> @@ -529,7 +529,8 @@
>              "state directory=%s\n"
>              "log file=%s/log.smbd\n"
>              "smb passwd file=%s/smbpasswd\n"
> -            "security = share\n"
> +            "security = user\n"
> +            "map to guest = Bad User\n"

does this still work with old samba?

>              "[qemu]\n"
>              "path=%s\n"
>              "read only=no\n"

Re: [Qemu-devel] Fix SMB security configuration on newer samba versions

[Michael Büsch]

[-- Attachment #1: Type: text/plain, Size: 797 bytes --]

On Sun, 27 Oct 2013 18:50:18 +0800
Amos Kong <kongjianjun@gmail.com> wrote:

> > Index: qemu-1.6.1/net/slirp.c
> > ===================================================================
> > --- qemu-1.6.1.orig/net/slirp.c 2013-10-09 21:20:32.000000000 +0200
> > +++ qemu-1.6.1/net/slirp.c      2013-10-21 13:49:39.918960448 +0200
> > @@ -529,7 +529,8 @@
> >              "state directory=%s\n"
> >              "log file=%s/log.smbd\n"
> >              "smb passwd file=%s/smbpasswd\n"
> > -            "security = share\n"
> > +            "security = user\n"
> > +            "map to guest = Bad User\n"
> 
> does this still work with old samba?


I didn't test it on anything older.

I'd appreciate if somebody on the list with an older version could try it.

-- 
Michael.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 836 bytes --]