* [Qemu-devel] [patch] make '-smb $HOME' work
@ 2005-10-08 19:30 John Coiner
2005-10-08 19:44 ` Troy Benjegerdes
0 siblings, 1 reply; 3+ messages in thread
From: John Coiner @ 2005-10-08 19:30 UTC (permalink / raw)
To: qemu-devel
The most common use case for the '-smb' option may be '-smb $HOME'.
There is a problem with this case:
Windows attempts to connect as user "nobody". Smbd allows the connection
-- unfortunately, it also maps the "nobody" accesses to the host's
"nobody" account, so all write accesses fail.
How are people using '-smb'? Am I the only person that runs into this?
One lame workaround is to point '-smb' at an area on /tmp that
everybody, including "nobody", has access to.
The problem happens with a Windows 2000 guest, and maybe other NT
derivatives.
This patch sets up smbd to only allow "guest" access from Windows, and
no other access. (I suspect and hope that smbd can coax any version of
Windows into doing a "guest" access, by rejecting everything else. This
is only tested with Win2K.) When smbd receives a guest access, it maps
that onto the account of the same user who is running qemu.
This fixes the common, personal use, '-smb $HOME' case. For more
complicated cases, for example if you don't trust the guest, you may
want to craft your own 'smb.conf' rather than relying on '-smb'. From a
security standpoint, the patched '-smb' has no authentication to break,
and it constrains smb access to a single user on the host. So while the
gates are wide open to whatever directory you share, you at least know
what you're getting.
-- John
--- qemu-0.7.2-dmapatch/vl.c 2005-09-04 13:11:31.000000000 -0400
+++ qemu-0.7.2-broken/vl.c 2005-10-08 14:41:55.000000000 -0400
@@ -29,6 +29,8 @@
#include <time.h>
#include <errno.h>
#include <sys/time.h>
+#include <sys/types.h>
+#include <pwd.h>
#ifndef _WIN32
#include <sys/times.h>
@@ -1605,15 +1607,17 @@
"log file=%s/log.smbd\n"
"smb passwd file=%s/smbpasswd\n"
"security = share\n"
+ "guest account=%s\n"
"[qemu]\n"
"path=%s\n"
"read only=no\n"
- "guest ok=yes\n",
+ "guest only=yes\n",
smb_dir,
smb_dir,
smb_dir,
smb_dir,
smb_dir,
+ getpwuid( geteuid( ) )->pw_name,
exported_dir
);
fclose(f);
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [patch] make '-smb $HOME' work
2005-10-08 19:30 [Qemu-devel] [patch] make '-smb $HOME' work John Coiner
@ 2005-10-08 19:44 ` Troy Benjegerdes
2005-10-08 20:15 ` John Coiner
0 siblings, 1 reply; 3+ messages in thread
From: Troy Benjegerdes @ 2005-10-08 19:44 UTC (permalink / raw)
To: qemu-devel
Which smbd are you using? The one on debian sarge wants to have write access
to some /var/run and /var/lib directories to coordinate locking. Because
it gets run as a regular user, (and is not suid root), it winds up
spitting out an error to the logfile and dying. It took me a while to
figure this out, since there's no error message display by qemu.
On Sat, Oct 08, 2005 at 03:30:36PM -0400, John Coiner wrote:
>
> The most common use case for the '-smb' option may be '-smb $HOME'.
>
> There is a problem with this case:
>
> Windows attempts to connect as user "nobody". Smbd allows the connection
> -- unfortunately, it also maps the "nobody" accesses to the host's
> "nobody" account, so all write accesses fail.
>
> How are people using '-smb'? Am I the only person that runs into this?
> One lame workaround is to point '-smb' at an area on /tmp that
> everybody, including "nobody", has access to.
>
> The problem happens with a Windows 2000 guest, and maybe other NT
> derivatives.
>
> This patch sets up smbd to only allow "guest" access from Windows, and
> no other access. (I suspect and hope that smbd can coax any version of
> Windows into doing a "guest" access, by rejecting everything else. This
> is only tested with Win2K.) When smbd receives a guest access, it maps
> that onto the account of the same user who is running qemu.
>
> This fixes the common, personal use, '-smb $HOME' case. For more
> complicated cases, for example if you don't trust the guest, you may
> want to craft your own 'smb.conf' rather than relying on '-smb'. From a
> security standpoint, the patched '-smb' has no authentication to break,
> and it constrains smb access to a single user on the host. So while the
> gates are wide open to whatever directory you share, you at least know
> what you're getting.
>
> -- John
>
>
>
> --- qemu-0.7.2-dmapatch/vl.c 2005-09-04 13:11:31.000000000 -0400
> +++ qemu-0.7.2-broken/vl.c 2005-10-08 14:41:55.000000000 -0400
> @@ -29,6 +29,8 @@
> #include <time.h>
> #include <errno.h>
> #include <sys/time.h>
> +#include <sys/types.h>
> +#include <pwd.h>
>
> #ifndef _WIN32
> #include <sys/times.h>
> @@ -1605,15 +1607,17 @@
> "log file=%s/log.smbd\n"
> "smb passwd file=%s/smbpasswd\n"
> "security = share\n"
> + "guest account=%s\n"
> "[qemu]\n"
> "path=%s\n"
> "read only=no\n"
> - "guest ok=yes\n",
> + "guest only=yes\n",
> smb_dir,
> smb_dir,
> smb_dir,
> smb_dir,
> smb_dir,
> + getpwuid( geteuid( ) )->pw_name,
> exported_dir
> );
> fclose(f);
>
>
>
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel
--
--------------------------------------------------------------------------
Troy Benjegerdes 'da hozer' hozer@hozed.org
Somone asked me why I work on this free (http://www.fsf.org/philosophy/)
software stuff and not get a real job. Charles Shultz had the best answer:
"Why do musicians compose symphonies and poets write poems? They do it
because life wouldn't have any meaning for them if they didn't. That's why
I draw cartoons. It's my life." -- Charles Shultz
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [patch] make '-smb $HOME' work
2005-10-08 19:44 ` Troy Benjegerdes
@ 2005-10-08 20:15 ` John Coiner
0 siblings, 0 replies; 3+ messages in thread
From: John Coiner @ 2005-10-08 20:15 UTC (permalink / raw)
To: qemu-devel
Troy Benjegerdes wrote:
> Which smbd are you using? The one on debian sarge wants to have write access
> to some /var/run and /var/lib directories to coordinate locking. Because
> it gets run as a regular user, (and is not suid root), it winds up
> spitting out an error to the logfile and dying. It took me a while to
> figure this out, since there's no error message display by qemu.
I'm running smbd that came with slackware 10-dot-something...
john@kong:~$ /usr/sbin/smbd -V
Version 3.0.14a
It's not suid root either.
The 'smb.conf' contains a "lock directory" entry, which (you would
think!) tells smbd to use the temporary directory as the lock directory.
Are you sure that smbd actually found and read the 'smb.conf' file which
qemu generated?
The qemu-generated 'smb.conf' file overrides all samba default paths in
'/var' except for the "utmp directory" and "wtmp directory" parameters.
Maybe your smbd was compiled with '--with-utmp' in which case you might
need qemu to specify "utmp directory" and "wtmp directory" in 'smb.conf'.
-- john
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-10-08 20:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-08 19:30 [Qemu-devel] [patch] make '-smb $HOME' work John Coiner
2005-10-08 19:44 ` Troy Benjegerdes
2005-10-08 20:15 ` John Coiner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).