From nobody Mon Feb 9 17:07:48 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=nh2.me ARC-Seal: i=1; a=rsa-sha256; t=1614056761; cv=none; d=zohomail.com; s=zohoarc; b=HrU5fWWeWvgdRPQniwZ3Hv3540A/xFwUZjsC1tY/pYtj7jVX3JgkJQX4c6wfMSell+3lpyCJKuKH3D+M3fQvtTh2Pam6OAPrweJBSmLSkLt0ipUZ7AFs3/fS4B3YvJXFhRc3qAMxI6Cg7+TObxL+T7Svn1FsjW5bBK3ujMHLnlo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1614056761; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=u7KSPEpyzHQaJ1uvQx2iO62B3Ia3fF1tCWlR+Y0tqmY=; b=Qc3AWG5zXfUcep8bRvrwAvZNmmE4oWRVzKCz/DzzxSBGpal2SWeNPIe7dyjsxmHE3bUj8V3Jz6oHar1jJNkH7Kl7W6YE03ij4XNOTUKg+8Mnrn87fD3ET5hyq2PkHcbimgsJW67ZUvYROrAvlDcjfhf8e0H4AhkWrKfn/ZdQreY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1614056760099154.3634040096223; Mon, 22 Feb 2021 21:06:00 -0800 (PST) Received: from localhost ([::1]:42602 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lEPtW-00043c-U0 for importer@patchew.org; Tue, 23 Feb 2021 00:05:58 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:54888) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lENeD-0003e3-Uk; Mon, 22 Feb 2021 21:42:01 -0500 Received: from mail.nh2.me ([116.202.188.98]:58973) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lENeB-0008Q5-G7; Mon, 22 Feb 2021 21:42:01 -0500 Cc: qemu-stable@nongnu.org, qemu-trivial@nongnu.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nh2.me; s=mail; t=1614048114; bh=HjvwI/n7A6NQDKRZHPtT04n7YtekAuRGoR3144EiZ6c=; h=Cc:From:Subject:To:Date; b=kw15+yqrLtWiZbrMhtsZ1H2mk+NyQJhwjnue0T35tQ/LEhS3hucvsYe2XmYgCrc/9 00cNrNGRyc7wuQX1up8tGE2lXPYF/lw7qFkczBe05wR9vNp1d+CXIJ5p7b/D3kubd9 qFXVOoIwmRWWR5xVfMkRHfvcjAT6lAf9lKfcfDkO7Azqlk4NE1w/vtKabbmEr6tpi2 tKyg+xG4uvquiJeuTc+Qpu+qTKoNhUMyCnnls79s4CJ9Offk4HTSv4MKDdksAcGpJ/ +yVIT6CHuhZ1KXSW06UeisLhVgQjpNvu38QyUN6NlJmjYlTXY883rgPvOSYYTu5mdJ YVpGQlgnOww7A== From: =?UTF-8?Q?Niklas_Hamb=c3=bcchen?= Subject: [PATCH] net/slirp: Fix incorrect permissions on samba >= 2.0.5 To: qemu-devel@nongnu.org Message-ID: Date: Tue, 23 Feb 2021 03:41:51 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=116.202.188.98; envelope-from=mail@nh2.me; helo=mail.nh2.me X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Tue, 23 Feb 2021 00:04:55 -0500 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @nh2.me) As the added commend and `man smb.conf` explain, starting with that samba version, `force user` must be configured in `[global]` in order to access the configured `smb_dir`. This broke `-net user,smb=3D/path/to/folder`: The `chdir` into e.g. `/run/user/0/qemu-smb.DCZ8Y0` failed. In verbose logs, this manifested as: [..., effective(65534, 65534), real(65534, 0)] /source3/smbd/service.c:= 159(chdir_current_service) chdir (/run/user/0) failed, reason: Permission denied [..., effective(65534, 65534), real(65534, 0)] /source3/smbd/service.c:= 167(chdir_current_service) chdir (/run/user/0) failed, reason: Permission denied [..., effective(65534, 65534), real(65534, 0)] /source3/smbd/uid.c:448(= change_to_user_internal) change_to_user_internal: chdir_current_service() failed! This commit fixes it by setting the `[global]` force user to the user that owns the directories `smbd` needs to access. Signed-off-by: Niklas Hamb=C3=BCchen --- net/slirp.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/slirp.c b/net/slirp.c index be914c0be0..82387bdb19 100644 --- a/net/slirp.c +++ b/net/slirp.c @@ -850,6 +850,11 @@ static int slirp_smb(SlirpState* s, const char *export= ed_dir, } fprintf(f, "[global]\n" + "# In Samba 2.0.5 and above the 'force user' parameter\n" + "# also causes the primary group of the forced user to be used= \n" + "# as the primary group for all file activity.\n" + "# This includes the various directories set below.\n" + "force user=3D%s\n" "private dir=3D%s\n" "interfaces=3D127.0.0.1\n" "bind interfaces only=3Dyes\n" @@ -871,6 +876,7 @@ static int slirp_smb(SlirpState* s, const char *exporte= d_dir, "read only=3Dno\n" "guest ok=3Dyes\n" "force user=3D%s\n", + passwd->pw_name, s->smb_dir, s->smb_dir, s->smb_dir, --=20 2.25.4