From 4a090ba06a54f5da179ac02bb307cc03d08831bf Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 16 Jul 2003 05:34:56 +0000 Subject: trying to get HEAD building again. If you want the code prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad) --- docs/docbook/faq/errors.xml | 77 +-------------------------------------------- 1 file changed, 1 insertion(+), 76 deletions(-) (limited to 'docs/docbook/faq/errors.xml') diff --git a/docs/docbook/faq/errors.xml b/docs/docbook/faq/errors.xml index 97619ce704..398286e3c9 100644 --- a/docs/docbook/faq/errors.xml +++ b/docs/docbook/faq/errors.xml @@ -45,7 +45,7 @@ SMB password encryption. enable SMB password encryption in Samba. See the encryption part of the samba HOWTO Collection -disable this new behaviour in NT. See the section about +disable this behaviour in NT. See the section about Windows NT in the chapter "Portability" of the samba HOWTO collection @@ -98,79 +98,4 @@ before exporting it with Samba. - -Why can users access home directories of other users? - - - -We are unable to keep individual users from mapping to any other user's -home directory once they have supplied a valid password! They only need -to enter their own password. I have not found *any* method that I can -use to configure samba to enforce that only a user may map their own -home directory. - - - - -User xyzzy can map his home directory. Once mapped user xyzzy can also map -*anyone* elses home directory! - - - -This is not a security flaw, it is by design. Samba allows -users to have *exactly* the same access to the UNIX filesystem -as they would if they were logged onto the UNIX box, except -that it only allows such views onto the file system as are -allowed by the defined shares. - - - -This means that if your UNIX home directories are set up -such that one user can happily cd into another users -directory and do an ls, the UNIX security solution is to -change the UNIX file permissions on the users home directories -such that the cd and ls would be denied. - - - -Samba tries very hard not to second guess the UNIX administrators -security policies, and trusts the UNIX admin to set -the policies and permissions he or she desires. - - - -Samba does allow the setup you require when you have set the -"only user = yes" option on the share, is that you have not set the -valid users list for the share. - - - -Note that only user works in conjunction with the users= list, -so to get the behavior you require, add the line : - -users = %S - -this is equivalent to: - -valid users = %S - -to the definition of the [homes] share, as recommended in -the smb.conf man page. - - - - - -Until a few minutes after samba has started, clients get the error "Domain Controller Unavailable" - -A domain controller has to announce on the network who it is. This usually takes a while. - - - - -I'm getting "open_oplock_ipc: Failed to get local UDP socket for address 100007f. Error was Cannot assign requested" in the logs -Your loopback device isn't working correctly. Make sure it's running. - - - -- cgit