ksmbd.adduser should check the username already in /etc/passwd #188
Comments
|
It seems ksmbd use the uid/gid of /etc/passwd and /etc/groupd Should we add the check of /etc/passwd and /etc/group in ksmbd.adduser? |
wangyugui-e16
changed the title
|
a dirty patch |
Could you please explain more why this patch is needed ? |
|
if we allow userABC to access ksmb and then create a file(fileEFG). Then what is owner:group of the file (fileEFG)? |
ksmbd gets the uid/gid corresponding to the username from /etc/passwd.
Yes. ksmbd.adduser check /etc/passwd for this. If there is no username in /etc/passwd, It will be guest uid/gid. |
If there is no username in /etc/passwd, It should deny the access? |
|
@neheb Rosen, Is it okay to reject login if there is no username in /etc/passwd ? I am wondering how openwrt register user id. N ormally, Embedded target like openwrt use read-only root filesystem, so /etv/passwd file seems to be read-only. My question is that openWRT need add new user ID who is not in /etc/passwd ? |
|
OpenWrt uses squashfs+overlayfs to provide an r/w system. Writing to /etc/passwd is permitted and survives a sysupgrade, Current init script does not write to /etc/passwd but could be modified to do so: https://github.com/openwrt/packages/blob/master/net/ksmbd-tools/files/ksmbd.init |
|
ping @rmilecki |
|
it's an old init script. I assume users figure it out... The original author abandoned OpenWrt and moved to Jellyfin. @rmilecki wrote https://github.com/openwrt/packages/blob/master/net/ksmbd-tools/files/ksmbd.hotplug which I assume works for basic shares. |
Hi,
I created a user USER_A with ksmbd.adduser, login through windows 10 client,
and then create a file FILE_A on the backend filesystem ext4/btrfs from windows 10 client.
How the the uid/gid of the FILE_A is decided? Can we use the uid/gid of /etc/passwd file?
Best Regards
The text was updated successfully, but these errors were encountered: