Samba:允许不安全的宽链接

前端之家收集整理的这篇文章主要介绍了Samba:允许不安全的宽链接前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
allow insecure wide links:

In normal operation the option wide links which allows the server to
follow symlinks outside of a share path is automatically disabled when
unix extensions are enabled on a Samba server. This is done for
security purposes to prevent UNIX clients creating symlinks to areas
of the server file system that the administrator does not wish to
export.

Setting allow insecure wide links to true disables the link between
these two parameters,removing this protection and allowing a site to
configure the server to follow symlinks (by setting wide links to
“true”) even when unix extensions is turned on.

根据手动设置允许不安全的宽链接=是应该足以允许符号链接在共享路径之外但是它不适合我,除非我设置unix extensions = no.

testparm甚至没有显示这个变量?!

# testparm -s
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[Public]"
Loaded services file OK.
Server role: ROLE_STANDALONE
[global]
    workgroup = test
    server string = SambaBox
    syslog = 0
    log file = /var/log/samba/smb.log
    max log size = 50
    smb ports = 139
    socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
    load printers = No
    printcap name = /dev/null
    disable spoolss = Yes
    show add printer wizard = No
    idmap config * : backend = tdb

[Public]
    comment = Public
    path = /data/Public
    valid users = smbguest
    create mask = 0644
    force create mode = 0644
    force directory mode = 0755
    map archive = No
    wide links = Yes

解决方法

如果您启用了宽链接支持但它不起作用,SELINUX可能会阻止您.

尝试发出setenforce 0并重新测试您的配置.如果它有效,那么你找到了问题的来源.

如果这不起作用,请在[global]部分添加

>宽链接=是
>允许不安全的宽链接=是
> unix extensions = no

然后重启samba并重新尝试你的测试用例.

猜你在找的Linux相关文章