Re: [Vserver] Samba in a vserver guest: broadcast problem

From: Herbert Poetzl <herbert_at_13thfloor.at>
Date: Sun 25 Jun 2006 - 02:06:46 BST
Message-ID: <20060625010646.GA11639@MAIL.13thfloor.at>

On Sat, Jun 24, 2006 at 06:44:31PM +0200, [eMAXX] sys-admin@emaxx.nl wrote:
> Hi,
>
> I'm trying te get Samba (3.0.14a-Debian) to work in a Linux Vserver guest.
>
> ---
> Versions:
> Kernel: 2.6.14.4-vs2.1.0.20060621
> VS-API: 0x00020001
> util-vserver: 0.30.209; Jan 7 2006, 16:17:48
>
> Features:
> CC: gcc, gcc (GCC) 3.3.5 (Debian 1:3.3.5-13)
> CXX: g++, g++ (GCC) 3.3.5 (Debian 1:3.3.5-13)
> CPPFLAGS: ''
> CFLAGS: '-g -O2 -std=c99 -Wall -pedantic -W'
> CXXFLAGS: '-g -O2 -ansi -Wall -pedantic -W
> -fmessage-length=0'
> build/host: i686-pc-linux-gnu/i686-pc-linux-gnu
> Use dietlibc: yes
> Build C++ programs: yes
> Build C99 programs: yes
> Available APIs: compat,v11,v13,fscompat,net,oldproc,olduts
> ext2fs Source: e2fsprogs
> syscall(2) invocation: alternative
> vserver(2) syscall#: 273/glibc
>
> Paths:
> prefix: /
> sysconf-Directory: /etc
> cfg-Directory: /etc/vservers
> initrd-Directory: /etc/init.d
> pkgstate-Directory: /var/run/vservers
> vserver-Rootdir: /home/vservers
> ---
>
> ~$ cat/etc/vservers/vs01-elastic/interfaces/0/bcast
> 192.168.1.255
> (tried 255.255.255.255 too)
>
> ~$ cat /etc/vservers/vs01/capabilities
> CAP_NET_RAW
> CAP_NET_BROADCAST
> CAP_NET_ADMIN

with this set of caps (RAW/ADMIN, BROADCAST is
actually unused) you basically have host priviledges
inside the guest ...

> (inside the guest)
> ~$ grep Cap /proc/self/status
> CapInh: 0000000000000000
> CapPrm: 00000000344c3cff
> CapEff: 00000000344c3cff
>
> Whenever I click on "My Network places >> Microsoft Windows-network"
> (swift translation out of Dutch), Windows tells me I have no rights to
> open the Samba host. If I connect to the host directly (eg: \\vs01\foo)
> there is no problem (will need user/pass, but that's ok).
>
> I discovered Windows is sending broadcast packages, hereby one of them:
>
> ---
> ~$ tcpdump -vvnei eth0:0 host 192.168.1.8
>
> 18:34:56.002814 00:13:d4:*:*:* > ff:ff:ff:ff:ff:ff, ethertype IPv4
> (0x0800), length 92: IP (tos 0x0, ttl 128, id 26492, offset 0, flags
> [none], length: 78) 192.168.1.8.137 > 192.168.1.255.137: [udp sum ok]
> >>> NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
> TrnID=0x80C6
> OpCode=0
> NmFlags=0x11
> Rcode=0
> QueryCount=1
> AnswerCount=0
> AuthorityCount=0
> AddressRecCount=0
> QuestionRecords:
> Name=ELASTIC-FS NameType=0x00 (Workstation)
> QuestionType=0x20
> QuestionClass=0x1
>
> ---
> but samba in the vserver guest doesn't answer them.
>
> Who's to blame? Samba or Vserver?

probably neither nor, try adding the broadcast
ip (192.168.1.255) to the list of ips assigned
to the guest (i.e. add another interfaces subdir
with a nodev entry and the broadcast ip)

> Thank you to any one who can help.

let us know if that works for you, and try to
remove the capabilities once it works ...

HTH,
Herbert

> Regards,
>
> Vince.
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Sun Jun 25 02:07:28 2006

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 25 Jun 2006 - 02:07:34 BST by hypermail 2.1.8