LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-20-2003, 08:02 AM   #1
cornellS
LQ Newbie
 
Registered: Jun 2003
Location: Central Pa
Distribution: Mandrake 9
Posts: 11

Rep: Reputation: 0
Samba: Win2K/Linux; Linux shares are all "read-only system file" (and they shouldn't


Good Morning

I've a LAN with one each Win98E and Win2K workstations, a Linux/Samba fileserver and soon to be a Linux backupserver. For the most part, programs are run on the workstations and data is kept on the file server. The Linux machines are running Mandrake 9. I've a root user on the Linux and administrator on the Win2K, of course. I have a "root" on the Win2k with admin authority. My regular poweruser userid is defined on all machines. The Win2K is used for surfing, email, chat, programming, personal book-keeping. The Win98, right now, runs a chat bot, and keeps the room warm ;-)

A couple of days ago I noticed that sometimes I couldn't write from the Win2K to some of the fileserver shares. This has increased to all the time, to all shares (I've several, some for my private use, some for anyone on the system to read and some for anyone to read/write.) A similar problem was on the Win98, which went away with rebooting both workstation and fileserver, and has returned.

I have AVG anti-virus on the Win2K, which is run nightly, updates it's database (if necessary) and scans the local drives and the shares on the Linux fileserver. Last week, it seemed to've blocked an attack, although it didn't seem able to actually stop the attempts until I rebooted. I don't know if this is related to my problem.

Looking at the Win2k properties for a share I see my userid with full access, and another instance of my userid with read only (the more restrictive takes precedence, I assume). The Everyone "group" has full access and take ownership access (which certainly doesn't seem right). Administrator has full access.

Looking at the Linux box, all the shared directories have the appropriate permissions, rwxrwxrwx, rwxr-xr-x, rwxrwx---.

The shared directory I'm working on first is owned by my poweruser id.

On Win2k, I tried to change the userid's access back to full access. It would process for a while, like 5-10 minutes, and then come back with failure, access denied. I tried various slightly different attempts via the properties dialog, logged on as poweruser, root and administrator, with all the same results. An acquaintance suggested logging on as administrator and "take ownership", I tried, the take ownership button/function/whatever is either unavailable or I can't find it. I tried logging on with another id, which would be an "Everyone" but the Linux share isn't defined to allow such access, so I can't map to the share.

I had the thought that perhaps I should change the Linux owner of the directory to root. So I did a "chown -c -R root" (change owner, recursively, reporting those that are changed). The response has caused me concern. For each changed entry (file or dir) I got a line that said something like "owner changed dir/file read-only system file". The "read-only system file" has me concerned. Not all of these files are read-only system files. In fact, none of them should be, these are data directories.

I'm familiar with the rwxrwxrwx mode and the use of a leading ".", but how do I see that a file is a read-only system file, and how do I change it?

I also need to find out if this is the result of an attack, and if I am still compromised. Win2k shows clean, but an acquaintance tells me that one technique is to put the virus in a directory and then hide/protect the directory so scanners won't hit it. I have no AV on the fileserver, don't even know of AV's for Linux ;-)

Thanks in advance for your kind consideration
Cornell
 
Old 06-21-2003, 03:30 AM   #2
saneconsulting
LQ Newbie
 
Registered: Jun 2003
Location: Canada
Distribution: Mandrake, RedHat, Debian
Posts: 3

Rep: Reputation: 0
Lightbulb Just an idea.

Is it possible that your mount options were changed for that partition?

/etc/fstab
 
Old 06-23-2003, 09:52 PM   #3
cornellS
LQ Newbie
 
Registered: Jun 2003
Location: Central Pa
Distribution: Mandrake 9
Posts: 11

Original Poster
Rep: Reputation: 0
Is it possible, sure, what do I know ;-)

But fstab looks good, the shares are under home which is mounted to the correct partition. But what would that have to do with the permissions, or "read-only system file" state?

I've used chmod to change all the shares and sub-dir's to be rwxrwxrwx. Win98 than got proper access. I haven't tried the Win2k (one thing at a time). And, guess what.... they got changed back to rwxr-xr-x. I change -'em, they change back :-) Sometimes within a few minutes.

I've run AVG with current database on both Win machines. No viruses found.

Gonna check chron, see if I find anything.

Any ideas?

Thanks in advance
 
Old 06-23-2003, 10:27 PM   #4
Electro
LQ Guru
 
Registered: Jan 2002
Posts: 6,042

Rep: Reputation: Disabled
Look up directory and file mask in smb.conf documentation and set them to 0777.

There is antivirus software for LINUX. They are professional grade. Use your favorite search engine and find them.
 
Old 06-24-2003, 11:19 AM   #5
camelrider
Member
 
Registered: Apr 2003
Location: Juneau, Alaska
Posts: 251

Rep: Reputation: 32
If your shared volumes are VFAT you might look into adding umask=0 0 0 to your /etc/fstab entries for those partitions.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
perplexing "read-only file system" error Chomper Linux - General 1 11-16-2005 08:56 PM
"Read-Only File System" external USB HD logan2004 Linux - Hardware 3 04-01-2005 10:07 AM
KDE freezes up. Getting "Read-only file system" GoodVibrations Slackware 6 02-28-2005 08:49 AM
Can't boot Mandrake 10.0, "Cannot touch, Read-Only File System" RasutoIbuki Mandriva 5 07-23-2004 09:57 PM
"mkdir: cannot create directory `foo': Read-only file system" on FAT32 maddes Linux - Hardware 1 11-26-2003 07:19 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration