Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-20-2003, 08:02 AM
|
#1
|
LQ Newbie
Registered: Jun 2003
Location: Central Pa
Distribution: Mandrake 9
Posts: 11
Rep:
|
Samba: Win2K/Linux; Linux shares are all "read-only system file" (and they shouldn't
Good Morning
I've a LAN with one each Win98E and Win2K workstations, a Linux/Samba fileserver and soon to be a Linux backupserver. For the most part, programs are run on the workstations and data is kept on the file server. The Linux machines are running Mandrake 9. I've a root user on the Linux and administrator on the Win2K, of course. I have a "root" on the Win2k with admin authority. My regular poweruser userid is defined on all machines. The Win2K is used for surfing, email, chat, programming, personal book-keeping. The Win98, right now, runs a chat bot, and keeps the room warm ;-)
A couple of days ago I noticed that sometimes I couldn't write from the Win2K to some of the fileserver shares. This has increased to all the time, to all shares (I've several, some for my private use, some for anyone on the system to read and some for anyone to read/write.) A similar problem was on the Win98, which went away with rebooting both workstation and fileserver, and has returned.
I have AVG anti-virus on the Win2K, which is run nightly, updates it's database (if necessary) and scans the local drives and the shares on the Linux fileserver. Last week, it seemed to've blocked an attack, although it didn't seem able to actually stop the attempts until I rebooted. I don't know if this is related to my problem.
Looking at the Win2k properties for a share I see my userid with full access, and another instance of my userid with read only (the more restrictive takes precedence, I assume). The Everyone "group" has full access and take ownership access (which certainly doesn't seem right). Administrator has full access.
Looking at the Linux box, all the shared directories have the appropriate permissions, rwxrwxrwx, rwxr-xr-x, rwxrwx---.
The shared directory I'm working on first is owned by my poweruser id.
On Win2k, I tried to change the userid's access back to full access. It would process for a while, like 5-10 minutes, and then come back with failure, access denied. I tried various slightly different attempts via the properties dialog, logged on as poweruser, root and administrator, with all the same results. An acquaintance suggested logging on as administrator and "take ownership", I tried, the take ownership button/function/whatever is either unavailable or I can't find it. I tried logging on with another id, which would be an "Everyone" but the Linux share isn't defined to allow such access, so I can't map to the share.
I had the thought that perhaps I should change the Linux owner of the directory to root. So I did a "chown -c -R root" (change owner, recursively, reporting those that are changed). The response has caused me concern. For each changed entry (file or dir) I got a line that said something like "owner changed dir/file read-only system file". The "read-only system file" has me concerned. Not all of these files are read-only system files. In fact, none of them should be, these are data directories.
I'm familiar with the rwxrwxrwx mode and the use of a leading ".", but how do I see that a file is a read-only system file, and how do I change it?
I also need to find out if this is the result of an attack, and if I am still compromised. Win2k shows clean, but an acquaintance tells me that one technique is to put the virus in a directory and then hide/protect the directory so scanners won't hit it. I have no AV on the fileserver, don't even know of AV's for Linux ;-)
Thanks in advance for your kind consideration
Cornell
|
|
|
06-21-2003, 03:30 AM
|
#2
|
LQ Newbie
Registered: Jun 2003
Location: Canada
Distribution: Mandrake, RedHat, Debian
Posts: 3
Rep:
|
Just an idea.
Is it possible that your mount options were changed for that partition?
/etc/fstab
|
|
|
06-23-2003, 09:52 PM
|
#3
|
LQ Newbie
Registered: Jun 2003
Location: Central Pa
Distribution: Mandrake 9
Posts: 11
Original Poster
Rep:
|
Is it possible, sure, what do I know ;-)
But fstab looks good, the shares are under home which is mounted to the correct partition. But what would that have to do with the permissions, or "read-only system file" state?
I've used chmod to change all the shares and sub-dir's to be rwxrwxrwx. Win98 than got proper access. I haven't tried the Win2k (one thing at a time). And, guess what.... they got changed back to rwxr-xr-x. I change -'em, they change back :-) Sometimes within a few minutes.
I've run AVG with current database on both Win machines. No viruses found.
Gonna check chron, see if I find anything.
Any ideas?
Thanks in advance
|
|
|
06-23-2003, 10:27 PM
|
#4
|
LQ Guru
Registered: Jan 2002
Posts: 6,042
Rep: 
|
Look up directory and file mask in smb.conf documentation and set them to 0777.
There is antivirus software for LINUX. They are professional grade. Use your favorite search engine and find them.
|
|
|
06-24-2003, 11:19 AM
|
#5
|
Member
Registered: Apr 2003
Location: Juneau, Alaska
Posts: 251
Rep:
|
If your shared volumes are VFAT you might look into adding umask=0 0 0 to your /etc/fstab entries for those partitions.
|
|
|
All times are GMT -5. The time now is 03:33 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|