Samba as nonroot

Hi,

Im trying to run samba as a non-root user and I was wondering if this is
even possible, and if not what is preventing it from being ran as a normal
user??

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

lordm@... wrote:
> Hi,
>
> Im trying to run samba as a non-root user and I was wondering if this is
> even possible
No, it's not.

> and if not what is preventing it from being ran as a normal
> user??
>  
You couldn't bind to privileged ports would be the big one. You might be
able to modify the source so it runs on different ports (although that
would mean windows systems couldn't connect, you might be able to coax
another samba machine into it), you would then have issues with
permissions (you couldn't suid/sgid to the connecting user).

*Michael Heydon - IT Administratorr *
michaelh@... <mailto:michaelh@...>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Oops, I accidently sent this to Michael's own email, not to the list.  
Here it is again in the right place.

On 14/05/2008, at 9:48 AM, Michael Heydon wrote:
Also, I think samba needs to be able to fork and execute.

It ought to be possible on Solaris 10 using privileges - I intend to  
test this myself in the next few weeks. (I currently have a DHCP  
server running successfully as a non-root user, binding to privileged  
ports etc etc).

I'll report my findings if anybody is actually curious.

--
Matt Skerritt
matt.skerritt@...



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Heydon wrote:
| lordm@... wrote:
|> Hi,
|>
|> Im trying to run samba as a non-root user and I was wondering if this is
|> even possible
| No, it's not.
|
|> and if not what is preventing it from being ran as a normal
|> user??
|>
| You couldn't bind to privileged ports would be the big one. You might be
| able to modify the source so it runs on different ports (although that
| would mean windows systems couldn't connect, you might be able to coax
| another samba machine into it), you would then have issues with
| permissions (you couldn't suid/sgid to the connecting user).

Tha main reason smbd has to run as root is that it changes
the euid of the process when performing certain operations.
For example, opening as file is done as the user but sending
a message to another smbd [rocess has to be done as root.






cheers, jerry
- --
=====================================================================
Samba                                    ------- http://www.samba.org
Likewise Software          ---------  http://www.likewisesoftware.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIKt1bIR7qMdg1EfYRAvAWAJ9ywd3X0nRh9ugqLNsAk3WV2I9pGwCdFoqD
H+D1xhOYMhbpnp8FOlhWVaA=
=+Zy7
-----END PGP SIGNATURE-----
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba