Ubuntu
samba package

Stackable VFS objects recycle, full_audit interoperability error

Bug #1780463 reported by Mark Thomas
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
samba
Unknown
Unknown
samba (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

Specifying "vfs objects = recycle full_audit" Results in the audit behavior working but the recycle behavior not working:

Jul 5 20:46:05 sambatest smbd_audit: mark|192.168.12.120|myclient|test|unlink|ok|test-b.txt

However, specifying "vfs objects = full_audit recycle" results in both the recycle bin behavior and the audit behavior working as expected:

Jul 5 20:47:45 sambatest smbd_audit: mark|192.168.12.120|myclient|test|rename|ok|test-c.txt|.recycle///test-c.txt

It doesn't seem like these modules should overlap in functionality, so the order doesn't seem like it should matter.

Package: samba 2:4.3.11+dfsg-0ubuntu0.16.04.13
Description: Ubuntu 16.04.4 LTS
Release: 16.04

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I can confirm this with xenial's samba:

# works:
[storage]
 path = /storage
 vfs objects = full_audit recycle
 read only = no
 guest ok = no
 full_audit:prefix = %u|%I
 full_audit:success = unlink
 full_audit:failure = none

Jul 11 19:12:55 xenial-samba-vfs-stack smbd_audit: ubuntu|127.0.0.1|unlink|ok|head
Jul 11 19:12:58 xenial-samba-vfs-stack smbd_audit: ubuntu|127.0.0.1|unlink|ok|tty
Jul 11 19:13:00 xenial-samba-vfs-stack smbd_audit: ubuntu|127.0.0.1|unlink|ok|[

I get logging (full_audit) and .recycle gets the files I removed.

Changing the order like this:

 vfs objects = recycle full_audit

I lose the logging, but recycling works.

I'll try on newer versions to see if this was fixed.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Also happens in bionic's 2:4.7.6+dfsg~ubuntu-0ubuntu2, and an upcoming 4.8.2. Looks like this is worth an upstream bug, since the release notes for 4.8.3 don't mention vfs.

Andreas Hasenack (ahasenack)
Changed in samba (Ubuntu):
status: New → Triaged
importance: Undecided → Low
Revision history for this message
Christian Ehrhardt  (paelzer) wrote (last edit ):

Hi,
I come back trying to close or revive bugs that are dormant for too long.

Sadly upstream didn't act on the bug so far, it was lost in "what do you mean" debates while it seemed clear in the bug description.
But gladly I can report that in Jammy 2:4.15.5~dfsg-0ubuntu5 the order of those two no more matters. So despite the bug being neglected there is a fix that has landed.

Update: sorry I updated to soon as I've first read the audit is what starts to fail, but re-reading in detail again I realize it is the recycle feature that gets dropped.
Checking again ...

test #1: "recycle" -> file gets put into .recycle as expected
test #2: "full_audit recycle" -> file gets put into .recycle as expected and audit messages are present
test #3: "recycle full_audit" -> file gets put into .recycle as expected and audit messages are present

Out of the audit log I also get messages like:
Jun 13 09:57:27 j smbd_audit[32936]: nobody|127.0.0.1|renameat|ok|/storage/testfile|/storage/.recycle/testfile

Ok, so gladly my former statement wasn't completely wrong :-)
Trying other versions ...

Changed in samba (Ubuntu):
status: Triaged → Fix Released
Changed in samba (Ubuntu Bionic):
importance: Undecided → Low
Changed in samba (Ubuntu Focal):
importance: Undecided → Low
Changed in samba (Ubuntu Bionic):
status: New → Triaged
Changed in samba (Ubuntu Focal):
status: New → Triaged
Revision history for this message
Christian Ehrhardt  (paelzer) wrote (last edit ):

Note for latter reproducers, trivial command series that will reproduce this after having smb.conf set up as (like above):

[storage]
        comment = testshare
        path = /storage
        #vfs objects = recycle full_audit
        vfs objects = full_audit recycle
        #vfs objects = recycle
        read only = no
        guest ok = yes
        full_audit:prefix = %u|%I
        full_audit:success = unlink
        full_audit:failure = non

$ sudo umount /mnt/test; sudo systemctl stop smbd; sudo rm -rf /storage /mnt/test; sudo mkdir /storage /mnt/test; sudo touch /storage/testfile; sudo chmod -R ogu+w /storage/; sudo systemctl start smbd; sleep 2s; sudo mount -t cifs //127.0.0.1/storage /mnt/test/ -o username=ubuntu,password=ubuntu,uid=1000,gid=1000; ll /storage/testfile /mnt/test/testfile; ls -laF /mnt/test/.recycle; rm /mnt/test/testfile; sleep 2s; ls -dl /mnt/test/.recycle/*

In the good case that will show:
# check after mount
-rwxr-xr-x 1 ubuntu ubuntu 0 Jun 13 10:02 /mnt/test/testfile*
-rw-rw-rw- 1 root root 0 Jun 13 10:02 /storage/testfile
# not there before removal
ls: cannot access '/mnt/test/.recycle': No such file or directory
# recycle worked
-rwxr-xr-x 1 ubuntu ubuntu 0 Jun 13 10:02 /mnt/test/.recycle/testfile

Jammy: 2:4.15.5~dfsg-0ubuntu5 - working
Focal: 2:4.13.17~dfsg-0ubuntu0.21.04.2 - working
Bionic: 2:4.7.6+dfsg~ubuntu-0ubuntu2 - working
Xenial: 2:4.3.11+dfsg-0ubuntu0.16.04.34 - working as well

In Xenial I tried all three variants of
        vfs objects = recycle full_audit
        vfs objects = full_audit recycle
        vfs objects = recycle
And all three worked.

no longer affects: samba (Ubuntu Bionic)
no longer affects: samba (Ubuntu Focal)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

So to me this really seems fixed nowadays, sadly I couldn't find a commit that made it work.
But if in doubt use the repro commands I stated and if you have others failing look for the difference.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.