Ubuntu
samba package

  1. Bug #1921941
  2. Comment #4

Comment 4 for bug 1921941

Revision history for this message
R Kendal (r-kendal) wrote : Re: [Bug 1921941] Re: samba install flushes iptables and sets all chains to policy accept

Many VMs of testing later and I have this to report...

In my file /etc/network/interfaces.d/enp0s9.cfg I had this line...
pre-up iptables-restore < /etc/iptables/rules.v4

Unbeknownst to me, that cfg file was being triggered by ufw through the
samba install, before I had saved the iptables.

Thankyou for your time with this.
I am happy the problem was just on my end!

Regards,
Kendal

On Tue, 30 Mar 2021 at 23:00, Steve Beattie <email address hidden>
wrote:

> Hello, sorry you are having this issue.
>
> Unfortunately I am unable to reporduce this, with samba 2:4.11.6+dfsg-
> 0ubuntu1.6 from focal, either by applying iptables rules manually or
> enabling firewall rules with ufw:
>
> $ sudo iptables -D INPUT -i lo -j LOG
> $ sudo iptables -L INPUT -n
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags
> 0 level 4
> $ sudo apt install samba
> [ELIDED]
> $ sudo iptables -L INPUT -n
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags
> 0 level 4
>
> What are you using to apply firewall rules? None of the samba packages
> directly manipulate iptables in their postinstall scripts or in their
> service startup files that I can see. The samba package does drop an
> application file for ufw in /etc/ufw/applications.d/samba, but if ufw is
> not enabled, this should not be applied, nor should the ufw trigger that
> runs at the end of the installation touch iptables settings.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1921941
>
> Title:
> samba install flushes iptables and sets all chains to policy accept
>
> Status in samba package in Ubuntu:
> New
>
> Bug description:
> I have been tracking down why my iptables have been getting flushed in
> a VM.
>
> This is what it lead me to...
>
> sudo iptables -L -n
> sudo apt-get install -yq samba
> sudo iptables -L -n
>
> The iptables listing before the samba install is long.
>
> The iptables listing after the samba install have been flushed and all
> chains are set to policy ACCEPT!
>
> Ubuntu 20.04.2
>
> samba --verision
> Version 4.11.6-Ubuntu
>
> ProblemType: Bug
> DistroRelease: Ubuntu 20.04
> Package: samba 2:4.11.6+dfsg-0ubuntu1.6
> ProcVersionSignature: Ubuntu 5.4.0-70.78-generic 5.4.94
> Uname: Linux 5.4.0-70-generic x86_64
> ApportVersion: 2.20.11-0ubuntu27.16
> Architecture: amd64
> CIFSMounts:
> /mnt/v //192.168.1.5/picasso_digital
> cifs
> ro,relatime,vers=3.02,cache=strict,username=picassoUSER,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.5,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1
> /mnt/pshare //192.168.1.5/pshare/picasso.digital[/picasso.digital]
> <http://192.168.1.5/pshare/picasso.digital%5B/picasso.digital%5D> cifs
> rw,relatime,vers=3.02,cache=strict,username=picassoUSER,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.5,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1
> CasperMD5CheckResult: skip
> Date: Tue Mar 30 14:18:30 2021
> InstallationDate: Installed on 2021-03-30 (0 days ago)
> InstallationMedia:
>
> SambaClientRegression: Yes
> SourcePackage: samba
> UpgradeStatus: No upgrade log present (probably fresh install)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1921941/+subscriptions
>