Executing smbstatus as non-root user
I found that after upgrading to samba 3 (Debian 2.6.15 unstable), I was unable to execute
smbstatus as a non-root user. This was very inconvenient, since I was using a PHP script to track which users are connected to my server (see my previous post). The error that occurs looks as follows:
ERROR: Failed to initialise messages database: Permission denied
messaging_tdb_init failed: NT_STATUS_ACCESS_DENIED
smbstatus suid root unfortunately didn’t do the trick. Taking a closer look at the error suggested that it got to do with the *.tdb files that samba is using. So, I went to the folder containing these files (for me
/var/run/samba/*.tdb). All these database files were chmodded to 644, so only enabled rw permissions to root.
By changing the permissions of
messages.tdb to 666 (rw permissions on world, if you find this to devil-ish, 646 would also do the trick ;)) a normal user can also open the database file and thus everything worked again. Of course, you should keep in mind that this may pose a security risk.