Project

General

Profile

Bug #27948

Allow Samba to also listen on loopback when specifying a Bind IP

Added by Jose Andres Arias Velichko about 1 year ago. Updated 10 months ago.

Status:
Done
Priority:
No priority
Assignee:
John Hixson
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Need verification
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:

|NIC | Interface Name | DHCP | Media Status | IPv4 Addresses | IPv6 Addresses | Auto configure IPv6| Options|
|lagg0|lagg0|false|Active|||false||
|vlan3|Servidores|false|Active|10.0.3.20/24||false||
|vlan8|SAN|false|Active|10.0.8.23/24||false||

ChangeLog Required:
No

Description

We are using FreeNAS with multimple intefaces (2), and due to security issues, I only want Samba to listen on 1 of the IPs/Interfaces.

When Bind IP Addresses: option is selected, samba is only configured on this interface:

root@fuen-dc-1:~ # grep interfaces /usr/local/etc/smb4.conf
    bind interfaces only = yes
    interfaces = 10.0.3.20
root@fuen-dc-1:~ #

But per samba recommendation a loopback (127.0.0.1) interface must always be included, as lack of this can cause some issues to internal scripts and other samba utilities. And Loopback is not available in the list of interfaces/IPs to choose from.

As a workaround, I've set this options through Auxiliary parameters:, but Loopback should always be active, as per samba team recommendation.


Related issues

Copied to FreeNAS - Bug #40572: Allow Samba to also listen on loopback when specifying a Bind IPDone

Associated revisions

Revision b1493fd7 (diff)
Added by John Hixson about 1 year ago

Allow binding to loopback address

Ticket: #27948

Revision 49d8e9d4 (diff)
Added by John Hixson 9 months ago

Allow binding to loopback address

Ticket: #27948
(cherry picked from commit b1493fd7c8bbee28d89f8472d65aedc08a042ffd)

Revision 4b7f452c (diff)
Added by John Hixson 9 months ago

Allow binding to loopback address

Ticket: #27948
(cherry picked from commit b1493fd7c8bbee28d89f8472d65aedc08a042ffd)

Revision 6aa2965b (diff)
Added by John Hixson 9 months ago

Allow binding to loopback address

Ticket: #27948
(cherry picked from commit b1493fd7c8bbee28d89f8472d65aedc08a042ffd)

(11.1-stable ticket)
Ticket: #40572

History

#1 Updated by Dru Lavigne about 1 year ago

  • Status changed from Unscreened to Not Started
  • Assignee changed from Release Council to John Hixson
  • Reason for Blocked set to Need verification

John: what are your thoughts on this one?

#2 Updated by John Hixson about 1 year ago

Dru Lavigne wrote:

John: what are your thoughts on this one?

We should probably include the loopback in the IP list as an option

#3 Updated by Dru Lavigne about 1 year ago

  • Target version set to 11.2-RC2

#4 Updated by John Hixson about 1 year ago

  • Status changed from Not Started to In Progress

fixed in b1493fd7c8bbee28d89f8472d65aedc08a042ffd, waiting for jenkins to give me permission to merge.

#5 Updated by Dru Lavigne about 1 year ago

  • Subject changed from Samba is not listening on loopback per default when selecteed to Bind only on some IPs to Allow Samba to also listen on loopback when specifying a Bind IP
  • Needs Merging changed from Yes to No

#6 Updated by Dru Lavigne about 1 year ago

  • Status changed from In Progress to Done

#7 Updated by Dru Lavigne about 1 year ago

  • Target version changed from 11.2-RC2 to 11.2-BETA1

#8 Updated by Dru Lavigne 12 months ago

  • Status changed from Done to Ready for Testing

#9 Updated by Eric Turgeon 10 months ago

  • Status changed from Ready for Testing to Passed Testing
  • Severity set to New
  • Needs QA changed from Yes to No

looks to work fine on FreeNAS-11.2-MASTER-201806191350 (4d34a765b)

#10 Updated by Dru Lavigne 10 months ago

  • Status changed from Passed Testing to Done

#11 Updated by John Hixson 9 months ago

  • Copied to Bug #40572: Allow Samba to also listen on loopback when specifying a Bind IP added

Also available in: Atom PDF