OSMC Security Update for OSMC 2016.04-1 and earlier


#1

Platforms affected:

A number of vulnerabilities [1] [2] [3] [4] [5] [6] [7] [8] have been discovered in Samba which is offered in the OSMC App Store and Debian APT repository. This vulnerability is considered


This is a companion discussion topic for the original entry at https://osmc.tv/2016/04/osmc-security-update-for-osmc-2016-04-1-and-earlier/

[Quick Fix] Problem accessing legacy and guest samba shares after SMB security update on April 14th
Samba access to raspberry impossible from mac osX since last update
#2

After this update I can’t connect to folder shared via SMB from Windows 10.
Still asking about login and pass, but I did’t set any.


#3

This update screwed my setup on my Raspberry Pi 2. After the update it just bootloops and does not get over the sad face. :cry:


#4

If you were on 2016.04-1 beforehand, and upgraded, then it definitely didn’t ‘screw’ your Pi.

If you are experiencing issues, please create a separate forum post with logs

You likely haven’t updated your device for a while, and you are now using a skin which is incompatible with the new version of Kodi (Jarvis).

Sam


#5

Hi Sam,

Thanks for the prompt response.

While I updated my device frequently, I now will perform a fresh install.

Thanks again!


#6

samba is not starting after the update, logging in with ssh and checking for samba service status i get this:
osmc@osmc:~$ sudo service samba status ● samba.service - Samba Server Loaded: loaded (/lib/systemd/system/samba.service; enabled) Active: failed (Result: exit-code) since gio 2016-04-14 21:56:58 CEST; 2min 24s ago Process: 274 ExecStart=/etc/init.d/samba.distributed start (code=exited, status=1/FAILURE) Main PID: 274 (code=exited, status=1/FAILURE)

apr 14 21:56:58 osmc samba.distributed[274]: Starting nmbd (via systemctl): nmbd.serviceJob for nmbd.service failed. See 'systemctl status nmbd.service' and 'journalctl -xn' for details. apr 14 21:56:58 osmc samba.distributed[274]: failed! apr 14 21:56:58 osmc systemd[1]: samba.service: main process exited, code=exited, status=1/FAILURE apr 14 21:56:58 osmc systemd[1]: Failed to start Samba Server. apr 14 21:56:58 osmc systemd[1]: Unit samba.service entered failed state.


#7

Did you install Samba via the OSMC App Store, as recommended?

We would need a full log to identify the issue. Please post one in a separate thread.


#8

I don’t remember if i installed it via apt-get or via app store, are those 2 different versions?


#9

Yes.

Both will be updated by the security update. But the optimal way to share files to other devices is to use the official OSMC method. If you install via apt-get, you will need to fully purge that first before installing via My OSMC -> App Store

If you don’t remember explicitly installing via the App Store, you probably didn’t do it that way. The App Store will show ‘Installed’ by the Samba Server application if you completed this process through the App Store.

Sam


#10

I wasn’t be able to login with guest account.
Temporary I created new account with password. Let’s say osmc:osmc

But I didn’t want additional account on start screen, so I created DWORD value in registry under this path:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList
with “osmc” as the name of the new value. This is hiding account from view, but still let you use it to log in to SMB shares.

It works and it’s much safer.
Out of curiosity, I still would like to know how to log in with guest account?


Can't reach my SMB shares after the last OSMC update!
[Quick Fix] Problem accessing legacy and guest samba shares after SMB security update on April 14th
#11

http://kodi.wiki/view/SMB/Windows#Windows_10


#12

I saw this before, but it don’t explain how to join homegroup on Linux.


#13

I’m having a problem connecting to a samba share after this security update.

ERROR: SMBDirectory->GetDirectory: Unable to open directory : ‘smb://USERNAME:PASSWORD@192.168.1.1/Network%20Storage/Videos/Movies’

I have tried to remove the share and adding it again with username and password but still not being used when connecting to the share.


#14

I just updated to new version now my samba won’t work, it just asks for username and password. Pi2+ and Windows 7 server. Please release new update I have spent hours trying to get it to work wit no luck.


#15

Same problem. After update, unable to load smb shares from Windows 7.

I can see the share, but when clicking, prompted to user/pass, and always receiving access denied.

Tested with “osmc” user.
I made “sudo smbpasswd -a osmc” and “sudo smbpasswd -e osmc”.

Don’t worked.

Any idea?


#16

Same here… After the last update i cannot access my shared folders in my windows 7 pc from my rasp 2… I had installed samba from the app store… Ideas?


#18

Same here… cannot acces my share right after last update. I’m using osmc samba. I never installed with store. The last update is too sucure lol I reinstalled the old version and lock for future update.

In a meantime If someone found an answer it will be appreciate

thank


#19

After this update ans several restarts:

  • No connection to the network. My NAS and external HD connected for weeks via zeroconf are no more available. IP, network settings seem to be ok. ssh to the Raspberry2 is still possible.
  • Settings are resettet to whatever. Elliptic circles and so forth.

#20

Assuming your are sharing your files with smb, if that is the case watch the development in this thread

If you are using something else than samba, please give more details.


#21

My Setting is:

  • Synology-215-NAS with external USB-Drive (Ext4), connected to Ethernet
  • MacMini with external USB-Drive (Ext4), connected to Ethernet
  • Raspberry2 as Media Server, connected to Ethernet
  • Router is an Apple TimeCapsule

I try to connect with Zeroconf-Browser where I can see a list with the NAS(SAMBA) and the MacMini(SAMBA).
choosing the NAS shows 8 entries in the bottom right edge, but nothing happens,
choosing the MacMini with same result.

I would like to downgrade to the previous version which run fine over all updates for weeks. Unfortunately my backup of the osmc card is not very up to date.