<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>There is a patch: <a href="https://www.illumos.org/issues/7529">https://www.illumos.org/issues/7529</a> <div>--</div>Dmitry Glushenok</div><div id="AppleMailSignature">Jet Infosystems</div><div> 3 нояб. 2016 г., в 16:23, Дмитрий Глушенок <<a href="mailto:glush@jet.msk.su">glush@jet.msk.su</a>> написал(а): </div><blockquote type="cite"><div>smbd makes it's own privilege set at start: smbd_daemonize_fini(int fd, int exit_status) ... priv_basicset(pset); /* list of privileges for smbd */ (void) priv_addset(pset, PRIV_NET_MAC_AWARE); (void) priv_addset(pset, PRIV_NET_PRIVADDR); (void) priv_addset(pset, PRIV_PROC_AUDIT); (void) priv_addset(pset, PRIV_SYS_DEVICES); (void) priv_addset(pset, PRIV_SYS_SMB); (void) priv_addset(pset, PRIV_SYS_MOUNT); priv_inverse(pset); /* turn off unneeded privileges */ (void) setppriv(PRIV_OFF, PRIV_EFFECTIVE, pset); ... So, SMF context will not work. For now I've set "ppriv && SIGHUP" in a separate service, which is launched just after smbd. -- Dmitry Glushenok Jet Infosystems <blockquote type="cite">3 нояб. 2016 г., в 15:58, Jim Klimov <<a href="mailto:jimklimov@cos.ru">jimklimov@cos.ru</a>> написал(а): </blockquote><blockquote type="cite"> </blockquote><blockquote type="cite">If that is the case, consider fixing up the method_context privileges in the SMF service for the smb/server. </blockquote><blockquote type="cite">Good luck and thanks for sharing ;) </blockquote> </div></blockquote></body></html>