On Tue, 2013-05-07 at 15:43 -0400, Michael Mol wrote: > On 05/07/2013 03:25 PM, Andrew Bartlett wrote: > > On Mon, 2013-05-06 at 17:15 +0200, Michael De Groote wrote: > >> Hi all > >> > >> Recently i noticed that upon starting the samba4 'samba' daemon, that it > >> changes the group ownership of the socket for ntpd to *staff* > >> > >> $ls -l /usr/local/samba/var/lib/ntp_signd/ > >> total 0 > >> srwxrwxrwx 1 root *staff* 0 May 6 16:35 socket > >> > >> > >> The documentation says it needs to be *ntp*.... > >> > >> (FYI: i'm running this on debian wheezy) > >> > >> I have just added ntp to group staff, but that seems like a workaround... > > > > I don't know why this is happening. I've examined the code, and it does > > not change the group ID, it only creates the directory, forcing the uid. > > > > Indeed, the same code is using for the winbind privileged pipe, which is > > likewise deliberately designed so that you can set the group to a > > specific group for use by squid et al. In this case the group is meant > > to be 'ntp' to allow only NTP access to the pipe. > > Could this be a namespace overlap? Perhaps the directory has the correct > GID, but when Samba spins up the lookup for GID->name goes through it, > and something samba is attached to already has a mapping for that GID. > > (I find it very odd to see asterisks around the group name in ls's > output, too...)
Samba never sets the GID explicitly, but should be gid 0 at this point, so should be creating gid 0 files. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba