Re: [Samba] smbd 100% systemload
Matthias, What version of Samba? What is the output of: smbd -V - John T. On Friday 01 April 2005 00:57, Matthias Henze wrote: hi jose, thanks for the hint, but i do not think, dat this causes the problem. i use ldap on the whole system (pam, nss, mail, samba ...) so goups should be consistent. # net groupmap list users (S-1-5-21-2136796781-1836600926-1834964671-513) - users admins (S-1-5-21-2136796781-1836600926-1834964671-512) - admins guests (S-1-5-21-2136796781-1836600926-1834964671-514) - guests buchhaltung (S-1-5-21-2136796781-1836600926-1834964671-3005) - buchhaltung cheers matthias --On Freitag, April 01, 2005 09:27:30 +0200 José M. Fandiño [EMAIL PROTECTED] wrote: Matthias Henze wrote: hi, thanks for the reply. this solves the problem only partialy. by now, i've no more userer porcesses causing this. at the moment i've one root smbd that causes 100% system load ... root 8668 60.8 0.1 10356 2972 ?RMar31 1173:14 /usr/sbin/smbd -D can some one please help? this is killing me ... I remember a thread in the samba mailing list about 100% of cpu use and the cause was a mapping to an inexistent group or user. -- -BEGIN GEEK CODE BLOCK- Version: 3.1 GCS/IT d- s+:+() a31 C+++ UBL+++$ P+ L+++ E--- W++ N+ o++ K- w--- O+ M+ V- PS+ PE+ Y++ PGP t+ 5 X+$ R- tv-- b+++ DI D+ G++ e- h+(++) !r !z --END GEEK CODE BLOCK-- Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd 100% systemload
hi ulrik, thanks for the reply. --On Freitag, April 01, 2005 09:39:13 +0200 Ulrik Guenther [EMAIL PROTECTED] wrote: Heya, nice to hear that I could (at least partially) help you. The one 100%-taking smbd process, does it constantly take up 100%? I am asking because we have sometimes the same problem, especially when somebody is printing large sketches from AutoCAD. the smbd grped form ps output is at 60% for about 12 houres. on this machine one process like these is no real harm as it's a dual xeon. Have you already tried restarting Samba? yes, and these kind of proces are still there when i stop samba with the initscript. i've to kill -9 them. i also can kill them while samba is running. this is no harm to the system at all. i've no compalins when i do this. Do you have any log files? yes, but at the current loglevel i've only a fewl lines about the ldap connections. i can increase the loglevel. but it will be hard to monitor the system in a way, that allows me to get the exact point of time when one process is running wild. so it will be hard to find a corelation of logmessages an this point of time. but i will do my very best. cheers matthias Regards, Ulrik Matthias Henze wrote: hi, thanks for the reply. this solves the problem only partialy. by now, i've no more userer porcesses causing this. at the moment i've one root smbd that causes 100% system load ... root 8668 60.8 0.1 10356 2972 ?RMar31 1173:14 /usr/sbin/smbd -D can some one please help? this is killing me ... TIA matthias --On Dienstag, März 29, 2005 17:20:29 +0200 Ulrik Guenther [EMAIL PROTECTED] wrote: Heya, the growing number of smbd process and therewith the resulting 100% cpu usage have their reason in samba not killing processes which are not used anymore (since every client causes Samba to spawn a new process). You can resolve this issue by putting deadtime = 60 into your smb.conf. This causes Samba to kill processes which are not used anymore after 60 minutes which should be sufficient. Hope I helped! Have a nice day, Ulrik Matthias Henze wrote: hi, i've a debian sarge setup with samba 3.0.10 with ldap as SAM backend. every thing used to work as expected, but last week the machine went down. an analysis of the problem has showen, that with increasing uptime there is a growing number of smbd processes that caus 100% CPU utilation. tests have showen, that i can kill these processes without harming smb conecctivtiy. this is a workaround but no soulution. i've absolutely no idea what causes this and what i can/should do to track this down. any suggestions ? TIA Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd 100% systemload
hi john, as mentionend default debian sarge package: Version 3.0.10-Debian cheers matthias --On Freitag, April 01, 2005 01:00:55 -0700 John H Terpstra [EMAIL PROTECTED] wrote: Matthias, What version of Samba? What is the output of: smbd -V - John T. On Friday 01 April 2005 00:57, Matthias Henze wrote: hi jose, thanks for the hint, but i do not think, dat this causes the problem. i use ldap on the whole system (pam, nss, mail, samba ...) so goups should be consistent. # net groupmap list users (S-1-5-21-2136796781-1836600926-1834964671-513) - users admins (S-1-5-21-2136796781-1836600926-1834964671-512) - admins guests (S-1-5-21-2136796781-1836600926-1834964671-514) - guests buchhaltung (S-1-5-21-2136796781-1836600926-1834964671-3005) - buchhaltung cheers matthias --On Freitag, April 01, 2005 09:27:30 +0200 José M. Fandiño [EMAIL PROTECTED] wrote: Matthias Henze wrote: hi, thanks for the reply. this solves the problem only partialy. by now, i've no more userer porcesses causing this. at the moment i've one root smbd that causes 100% system load ... root 8668 60.8 0.1 10356 2972 ?RMar31 1173:14 /usr/sbin/smbd -D can some one please help? this is killing me ... I remember a thread in the samba mailing list about 100% of cpu use and the cause was a mapping to an inexistent group or user. -- -BEGIN GEEK CODE BLOCK- Version: 3.1 GCS/IT d- s+:+() a31 C+++ UBL+++$ P+ L+++ E--- W++ N+ o++ K- w--- O+ M+ V- PS+ PE+ Y++ PGP t+ 5 X+$ R- tv-- b+++ DI D+ G++ e- h+(++) !r !z --END GEEK CODE BLOCK-- Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd 100% systemload
i've killed the process. with the next bad process i will do this. this may take some time, as with deadtime, as proposed by ulrik, i've reduced the numer of such processes dramaticly. but this deadtime stuff looks to me like a workaround, no solution, as i do not konw the source of the problem. any way - deadtime made it a bit easier for me. my main concern is that too many of these processes crash the machine and i can't monitor it all the time --On Freitag, April 01, 2005 10:22:46 +0200 José M. Fandiño [EMAIL PROTECTED] wrote: Matthias Henze wrote: hi jose, thanks for the hint, but i do not think, dat this causes the problem. i use ldap on the whole system (pam, nss, mail, samba ...) so goups should be consistent. # net groupmap list users (S-1-5-21-2136796781-1836600926-1834964671-513) - users admins (S-1-5-21-2136796781-1836600926-1834964671-512) - admins guests (S-1-5-21-2136796781-1836600926-1834964671-514) - guests buchhaltung (S-1-5-21-2136796781-1836600926-1834964671-3005) - buchhaltung could you run strace with the -p parameter pointing the proccess with high cpu use? # strace -h ... -p pid -- trace process with process id PID, may be repeated -- -BEGIN GEEK CODE BLOCK- Version: 3.1 GCS/IT d- s+:+() a31 C+++ UBL+++$ P+ L+++ E--- W++ N+ o++ K- w--- O+ M+ V- PS+ PE+ Y++ PGP t+ 5 X+$ R- tv-- b+++ DI D+ G++ e- h+(++) !r !z --END GEEK CODE BLOCK-- Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] INTERNAL ERROR
Hi all I have got a samba-3.0.13 (hot off the press) PDC running here that also works as a print server printig via cups-1.1.23. As a backend I use openldap-2.2.11 What I get in my log files is what you see below. It seems this only happens when the user prints a *.pdf file. The message shows up once in a while, definetly not for every print job that gets submitted. Printing of those *.pdf files seems to work as well, bacause I don't here any complains and cries for solutions from Big Bill. I googled and checked the HOWTO to no avail. Help is greatly appreciated 12-100 (10.230.11.94) connect to service print$ initially as user graf (uid=1006, gid=513) (pid 5702) [2005/04/01 10:46:30, 0] lib/fault.c:fault_report(36) === [2005/04/01 10:46:30, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 5702 (3.0.13) Please read the appendix Bugs of the Samba HOWTO collection [2005/04/01 10:46:30, 0] lib/fault.c:fault_report(39) === [2005/04/01 10:46:30, 0] lib/util.c:smb_panic2(1495) PANIC: internal error [2005/04/01 10:46:30, 0] lib/util.c:smb_panic2(1503) BACKTRACE: 19 stack frames: #0 /usr/local/samba/sbin/smbd(smb_panic2+0x7c) [0x81dbc5c] #1 /usr/local/samba/sbin/smbd(smb_panic+0x1a) [0x81dbe5a] #2 /usr/local/samba/sbin/smbd [0x81c99c8] #3 [0xe420] #4 /usr/local/samba/sbin/smbd(smb_io_notify_info_data_strings+0x1be) [0x818381e] #5 /usr/local/samba/sbin/smbd [0x8183b47] #6 /usr/local/samba/sbin/smbd(spoolss_io_r_rfnpcnex+0x84) [0x81872e4] #7 /usr/local/samba/sbin/smbd [0x812240a] #8 /usr/local/samba/sbin/smbd(api_rpcTNP+0x248) [0x81545d8] #9 /usr/local/samba/sbin/smbd(api_pipe_request+0x90) [0x81549d0] #10 /usr/local/samba/sbin/smbd [0x8150b3c] #11 /usr/local/samba/sbin/smbd [0x808b9a3] #12 /usr/local/samba/sbin/smbd(reply_trans+0xa3f) [0x808c65f] #13 /usr/local/samba/sbin/smbd [0x80d2a84] #14 /usr/local/samba/sbin/smbd(process_smb+0x16a) [0x80d2e6a] #15 /usr/local/samba/sbin/smbd(smbd_process+0x145) [0x80d3b65] #16 /usr/local/samba/sbin/smbd(main+0x82b) [0x82454eb] #17 /lib/tls/libc.so.6(__libc_start_main+0xe0) [0x4020d500] #18 /usr/local/samba/sbin/smbd [0x8077eb1] -- Best Regards Robert Gehr It you want to live a happy life, tie it to a goal - not to people or things. ~ Albert Einstein o /\ /_ o__ o* ~(_) ,/'_ o__ Robert Gehr (_)\(_) ,/'_ o__ o__ Baumann GmbH, 92224 Amberg (_)\(_) ,/'_ ,/' visit: http://www.baumann-gmbh.de (_)\(_) (_)\(_) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ntlm_auth, samba PDC
Dmitry Melekhov wrote: Oh, now I have it works with basic (this is from squid user): /usr/sbin/ntlm_auth --helper-protocol=squid-2.5-basic dm rightpass OK dm wrongpass ERR But I mant to have ntlm athentification. This is what I wrote in squid.conf: auth_param ntlm program /usr/sbin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes And, unfortuntely, this doesn't work... Nothing in logs :-( Certanly, I have to add -d 10 and look int logs again, but any way right now I have no time :- So, may be somebody can tell me what is wrong And be somebody can tell me how can I test ntlm_auth from command line? Thank you! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How to prevent creation of user profiles which they don't logon locally
Hi all, We're using NT4.0 server as a PDC. I can easily logon the domain on Mandrake 10.1 with samba and winbind. There is no problem with domain logons. But sometimes some domain user profiles are created at /home/NTDOMAIN directory even if they did't logon the computer locally or din't access any shared resource remotelly. How can prevent the creation of the user profiles which didn't logon the computer locally. All I want is the user profiles should be created if the user logons the system locally. My smb.conf file is below. Thanks. -- [global] workgroup = NTDOMAIN netbios name = LNX01 domain master = no local master = no preferred master = no os level = 0 server string = %L log file = /var/log/samba/log.%m log level = 7 local master = no max log size = 50 security = domain password server = nt1, nt2 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd winbind uid = 1-2 winbind gid = 1-2 winbind use default domain = yes winbind enum users = yes winbind enum groups = yes winbind enable local accounts = yes template homedir = /home/%D/%u obey pam restrictions = yes template shell = /bin/bash socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 1-2 idmap gid = 1-2 wins server = 10.10.0.10 dns proxy = no dos charset = 857 unix charset = ISO8859-9 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL support
Gerald (Jerry) Carter: Tony Earnshaw wrote: | I have added --with-acl-support in the CFLAGS section in the SPEC file. | | | This should be --with-acl according to my RH spec. That's wrong. $ ./configure --help | grep acl ~ --with-acl-support Include ACL support (default=no) Great, thanks! Now that bit works, after a recompile.: 1173 [root:tru] /m/samba3 # smbd -b | grep ACL HAVE_SYS_ACL_H HAVE_POSIX_ACLS Best, --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: exclude_dir option for VFS recycle module
Kevin Kobb wrote:
Hello all,
I am testing the VFS recycle module, and have a question.
The module is working the way I hoped with the exception of the
exclude_dir option. I have an entry like:
exclude_dir = dir1 -- files I place in dir1 are not sent to the recycle
location. However, if I have a folder beneath dir1 like dir1/dir2, files
in dir2 get sent to the recycle location. I've tried using wildcards in
my smb.conf like exclude_dir = dir1/*, exclude_dir = dir1*, and other
combinations, but still can't get it to work.
Can somebody advise me if this is an intended mode of operation, a bug,
or a configuration error on my part?
I am using Samba 3.12 on 5.3-RELEASE-p6.
Thanks.
OK, may have found my answer. Found the following in vfs_recycle.c:
/* FIXME: this check will fail if we have more than one level of
directories,
* we shoud check for every level 1, 1/2, 1/2/3, 1/2/3/4
* ---simo
*/
if (checkparam(recycle_exclude_dir(handle), path_name)) {
DEBUG(3, (recycle: directory %s is excluded \n,
path_name));
rc = SMB_VFS_NEXT_UNLINK(handle, conn, file_name);
goto done;
}
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] INTERNAL ERROR
Hi, You must apropriate set these settings: printing = cups or LPRNG and lpq command = %p or echo hhh /dev/null [global] .. printing = cups printcap name = /etc/printcap lpq cache time = 10 lpq command = %p lprm command = lppause command = lpresume command = [str-hplj4050tn] comment = STR - 3.posch. (velka,duplex) path = /var/spool/samba printable = yes printing = cups lpq command = %p valid users = @admins @S41000 @S44020 @S44040 @S44060 [pdf_printer] comment = HP Color LaserJet 8500 PS(A3) path = /tmp printable = yes printing = LPRNG guest ok = no print command = /usr/local/samba_tools/printpdf.sh %s %U %J # This is not very nice solutions, but it's work OK lpq command = echo hhh /dev/null Ivan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC without WINS - performance boost?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have an unsolved problem with WINS, when i was setting the PDC i connected it to a lan (DHCP) to update the OS, and when i changed it to production environment i defined a static IP. Even after clearing the cache WINS still looks for the old ip to get browse syncs. I've seen this issue posted in some threads in the samba mailing list as well as in other places - NEVER SOLVED! I would like some feedback, regarding the following: Disable the wins server from samba and the netbios from client machines (all XP), install DNS in the PDC. I expect this would reduce network traffic to increase performance. Can this be done? Cheers, Bruno -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCTUbuWrVn3yGSWb4RAkHjAJ0esoz0+yxN6f4jmSxsVXrhaXTMHACfcijK wCNzgdK9grd4M4xkTz0pn7A= =/Oub -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net setlocalsid for doimain doesn't work as wanted
Hello, my problem is very strange. my old system diplays the following: net getlocalsid SID for domain RECHNER is: S-1-5-21-3464519980-904022163-2257070510 and net getlocalsid DOMÄNE SID for domain DOMÄNE is: S-1-5-21-3464519980-904022163-2257070510 my new system should be similar to the old one and displays this: net getlocalsid SID for domain RECHNER2 is: S-1-5-21-3464519980-904022163-2257070510 and net getlocalsid DOMÄNE SID for domain DOMÄNE is: S-1-5-21-2174182338-2397528515-139407038 I tried to set the SID for the domain via net setlocalsid but it only changes the local machine SID not the domain SID. How can I change the SID for the domain? What do I have to do? Kind regards Norman Trapp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Linux permissions not appearing under kernel 2.6
I have three machine mounting a samba share on a debian server running 3.0.11 (just updated as 3.0.10 has some serious problems). There's an XP box, and two Ubuntu (debian) PCs, one with Warty (kernel 2.4.21) and Hoary (kernel 2.6.4 / 5). Both Ubunutu machines have the following entry in fstab: \\Server\Documents /home/phill/Documents smbfs user,uid=nobody,gid=phill,guest 0 0 and both are running smbfs, libsmbclient, smbclient and samba-common 3.0.7-1-ubuntu6. Basically with Warty and even windows I get the correct file permissions from my shared drive, e.g. -rwxr-xr-x 1 nobody phill 11K 2005-02-17 18:14 documents.sxw -r-xr-xr-x 1 nobody phill 16K 2005-01-18 15:34 timesheet.sxw (this file is read only as it is on the server) Under Hoary I just get: -rwxr-xr-x 1 nobody phill 11K 2005-02-17 18:14 documents.sxw -rwxr-xr-x 1 nobody phill 16K 2005-01-18 15:34 timesheet.sxw i.e. write access for all files regardless (of course this write access fails but it means that docs don't come up as read only) The user gets rwx permissions on every file regardless of what it says on the server. This doesn't happen under Warty nor the windows PC, they both display the properties correctly. Can anyone explain this / confirm it / point me to the solution? Thanks... P h i l l -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to prevent creation of user profiles which they don't logon locally
Hello, there might be several reasons for the fact that home dir's get created. with the 'template homedir = /home/%D/%u' you can direct a domain user's home dir to a specific place. you could try to set it to an allround dir ea. 'template homedir = /tmp' I'm not sure if samba/winbind create the actualy dir it self.! it could also be the PAM module that create a homedir (ea. pam_mkhomedir.so) you have to check that.. Good luck with it.. Collen. Mehmet Özgün wrote: Hi all, We're using NT4.0 server as a PDC. I can easily logon the domain on Mandrake 10.1 with samba and winbind. There is no problem with domain logons. But sometimes some domain user profiles are created at /home/NTDOMAIN directory even if they did't logon the computer locally or din't access any shared resource remotelly. How can prevent the creation of the user profiles which didn't logon the computer locally. All I want is the user profiles should be created if the user logons the system locally. My smb.conf file is below. Thanks. -- [global] workgroup = NTDOMAIN netbios name = LNX01 domain master = no local master = no preferred master = no os level = 0 server string = %L log file = /var/log/samba/log.%m log level = 7 local master = no max log size = 50 security = domain password server = nt1, nt2 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd winbind uid = 1-2 winbind gid = 1-2 winbind use default domain = yes winbind enum users = yes winbind enum groups = yes winbind enable local accounts = yes template homedir = /home/%D/%u obey pam restrictions = yes template shell = /bin/bash socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 idmap uid = 1-2 idmap gid = 1-2 wins server = 10.10.0.10 dns proxy = no dos charset = 857 unix charset = ISO8859-9 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Interesting usrmgr.exe issue
I have a Samba3 PDC/LDAP/PAM/NSS running in a lab. Everything works great. I am using the smbldap scripts for in smb.conf so i can use usrmgr.exe. Last night I was testing to make sure it was all working ok. I added about 6 accounts throught usrmgr.exe with no problem. The smbldap scripts added the user to LDAP, and then samba 'extended' them to samba accounts. Then I tried to add an account for myself using my usual username. It failed. I tried again, it failed. I was given an error of Access Denied My troubleshooting went as follows: -run the smbldap script on the local machine. LDAP posix account added OK. -run smbpasswd -a username. Account 'extended to samba account OK. -Deleted the account -run smbpasswd -a username. Failed Cannot create user, but a user account appeared in ldap. It only had sambaaccount objecttype. No posixaccount, no shadowaccount, no inetorgperson. Hmmm, strange. After about an hour of scrambling, I figured out what was happening. My 'usual' useraccount was already in the local machines /etc/passwd. After removing it from /etc/passwd all attempts to add the account were successful. So my question is . . . Does samba do some check on /etc/passwd, before adding an account, even if ldap is used as the backend passdb? Thanks, cooper -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ntlm_auth question
-Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Thursday, March 31, 2005 3:31 PM To: Snodgrass, Micah Cc: samba@lists.samba.org Subject: RE: [Samba] ntlm_auth question On Thu, 2005-03-31 at 07:36 -0600, Snodgrass, Micah wrote: Thank you much Andrew, joining the domain did the trick. For the record, doing a net rpc join -U administrator from the Linux/FreeRADIUS box joined the machine to the domain, but still no luck. I took a look at the Win2k3 AD server, and had to check the foolish little check box on the account for the Linux computer that said something like This machine is a Pre-Windows 2000 machine and then we were talking. Had you done a 'net ads join' and set 'security=ads' in your smb.conf, then it would have worked. I'm lining up a micro-patch to make the error message indicate the need for a domain join. Hmmm... no I didn't. I'm not familiar with the net ads command *digs out google and man pages* - At this point, it's safe to say that I have done neither. smb.conf has security = server, and then password server = ip.of.AD.server. Once I sat down at the AD server and checked that foolish this is a pre-windows 2000 computer checkbox, ntlm_auth started working fine, and I moved on to the next hurdle in the project which is a problem with the FreeRADIUS config file. (something totally unrelated to samba, so I won't bore you with the details. thanks again for the help. I'll do some digging into security=ads and net ads ... as it sounds like they may save me future headaches. -MS -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 by Example Migrations
One topic I can't find in either Samba 3 by Example or the Offical Samba 3 Howto Reference Guide is that of migrating from a Samba3 server to a newer Samba 3 server (meaning newer hardware in this case). We are currently using the smbpasswd backend. I plan to move to tdbsam but that hasn't been done yet. All of the servers in question are running either whitebox 3 or redhat 9 (if it matters) and Samba 3.0.4. Our primary migration goal is to not have to touch all the 2000 workstations to rejoin them to the domain. I have messed around with manually merging /etc/group, /etc/passwd, /etc/shadow, /etc/samba/smbpasswd and copying /etc/samba/secrets.tdb from the old to the new server and have been able to make this work (once at least so far - I'm still experimenting) but would like to use better methods for the migration. I like 'net rpc vampire' on NT4 but that to my surprise doesn't seem to work against a Samba PDC and if it is addressed in a Samba to Samba context in either book I couldn't find it. I'm going to experiment in a little while with converting to tdbsam first but it occured to me that someone out there might be able to cut down on the time I have to spend experimenting if I just ask. Anyone done this before? -- Mike Rambo [EMAIL PROTECTED] NOTE: In order to control energy costs the light at the end of the tunnel has been shut off until further notice... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.13 DFS problem
Hi, After upgrading Samba to version 3.0.13, we had the following problem wit our DFS root share: From WinXP SP2 clients, we were unable to open *.exe en *.htm(l) files by browsing through our DFS tree. We had no problems with *.doc and *.xls files. Error messages: cannot find file ... for htm files cannot get acces to the device, path or file... for .exe files. Files couldn't be opened by directly clicking on them, nor by going through file - open - browse ... On Win2k clients everything worked fine. I didn't test WinXP SP1. Downgrading back to version 3.0.11 solved the problem. Our server is running RH ES 3 with the latest updates Regards, Johan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3 by Example Migrations
I agree on the migrations and Samba 3 - but I suppose the Samba team would appreciate it if rather than just requesting it, maybe some of us should provide some content, eh? Basically, with smbpasswd, if you take the /etc/shadow, etc/group, and /etc/passwd, the contents of /etc/samba, and I believe /var/lib/samba and move it to another machine, you've effectively migrated to that machine. One key here is keeping the host name the same so that the SID's remain intact. You could change the hostname if you restore the SID use the net getlocalSID - but keeping the SID intact is the key to keeping your domain structure intact. I'd do the upgrade to ldbsam (or ldap, if inclined) after you did the migration to new hardware. Good luck.. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 04/01/2005 08:01:03 AM: One topic I can't find in either Samba 3 by Example or the Offical Samba 3 Howto Reference Guide is that of migrating from a Samba3 server to a newer Samba 3 server (meaning newer hardware in this case). We are currently using the smbpasswd backend. I plan to move to tdbsam but that hasn't been done yet. All of the servers in question are running either whitebox 3 or redhat 9 (if it matters) and Samba 3.0.4. Our primary migration goal is to not have to touch all the 2000 workstations to rejoin them to the domain. I have messed around with manually merging /etc/group, /etc/passwd, /etc/shadow, /etc/samba/smbpasswd and copying /etc/samba/secrets.tdb from the old to the new server and have been able to make this work (once at least so far - I'm still experimenting) but would like to use better methods for the migration. I like 'net rpc vampire' on NT4 but that to my surprise doesn't seem to work against a Samba PDC and if it is addressed in a Samba to Samba context in either book I couldn't find it. I'm going to experiment in a little while with converting to tdbsam first but it occured to me that someone out there might be able to cut down on the time I have to spend experimenting if I just ask. Anyone done this before? -- Mike Rambo [EMAIL PROTECTED] NOTE: In order to control energy costs the light at the end of the tunnel has been shut off until further notice... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.13 DFS problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Johan Coenen wrote: | Hi, | | After upgrading Samba to version 3.0.13, we | had the following problem with our DFS root share: | | From WinXP SP2 clients, we were unable to | open *.exe en *.htm(l) files by browsing | through our DFS tree. We had no problems | with *.doc and *.xls files. | | Error messages: | cannot find file ... for htm files | cannot get acces to the device, path or file... | for .exe files. | | Files couldn't be opened by directly clicking | on them, nor by going through file - open - browse ... Gahhh!! reproduced it. Will try to figure something out this morning. Thanks for letting us know. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCTV1/IR7qMdg1EfYRAhsPAJ4ptvGEe354owQHkof0QtweEmf50gCgwIKT Ey+szu3Bqtv9AbMoXmWk4U0= =RIwu -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba ads problem
I follow the procedure for the integration of Samba 3.0.13 in Ads environement, but when I enter the command net ads join -U administrator system return me this error: --errror morgoth:/usr/local/samba/bin# ./net ads join -U administrator administrateur's password: [2005/04/01 16:34:48, 0] utils/net_ads.c:ads_startup(191) ads_connect: No such file or directory morgoth:/usr/local/samba/bin# --- Do you have any idea? does the installation of samba was bad? thanks, guillaume __ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error when add Samba 3.0.10-1.fc3 to Windows NT Domain
John H Terpstra: [...] Next time you come back and write: I used the official Samba HOWTO Collection to configure and it didn't work. Like that's what I mostly did when I first started with Samba, it works, so I have no particular questions (apart from ACLs, which refuse to work at all), it all works as documented. I am adding ACLs documentation to the HOWTO so as to help clarify this black-art area. :-) Just give me a few days to get it together. Actually, the ACL doco in the HOWTO collection is pretty good and shouldn't need augmenting. Things on my XP workstation work slightly differently (i.e. buttons appear in other places than described, etc.). I can modify DOS )?) file attributes, but I can't modify group file ACLs. The thing doesn't refuse me by saying Access denied, it just doesn't modify anything. In short: 1: I can do all the (RHAS3) command line setfacl etc and that works; 2: after Jerry's correction (on the list) to my faulty rpm spec ./configure parameter, my smbd -b output is as it should be (so Samba here supports ACLs). 3: The only thing left is, that some part of my smb.conf has to be wrong. SWAT says that I have nt acl support, I've WAIT A MINUTE! IT WORKS NOW! Changing AC Ls from my XP machine works now! While I was writing this, I hauled all the ACL lines (3 of them) from my [global] smb.conf section, leaving nt acl support = Yes by default And then it all started working :))) Amazing. Now I can go about adding ACL directives to each share to see what happens to individual shares. Thanks, John! --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Need help with log creation
For the life of me, I can not figure out why I keep getting 2 logs for each deamon. In smb.conf: log file = /var/log/samba/%m.log In smb init script: CONFIG=/etc/samba/smb.conf When I use the init script to start samba, it logs to log.*. When the logs rotate however and they are restarted with /bin/kill -HUP `cat /var/run/smbd.pid etc., it logs as specified in the config file. So I am left with log.smbd _and_ smbd.log depending on how they are started/restarted. Is there a setting somewhere (probably obvious) that I am missing? Running Samba 3.0.13 on RH 7.2 Thanks in advance for any hints as to what I am missing... Ed . . . . . . . . . . . . . . . Randomly generated quote: Whenever you fall, pick something up. --Oswald Avery -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba ads problem
Guillaume; Nice name! We need a little more informaiton to help. :7) Did you compile support for Active Directory use into Samba? What platform, what version of Samba, and what version of supporting software (like Kerberos and OpenLDAP) are you using? Are you using RPMs? -wde -- Will Enestvedt UNIX System Administrator Johnson Wales University -- Providence, RI -Original Message- Sent: Friday, April 01, 2005 9:46 AM To: samba@lists.samba.org Subject: [Samba] samba ads problem I follow the procedure for the integration of Samba 3.0.13 in Ads environement, but when I enter the command net ads join -U administrator system return me this error: --errror morgoth:/usr/local/samba/bin# ./net ads join -U administrator administrateur's password: [2005/04/01 16:34:48, 0] utils/net_ads.c:ads_startup(191) ads_connect: No such file or directory morgoth:/usr/local/samba/bin# --- Do you have any idea? does the installation of samba was bad? thanks, guillaume __ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba ads problem
OK... :) I compile all of the progs module that i need... open ldap, kerberos, and samba 1) kerberos was just build like that: ./configure, make, make install 2)I compile configure OpenLdap like that: ./configure --enable-syslog --disable-slapd 3) and finally, samba was configured with this options: --with-krb5=/usr/local --with-pam,ads,ldap,winbind,acl-suppport,quotas. all compilation were a success (with no critical error) . Maybe, I have this error because I tune my installation folder for samba (its not in the path). I was on this project for many month, and I hope that it will work some days :) --- William Enestvedt [EMAIL PROTECTED] wrote: Guillaume; Nice name! We need a little more informaiton to help. :7) Did you compile support for Active Directory use into Samba? What platform, what version of Samba, and what version of supporting software (like Kerberos and OpenLDAP) are you using? Are you using RPMs? -wde -- Will Enestvedt UNIX System Administrator Johnson Wales University -- Providence, RI -Original Message- Sent: Friday, April 01, 2005 9:46 AM To: samba@lists.samba.org Subject: [Samba] samba ads problem I follow the procedure for the integration of Samba 3.0.13 in Ads environement, but when I enter the command net ads join -U administrator system return me this error: --errror morgoth:/usr/local/samba/bin# ./net ads join -U administrator administrateur's password: [2005/04/01 16:34:48, 0] utils/net_ads.c:ads_startup(191) ads_connect: No such file or directory morgoth:/usr/local/samba/bin# --- Do you have any idea? does the installation of samba was bad? thanks, guillaume __ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba __ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, master, slave LDAP
Hello: I have set up PDC and BDC using samba 3.0.11 and also master, slave LDAP (using openldap 2.2.23) on 4 separated machine. I would like to know how to config PDC/BDC samba so that when the master LDAP is down, the PDC/BDC will check the slave LDAP automatically. Also, do I need to config smbldap_conf.pm file for the $masterLDAP / $slaveLDAP value? Actually, what the use of smbldap_conf.pm file? Carmen __ Yahoo! Messenger Show us what our next emoticon should look like. Join the fun. http://www.advision.webevents.yahoo.com/emoticontest -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, master, slave LDAP
Hi Carmen, - Messaggio Originale - OGGETTO:[Samba] Samba, master, slave LDAP DA: Carmen Wai A:General Samba; DATA:01-04-2005 17:30 Hello: I have set up PDC and BDC using samba 3.0.11 and also master, slave LDAP (using openldap 2.2.23) on 4 separated machine. I would like to know how to config PDC/BDC samba so that when the master LDAP is down, the PDC/BDC will check the slave LDAP automatically. In the smb.conf of the PDC/BDC you can specify passdb backend = ldapsam: ldap:// ldap://; In this example only 1 slave is configured but i may extend to include all your slave ldaps. Also, do I need to config smbldap_conf.pm file for the $masterLDAP / $slaveLDAP value? Actually, what the use of smbldap_conf.pm file? The smbldap tools are needed for manage your accounts, not for automatic load balance or fail-over during logon or sharing access. In the smbldap_conf.pm of your generic PDC/BDC you can specify your Master LDAP and only a slave LDAP (I think..), choose a slave ldap nearing to the DC that you configure... Carmen __ Yahoo! Messenger Show us what our next emoticon should look like. Join the fun. http://www.advision.webevents.yahoo.com/emoticontest -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Bye, Roberto Morelli System Administrator Azienda U.S.L. 11 Empoli (FI) Italy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Need help with log creation
Ed, For the life of me, I can not figure out why I keep getting 2 logs for each deamon. In smb.conf: log file = /var/log/samba/%m.log In smb init script: CONFIG=/etc/samba/smb.conf When I use the init script to start samba, it logs to log.*. When the logs rotate however and they are restarted with /bin/kill -HUP `cat /var/run/smbd.pid etc., it logs as specified in the config file. So I am left with log.smbd _and_ smbd.log depending on how they are started/restarted. Is there a setting somewhere (probably obvious) that I am missing? Running Samba 3.0.13 on RH 7.2 Thanks in advance for any hints as to what I am missing... I am probably way off here but I know initially I was running a slightly earlier version of Samba than 3.0.13 and my logs defaulted to smbd.log, now they are log.smbd. Is it possible that you somehow have two different versions of Samba running on your machine? Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.13 DFS problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Johan Coenen wrote: | From WinXP SP2 clients, we were unable to open | *.exe en *.htm(l) files by browsing through our | DFS tree. We had no problems with *.doc and | *.xls files. After some investigation, I'm pretty sure this is my fault. It willbe Monday before I can get a patch together though. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCTX2PIR7qMdg1EfYRAhlpAKCWgEwSywayr3JQWjxru4PS+3+hFgCgq/3s 5IL/PSSKYHH/DYtNE86H86s= =F0Dy -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 2000 xp clients
My 2000 and xp clients are logging on to my samba pdc but they do not process the logon script. But the win 98 clients work just fine. Has anyone else had this problem and what is the fix? 2000 xp kind of ignores the smb.conf Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] Problem with wbinfo
I tried to resolve this problem (password expired) changing the value of the ldap Administrator account field sambaPwdMustChange to 0. But I still having the same error, as the message above. Any help? Ricardo. -- Forwarded message -- From: Ricardo Maciel [EMAIL PROTECTED] Date: Mar 30, 2005 2:02 PM Subject: Re: [Samba] Problem with wbinfo To: samba@lists.samba.org Hamish, Executing the command above at the client, result: # # # net rpc join -S 10.80.100.62 -U Administrator -d2 [2005/03/30 13:53:02, 2] lib/interface.c:add_interface(79) added interface ip=10.80.100.98 bcast=10.80.100.255 nmask=255.255.255.0 [2005/03/30 13:53:02, 1] utils/net_rpc.c:run_rpc_command(152) rpc command function failed! (NT_STATUS_ACCESS_DENIED) Password: [2005/03/30 13:53:05, 2] libsmb/cliconnect.c:cli_session_setup_spnego(635) Doing spnego session setup (blob length=58) [2005/03/30 13:53:05, 1] libsmb/cliconnect.c:cli_full_connection(1378) failed session setup with NT_STATUS_PASSWORD_EXPIRED [2005/03/30 13:53:05, 1] utils/net.c:connect_to_ipc(150) Cannot connect to server. Error was NT_STATUS_PASSWORD_EXPIRED [2005/03/30 13:53:05, 2] utils/net.c:main(758) return code = 1 # # So, I think that the Administrator's password is expired. Any help? Ricardo. On Wed, 30 Mar 2005 16:21:39 +0100, Hamish [EMAIL PROTECTED] wrote: Have you joined the box the domain? Sorry. I didn't understand! Have you run the following command? net join -U Administrator -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows ask for password when i try to access home shares
Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Thanks Cristian -- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows ask for password when i try to access home shares
Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Thanks Cristian -- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows ask for password when i try to access home shares
Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Thanks Cristian -- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows ask for password when i try to access home shares
Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Thanks Cristian -- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows ask for password when i try to access home shares
Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Thanks Cristian -- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows ask for password when i try to access home shares
Cristian Thiago Moecke wrote: Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Check directory permissions. Also, you probably want to set up ACLs. Thanks Cristian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows ask for password when i try to access home
-- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC [EMAIL PROTECTED] LMP]# ls -lt total 8 drwxr-xr-x 2 LMP\moecke LMP\Domain Users 4096 Abr 1 14:37 moecke drwxr-xr-x 2 LMP\teste LMP\Domain Users 4096 Abr 1 14:31 teste [EMAIL PROTECTED] LMP]# There are the permissions... something wrong about it? And ACLs... hmmm... is there any good documentation about it? Maybe is an stupid question but... Why exactly i will need it? -- Cristian Thiago Moecke CPD do Laboratório de Mecânica de Precisão - UFSC Cristian Thiago Moecke wrote: Ok, firist of all, thanks for the DONT USE SWAT!!! tip... it worked for me, very fine! :D Now I have the Linux box in my domain, winbind is runing just fine I guess (the getent and wbinfo commands return what they should return, and I can set the permissions of dirs to domain accounts... i loved that, by the way, when I decided to use samba I was not expecting this kind of thing! Very very nice :D), but... i am having problems setting up the homes... I had set up pam to create the home dirs, and now when I log in a Windows workstation and acces the samba server, it shows a dir of the username. If I try to acces it, it creates a dir in the directory i set PAM to do it (/home/MYDOMAIN/username) but it aasks for a password! And I tyed many passwords and no one worked... I found a lot of questions like that in internet but no answers. Could someone help me on that? Check directory permissions. Also, you probably want to set up ACLs. Thanks Cristian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Aliased interface/multi-smb on one machine + security = DOMAIN model
Hello all, Have a little trouble here. I've got a single machine with multiple instances of smb running attached to different services (for use with RedHat HA). Each instances is bound to it's own aliased IP using the machine's primary interface (eth0). I issue the `smbpasswd -j DOMAIN -r IP -c /etc/samba/smb.conf.Apache -U admin%pass` and `smbpasswd -j DOMAIN -r IP -c /etc/samba/smb.conf.FTP -U admin%pass`, however only the last config that I joined the domain with works, the first keeps prompting me for a password. Also neither of these instances register themselves with the WINS server, we had to manually enter a static entry, this is not a problem with the same configs (all same IP's) in the security = SERVER model. I'm running smb 2.2.12 on RedHat AS 2.1. Below are the config files, any help would be greatly appreciated. /etc/samba/smb.conf.Apache - [global] workgroup = PDCSERVER lock directory = /var/cache/samba/Apache pid directory = /var/cache/samba/Apache bind interfaces only = yes interfaces = 10.254.100.150 server string = Xisle Cluster Samba Server (Fear the Penguin) debug level = 1 security = DOMAIN password server = 192.192.192.130 domain master = no local master = no log file = /var/log/samba/log.%m max log size = 100 name resolve order = wins lmhosts bcast socket options = TCP_NODELAY dns proxy = No netbios name = smb-test-1 socket address = 10.254.100.150 wins server = 192.192.192.238 hosts allow = 192.192.192. 172.16. 192.168. 127. guest account = nobody encrypt passwords = yes domain logons = no - /etc/samba/smb.conf.FTP - [global] workgroup = PDCSERVER lock directory = /var/cache/samba/FTP pid directory = /var/cache/samba/FTP bind interfaces only = yes interfaces = 10.254.100.151 server string = Xisle Cluster Samba Server (Fear the Penguin) debug level = 1 security = DOMAIN password server = 192.192.192.130 domain master = no local master = no log file = /var/log/samba/log.%m max log size = 100 name resolve order = wins lmhosts bcast socket options = TCP_NODELAY dns proxy = No netbios name = smb-test-2 socket address = 10.254.100.151 wins server = 192.192.192.238 hosts allow = 192.192.192. 172.16. 192.168. 127. guest account = nobody encrypt passwords = yes domain logons = no - Thanks for any help! Chris Rutledge [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] The information contained in this email and any attachments may be privileged and/or confidential and protected from disclosure. It is intended solely for the use of the recipient(s) to whom it is addressed, or an employee or agent responsible for delivering this message to the intended recipient(s). You are hereby notified that any dissemination, distribution, copying or other use of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by reply email and delete this email and all attachments from your system. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Aliased interface/multi-smb on one machine + security = DOMAIN model
After thinking about it, I ran a quick test and discovered that during the smbpasswd domain registration it uses the machines primary IP, not the alias per the config file...how do I tell smbpasswd to use a different IP when registering? - Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chris Rutledge Sent: Friday, April 01, 2005 2:25 PM To: samba@lists.samba.org Subject: [Samba] Aliased interface/multi-smb on one machine + security = DOMAIN model Hello all, Have a little trouble here. I've got a single machine with multiple instances of smb running attached to different services (for use with RedHat HA). Each instances is bound to it's own aliased IP using the machine's primary interface (eth0). I issue the `smbpasswd -j DOMAIN -r IP -c /etc/samba/smb.conf.Apache -U admin%pass` and `smbpasswd -j DOMAIN -r IP -c /etc/samba/smb.conf.FTP -U admin%pass`, however only the last config that I joined the domain with works, the first keeps prompting me for a password. Also neither of these instances register themselves with the WINS server, we had to manually enter a static entry, this is not a problem with the same configs (all same IP's) in the security = SERVER model. I'm running smb 2.2.12 on RedHat AS 2.1. Below are the config files, any help would be greatly appreciated. /etc/samba/smb.conf.Apache - [global] workgroup = PDCSERVER lock directory = /var/cache/samba/Apache pid directory = /var/cache/samba/Apache bind interfaces only = yes interfaces = 10.254.100.150 server string = Xisle Cluster Samba Server (Fear the Penguin) debug level = 1 security = DOMAIN password server = 192.192.192.130 domain master = no local master = no log file = /var/log/samba/log.%m max log size = 100 name resolve order = wins lmhosts bcast socket options = TCP_NODELAY dns proxy = No netbios name = smb-test-1 socket address = 10.254.100.150 wins server = 192.192.192.238 hosts allow = 192.192.192. 172.16. 192.168. 127. guest account = nobody encrypt passwords = yes domain logons = no - /etc/samba/smb.conf.FTP - [global] workgroup = PDCSERVER lock directory = /var/cache/samba/FTP pid directory = /var/cache/samba/FTP bind interfaces only = yes interfaces = 10.254.100.151 server string = Xisle Cluster Samba Server (Fear the Penguin) debug level = 1 security = DOMAIN password server = 192.192.192.130 domain master = no local master = no log file = /var/log/samba/log.%m max log size = 100 name resolve order = wins lmhosts bcast socket options = TCP_NODELAY dns proxy = No netbios name = smb-test-2 socket address = 10.254.100.151 wins server = 192.192.192.238 hosts allow = 192.192.192. 172.16. 192.168. 127. guest account = nobody encrypt passwords = yes domain logons = no - Thanks for any help! Chris Rutledge [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] The information contained in this email and any attachments may be privileged and/or confidential and protected from disclosure. It is intended solely for the use of the recipient(s) to whom it is addressed, or an employee or agent responsible for delivering this message to the intended recipient(s). You are hereby notified that any dissemination, distribution, copying or other use of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by reply email and delete this email and all attachments from your system. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Permissions assignment problem
Hey there,
I am, for the first time, playing around with Samba seriously (mainly
thinking about replacing NFS with it). I'm using a Linux 2.6.x client
with the cifs.ko kernel module/filesystem type.
I've found that I can't change the permissions on files to arbitrary
values; they must not be greater than the bits specified in 'create
mask' (and friends). The problem appears to be
source/smbd/trans2.c:795 (function unix_perms_from_wire); I think it's
applying lp_create_mask unconditionally (instead of just applying it
when a file's being created - I suppose it doesn't know one way or
another, of course).
If anybody would like more information, then by all means just say so. I
have attached my complete smb.conf for reference.
--
Arguing with an engineer is like wrestling with a pig in mud.
After a while, you realise the pig is enjoying it.
OpenPGP v4 key ID: 4096R/59DDCB9F
Fingerprint: CC53 F124 35C0 7BC2 58FE 7A3C 157D DFD9 59DD CB9F
Retreive from subkeys.pgp.net or risk key corruption
#
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options most of which
# are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentary and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command
# testparm to check that you have not many any basic syntactic
# errors.
#
#=== Global Settings ===
[global]
## Browsing/Identification ###
# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = OFFICE
# server string is the equivalent of the NT Description field
server string = %h server (Samba %v)
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
; wins support = no
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no
# What naming service and in what order should we use to resolve host names
# to IP addresses
; name resolve order = lmhosts host wins bcast
Debugging/Accounting
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Put a capping on the size of the log files (in Kb).
max log size = 1000
# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
; syslog only = no
# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
syslog = 0
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
### Authentication ###
# security = user is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc
# package for details.
security = user
# You may wish to use password encryption. See the section on
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
encrypt passwords = true
# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
passdb backend = tdbsam guest
obey pam restrictions = yes
; guest account = nobody
invalid users = root
# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
; unix password sync = no
# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Augustin Luton [EMAIL PROTECTED] for
# sending the correct chat script for the passwd program in Debian Potato).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
; pam password change = no
## Printing ##
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
; load printers = yes
# lpr(ng) printing. You may wish to override the location of the
# printcap file
; printing = bsd
;
[Samba] POSSIBLE RESOLUTION: Extremely slow during browsing some directories (MS KB Articles)
A colleague ran across this Microsoft (lack of) Knowledge Base article: Long delay in the display of file names from the Open dialog box in Office XP http://support.microsoft.com/kb/818792 which lists a hotfix available from Microsoft. Also, on some Microsoft discussion lists, there's been some experience that the presence of an invalid/disconnected mapped drive can impact the issue, or the presence of a large number of files/folders in the folder being browsed.. In addition, there's another article: The File Open dialog box does not automatically select the first available document in an Office 2003 program http://support.microsoft.com/kb/832889 which contains this tidbit of wisdom (and references article 818792): If the AutoSelect feature is enabled in the *Open* dialog box, and you view a folder on a network share that contains many files and folders, you may experience a delay of two to five minutes before the *Open* dialog box is populated and the first available Office 2003 document is selected. In reading these two articles, I get the sense that in Office XP (Office 2002) it's a feature not a bug and that in Office 2003, it was a buggy feature so we disabled it by default. Even though it's supposed to be disabled in 2003, you might want to double-check the registry hack mentioned in 818792, maybe setting DisableAutoSelect to 1 just to be sure. --Jonathan Johnson Sutinen Consulting, Inc. [EMAIL PROTECTED] Jonathan Johnson wrote: David Rankin wrote: I am seeing the exact same problem and I can confirm that a reboot of Win XP helps the problem temporarily. (this is my laptop so it is restarted regularly) It seems something is getting cached or stuck somewhere after XP is up and running for a while that is causing the 30 second delay descending down the directory tree when using the file-open dialog from MS office applications. David, For what it's worth, I've experienced very similar behavior with a Novell server in the back end. Unfortunately, I don't know enough about Novell, and there isn't a Samba server on this particular network that I can use for troubleshooting. I mainly wanted to let you know that it's not just a Samba problem, but perhaps some optimization that Microsoft has used to make sure that their server OS works better. We can always suspect that, can't we? In my situation, browsing works fine with explorer but not in the file open dialog in MS Office apps. Just like you experienced. In regards to Linwei Cheng's original problem, I have to ask, is there a machine account in the /etc/passwd file? For one of my customers who has a Samba box that authenticates against a true Windows Active Directory server, I found that I needed to add local machine accounts to the Linux user database (/etc/passwd) in order to get reasonable performance. The Samba logs were full of messages whining about user MACHINE$ not existing. Now, I might have solved this by adding winbind to the hosts entry in /etc/nsswitch.conf, but I didn't think of that. It works now, so why fix it? --Jonathan Johnson Sutinen Consulting, Inc. www.sutinen.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] multiple shares names
hi, i was searching in documentation, but havn't find answer to my problem.. i've got shares with long (12 characters) names, which cannot be changed. on the other hand i need two computers with win98 to see them. can i somehow check versin of connected client and depends on that change names to shorter ones? (i mean - i want all computers (with win xp) to see shares as they see now and those 2 with win98 to see shares with some shorter names). i know i can share one directory with 2 diffrent names, but it's bit ugly (computers with winxp would see both versions). looking for some nicer solution. any hints/links will be appropriated -- ~~~ ~ ~~~ ~, Marcin 'aye' Kryczek ,.,.,.,., mail: aye%gentoo.pl .,.,. RLU: #316599 .,. / ,.,.,.,.,.,.,.,.,.,.,.,.,.,., jid: aye%gentoo.pl ,., PGP: 0xD6CFCCF1 .,. / Key fingerprint = EE8F E832 54E4 2456 C582 5B32 E10F EEDC D6CF CCF1 .,. / ~ ~~ ~ ~~~ ~.,_/ pgpRtFIfScWMa.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 'username map' -- password(s)
Hello. One of the advertised uses of the 'username map' smb.conf parameter is: 'to map multiple users to a single username so that they can more easily share files.' This sounds great, is what I've wanted to do more than once. However, there is the issue of the username mapping taking place before the authentication. This requires the individual users to give a different password than the one that goes with their ID ( that they are already supplying). For the stated purpose, this operation appears to make little sense. Am I missing something here? Is there a way around this, or another good way to accomplish what I'm wanting? Thanks. Gary R. Webster -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Simultaneous Share Access via NFS/SMB
I have a share that has been exported via NFS as well as shared using Samba 3.0. On the Windows side, all authentication is currently done using Winbind and Active Directory. On the standalone Samba server (also authenticated using Windbind) where the exported NFS resides, I have the same local Unix user (identified by the same name and UID/GID) that I have on each Unix (Mac/Linux) host that needs to access the NFS export. I also have name mappings setup in my smb.conf file. Currently, unless the file/directory is explicitly owned by xuser, the unix hosts are not able to access that resource. Other than name mappings, I am not quite sure how to allow access to my NFS clients wanting to access these network shares without changing ownership of the user/group to my xuser The goal is that the unix username will map transparently to a Windows User/Group, but I am not quite sure how to manage this. My questions are as follows: Must IDMAPing be the same on all unix hosts before this will work?; and/or Can this be easily solved using the net groupmap command utility? Thanks in advance for your time and consideration. jyana -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] multiple shares names
aye: hi, i was searching in documentation, but havn't find answer to my problem.. i've got shares with long (12 characters) names, which cannot be changed. on the other hand i need two computers with win98 to see them. can i somehow check versin of connected client and depends on that change names to shorter ones? (i mean - i want all computers (with win xp) to see shares as they see now and those 2 with win98 to see shares with some shorter names). i know i can share one directory with 2 diffrent names, but it's bit ugly (computers with winxp would see both versions). looking for some nicer solution. any hints/links will be appropriated There! You said it yourself - kludge symlink longdirectoryname to shortname and put shortname into smb.conf as a share? Make sure you have Samba configured to follow links (Default: follow symlinks = yes). --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Aliased interface/multi-smb on one machine + security = DOMAIN model
Chris Rutledge: After thinking about it, I ran a quick test and discovered that during the smbpasswd domain registration it uses the machines primary IP, not the alias per the config file...how do I tell smbpasswd to use a different IP when registering? Separate host/ip combo in /etc/hosts or DNS for each? That's what I do for something completely different. Actually I use DNS, including PTR records. [...] --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: apologies for duplicate posts - btw what's the real diff between gmane.network.samba.general and mailing.unix.samba?
Urs Rau wrote: So I went to check the samba.org archives and found that my messages had not made it to the official mailing list nor to the email archives. That's when I started resending the relevant messages from the past few days but this time to gmane.network.samba.general. So if some have seen my posts more than once, I am sorry, but at least I corrected my spelling in the second postings and did not resend the level 10 log of 2.4MB. ;-) OK, the messages were silently dropped because I had a Reply-To: header in my newsposts. ;-) -- Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'username map' -- password(s)
[EMAIL PROTECTED]: One of the advertised uses of the 'username map' smb.conf parameter is: 'to map multiple users to a single username so that they can more easily share files.' This sounds great, is what I've wanted to do more than once. However, there is the issue of the username mapping taking place before the authentication. This requires the individual users to give a different password than the one that goes with their ID ( that they are already supplying). For the stated purpose, this operation appears to make little sense. Garrie, Why not put the users in a group? Or (I just learned how to today on my Red Hat RHAS3 test server), far better, get ACLs working. Then you can point-'n-click a file, directory, whatever, and give or take away rights to/from single users or groups as you wish. And if it's a directory, you can have smb.conf inherit ACLs for a share, presumably (I haven't tried it yet) for all the files in that directory. I think ACLs are going to make Samba far more powerful than it was for me. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind authentication failing
Hi, I am using Samba 2.2.3a as a domain member for a Win2K PDC. I was able to join my Samba server as a trusted account in my PDC and doing wbinfo with options -u , -g, -t , -m all work, but wbinfo -a fails and returns with the message: Could not authenticate user mgunase%x with plaintext password Could not authenticate user mgunase%x with challenge/response I am able to see the share test (pls. see smb.conf file below) through My Network Places in WinXP, but accessing homes throws a Network path cannot be found error. :( Any ideas? My smb.conf file is as follows: [global] server string = Samba %v on %L workgroup = gce2000 security = domain encrypt passwords = yes password server = sandslash.gce2000.com #Winbind settings #winbind use default domain = yes winbind uid = 2000-5000 winbind gid = 2000-5000 template shell = /bin/bash winbind cache time = 5 (default is 300, changed to 5 for testing purpose) #Set logging options log level = 2 max log size = 100 debug timestamp = yes log file = /usr/local/samba/logs/samba.log.%m.%U [test] comment = Public share, common for all users path = /usr/local/samba/tmp read only = no guest ok = yes [homes] guest ok = yes read only = no Thanks a lot! -Murali -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] multiple shares names
On Fri, Apr 01, 2005 at 10:57:56PM +0200, Tony Earnshaw wrote: There! You said it yourself - kludge symlink longdirectoryname to shortname and put shortname into smb.conf as a share? Make sure you have Samba configured to follow links (Default: follow symlinks = yes). well - that wasn't exactly what i wanted. that way either: 1. computers with windows xp would see both - short and long names (if long names would be shared too) 2. users would lost their symlinks (if longnames would not be shared) anyway: i've managed to do it. i've made: include = /etc/samba/smb.conf.%a in smb.conf and i've created additiona file /etc/samba/smb.conf.Win95 (%a is substitute into Win95 in case when client has win9x) with definitions of shares with shorter names. so if client got win xp that file isn't included and he sees his old longnames. if client got win9x file is included and additional shares with short names are created (he doesn't see long names anyway, so he doesn't see share twice) well - i hope that work - i've made that remotly and i can't test it until i'm outside company; PS: Sorry Tony - i've mailed this to you instead of ML by mistake -- ~~~ ~ ~~~ ~, Marcin 'aye' Kryczek ,.,.,.,., mail: aye%gentoo.pl .,.,. RLU: #316599 .,. / ,.,.,.,.,.,.,.,.,.,.,.,.,.,., jid: aye%gentoo.pl ,., PGP: 0xD6CFCCF1 .,. / Key fingerprint = EE8F E832 54E4 2456 C582 5B32 E10F EEDC D6CF CCF1 .,. / ~ ~~ ~ ~~~ ~.,_/ pgpgake2PNWOT.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] MYSQL - Was Functional till Update to 3.13 i
I updated samba from 3.10 to 3.13 to get the updated print fixes, but I noticed today that the smbpasswd script no longer functions. It fails to update the the following fields. domain http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60domain%60+ASC nt_username http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60nt_username%60+ASC nt_fullname http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60nt_fullname%60+ASC home_dir http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60home_dir%60+ASC dir_drive http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60dir_drive%60+ASC logon_script http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60logon_script%60+ASC profile_path http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60profile_path%60+ASC acct_desc http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60acct_desc%60+ASC workstations http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60workstations%60+ASC unknown_str http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60unknown_str%60+ASC munged_dial http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60munged_dial%60+ASC uid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60uid%60+ASC gid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60gid%60+ASC user_sid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60user_sid%60+ASC group_sid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60group_sid%60+ASC Please let me know if you have any ideas. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: MYSQL - Was Functional till Update to 3.13
I updated samba from 3.10 to 3.13 to get the updated print fixes, but I noticed today that the smbpasswd script no longer functions. It fails to update the the following fields. domain http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60domain%60+ASC nt_username http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60nt_username%60+ASC nt_fullname http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60nt_fullname%60+ASC home_dir http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60home_dir%60+ASC dir_drive http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60dir_drive%60+ASC logon_script http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60logon_script%60+ASC profile_path http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60profile_path%60+ASC acct_desc http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60acct_desc%60+ASC workstations http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60workstations%60+ASC unknown_str http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60unknown_str%60+ASC munged_dial http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60munged_dial%60+ASC uid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60uid%60+ASC gid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60gid%60+ASC user_sid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60user_sid%60+ASC group_sid http://db.csmfiji.org/mysql/sql.php?lang=en-iso-8859-1server=1db=sambatable=userpos=30session_max_rows=30disp_direction=horizontalrepeat_cells=100dontlimitchars=0sql_query=SELECT+%2A+FROM+%60user%60++ORDER+BY+%60group_sid%60+ASC Please let me know if you have any ideas. Sorry I didnt include the appropriate config file so I will atach the appropriate section now. Please not it is 3.0.13 not 3.13 as that would be impossible. # Samba Password Database configuration: passdb backend = mysql:foo foo:mysql user = samba foo:mysql password = PASSWORD foo:mysql database = samba foo:domain column = 'DOMAIN' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Using the RedHat 9.0 Samba 3.0.13 RPM with Kerberos 1.4 from MIT
Hello - I have a problem where I need to authenticate a RedHat 9.0 system with a Win 2003 domain. After days ot labor and tinkering, I keep getting this error when trying to join my Linux box to the Win2003 Active Directory domain: [EMAIL PROTECTED] etc]# net ads join -S 10.10.10.100 -U administrator administrator's password: [2005/04/01 21:24:41, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: KRB5 error code 52 [2005/04/01 21:24:41, 0] utils/net_ads.c:ads_startup(191) ads_connect: KRB5 error code 52 Google pointed me to some advice here: http://lists.samba.org/archive/samba/2004-July/090137.html And this quote from John Terpstra: Only MIT Kerberos 1.3.1 or later will work with Windows 2003 Server ADS. So I downloaded and built the latest and greatest release of MIT Kerberos, krb5 1.4. This all leads up to my question - is there a way for the Samba 3.0.13 RPM to use my newly built release of Kerberos instead of the RPM, or do I need to also build Samba from source? And if I need to build Samba from source, how do I tell the source build to use the 1.4 release of Kerberos instead of the 1.2.7 release bundled with RedHat 9.0? Thanks - Greg Scott [EMAIL PROTECTED] cell phone 651-260-1051 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd nmbd: do they have to run at the same host?
Is it ok to run nmbd on one host and smbd on another? Or it will not ok because of, say, some internal protocol requiring that the daemons always must be run in pair? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r6164 - in branches/SAMBA_4_0/source/libnet: .
Author: mimir
Date: 2005-04-01 08:14:57 + (Fri, 01 Apr 2005)
New Revision: 6164
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6164
Log:
More comments in the code.
rafal
Modified:
branches/SAMBA_4_0/source/libnet/userinfo.c
Changeset:
Modified: branches/SAMBA_4_0/source/libnet/userinfo.c
===
--- branches/SAMBA_4_0/source/libnet/userinfo.c 2005-04-01 00:54:55 UTC (rev
6163)
+++ branches/SAMBA_4_0/source/libnet/userinfo.c 2005-04-01 08:14:57 UTC (rev
6164)
@@ -31,6 +31,10 @@
static void userinfo_handler(struct rpc_request *req);
+/**
+ * Stage 1: Open user policy handle in SAM server.
+ */
+
static NTSTATUS userinfo_openuser(struct composite_context *c,
struct rpc_composite_userinfo *io)
{
@@ -63,6 +67,10 @@
}
+/**
+ * Stage 2: Get requested user information.
+ */
+
static NTSTATUS userinfo_getuser(struct composite_context *c,
struct rpc_composite_userinfo *io)
{
@@ -93,6 +101,10 @@
}
+/**
+ * Stage3: Close policy handle associated with opened user.
+ */
+
static NTSTATUS userinfo_closeuser(struct composite_context *c,
struct rpc_composite_userinfo *io)
{
@@ -110,11 +122,19 @@
}
+/**
+ * Event handler for asynchronous request. Handles transition through
+ * intermediate stages of the call.
+ *
+ * @param req rpc call context
+ */
+
static void userinfo_handler(struct rpc_request *req)
{
struct composite_context *c = req-async.private;
struct userinfo_state *s = talloc_get_type(c-private, struct
userinfo_state);
-
+
+ /* Stages of the call */
switch (s-stage) {
case USERINFO_OPENUSER:
c-status = userinfo_openuser(c, s-io);
@@ -140,6 +160,13 @@
}
+/**
+ * Sends asynchronous userinfo request
+ *
+ * @param p dce/rpc call pipe
+ * @param io arguments and results of the call
+ */
+
struct composite_context* rpc_composite_userinfo_send(struct dcerpc_pipe *p,
struct
rpc_composite_userinfo *io)
{
@@ -187,12 +214,22 @@
}
+/**
+ * Waits for and receives result of asynchronous userinfo call
+ *
+ * @param c composite context returned by asynchronous userinfo call
+ * @param mem_ctx memory context of the call
+ * @param io pointer to results (and arguments) of the call
+ * @return nt status code of execution
+ */
+
NTSTATUS rpc_composite_userinfo_recv(struct composite_context *c, TALLOC_CTX
*mem_ctx,
struct rpc_composite_userinfo *io)
{
NTSTATUS status;
struct userinfo_state *s;
+ /* wait for results of sending request */
status = composite_wait(c);
if (NT_STATUS_IS_OK(status) io) {
@@ -200,12 +237,22 @@
talloc_steal(mem_ctx, s-io.out.info);
io-out.info = s-io.out.info;
}
-
+
+ /* memory context associated to composite context is no longer needed */
talloc_free(c);
return status;
}
+/**
+ * Synchronous version of userinfo call
+ *
+ * @param pipe dce/rpc call pipe
+ * @param mem_ctx memory context for the call
+ * @param io arguments and results of the call
+ * @return nt status code of execution
+ */
+
NTSTATUS rpc_composite_userinfo(struct dcerpc_pipe *pipe,
TALLOC_CTX *mem_ctx,
struct rpc_composite_userinfo *io)
svn commit: samba r6165 - in branches/SAMBA_4_0/source: libnet torture/libnet
Author: tridge Date: 2005-04-01 11:24:52 + (Fri, 01 Apr 2005) New Revision: 6165 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6165 Log: fixed up the userinfo composite code. Fixes include: - talloc should always be done in the right context. For example, when creating the userinfo_state structure, place it inside the composite structure, not directly on the pipe. If this isn't done then correct cleanup can't happen on errors (as cleanup destroys the top level composite context only) - define private structures like userinfo_state in the userinfo.c code, not in the public header - only keep the parameters we need in the state structure. For example, the domain_handle is only needed in the first call, so we don't need to keep it around in the state structure, but the level is needed in later calls, so we need to keep it - always initialise [out,ref] parameters in RPC calls. The [ref] part means that the call assumes the pointer it has been given is valid. If you don't initialise it then you will get a segv on recv. This is why the code was dying. - don't use internal strucrure elements like the pipe pipe-conn-pending outside of the internal rpc implementation. That is an internal list, trying to use it from external code will cause crashes. - rpc calls assume that rpc call strucrures remain valid for the duration of the call. This means you need to keep the structures (such as struct samr_Close) in the userinfo_state strucrure, otherwise it will go out of scope during the async processing - need to remember to change c-state to SMBCLI_REQUEST_DONE when the request has finished in the close handler, otherwise it will loop forever trying to close Mimir, please look at the diff carefully for more detailed info on the fixes Modified: branches/SAMBA_4_0/source/libnet/composite.h branches/SAMBA_4_0/source/libnet/userinfo.c branches/SAMBA_4_0/source/torture/libnet/userinfo.c Changeset: Sorry, the patch is too large (293 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6165
svn commit: samba r6166 - in branches/SAMBA_3_0/source/lib: .
Author: gd
Date: 2005-04-01 13:12:51 + (Fri, 01 Apr 2005)
New Revision: 6166
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6166
Log:
Derell, I'm reverting this part of -r4917 because it modifies the keys
to search in tdbs in a way that is not upgrade-safe and somewhat weird
to use: Users have to modify policies like
pdbedit -P maximum password policies (seconds since 1970)
The value-description should better go into the manpage.
Guenther
Modified:
branches/SAMBA_3_0/source/lib/account_pol.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/account_pol.c
===
--- branches/SAMBA_3_0/source/lib/account_pol.c 2005-04-01 11:24:52 UTC (rev
6165)
+++ branches/SAMBA_3_0/source/lib/account_pol.c 2005-04-01 13:12:51 UTC (rev
6166)
@@ -118,8 +118,8 @@
{AP_MIN_PASSWORD_LEN, min password length},
{AP_PASSWORD_HISTORY, password history},
{AP_USER_MUST_LOGON_TO_CHG_PASS, user must logon to change password},
- {AP_MAX_PASSWORD_AGE, maximum password age (seconds since 1970)},
- {AP_MIN_PASSWORD_AGE,minimum password age (seconds since 1970)},
+ {AP_MAX_PASSWORD_AGE, maximum password age},
+ {AP_MIN_PASSWORD_AGE,minimum password age},
{AP_LOCK_ACCOUNT_DURATION, lockout duration},
{AP_RESET_COUNT_TIME, reset count minutes},
{AP_BAD_ATTEMPT_LOCKOUT, bad lockout attempt},
Re: svn commit: samba r6165 - in branches/SAMBA_4_0/source: libnet torture/libnet
On Fri, Apr 01, 2005 at 11:24:52AM +, [EMAIL PROTECTED] wrote: Author: tridge Date: 2005-04-01 11:24:52 + (Fri, 01 Apr 2005) New Revision: 6165 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6165 Log: fixed up the userinfo composite code. Fixes include: [...] Mimir, please look at the diff carefully for more detailed info on the fixes Thanks a lot! I'll study it tonight. cheers, -- Rafal Szczesniak Samba Team member http://www.samba.org signature.asc Description: Digital signature
svn commit: samba r6167 - in branches/SAMBA_3_0/source/include: .
Author: sfrench Date: 2005-04-01 18:14:24 + (Fri, 01 Apr 2005) New Revision: 6167 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6167 Log: Add more defines for POSIX extensions to match the newly added client implementation Modified: branches/SAMBA_3_0/source/include/trans2.h Changeset: Modified: branches/SAMBA_3_0/source/include/trans2.h === --- branches/SAMBA_3_0/source/include/trans2.h 2005-04-01 13:12:51 UTC (rev 6166) +++ branches/SAMBA_3_0/source/include/trans2.h 2005-04-01 18:14:24 UTC (rev 6167) @@ -440,6 +440,9 @@ #define SMB_QUERY_XATTR0x205 /* need for non-user XATTRs */ #define SMB_QUERY_ATTR_FLAGS 0x206 /* chflags, chattr */ #define SMB_SET_ATTR_FLAGS 0x206 +#define SMB_QUERY_POSIX_PERMISSION 0x207 +#define SMB_QUERY_POSIX_LOCK 0x208 +#define SMB_SET_POSIX_LOCK0x208 /* Transact 2 Find First levels */ #define SMB_FIND_FILE_UNIX 0x202 @@ -464,6 +467,13 @@ #define CIFS_UNIX_FCNTL_LOCKS_CAP 0x1 #define CIFS_UNIX_POSIX_ACLS_CAP0x2 +#define CIFS_UNIX_XATTTR_CAP 0x4 /* for support of other xattr + namespaces such as system, + security and trusted */ +#define CIFS_UNIX_EXTATTR_CAP 0x8 /* for support of chattr + (chflags) and lsattr */ +#define CIFS_UNIX_POSIX_LOCK 0x10 + #define SMB_QUERY_POSIX_FS_INFO 0x201
svn commit: samba r6168 - in trunk/source/smbd: .
Author: jra
Date: 2005-04-01 19:57:17 + (Fri, 01 Apr 2005)
New Revision: 6168
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6168
Log:
Fix bug #2563. Infinite loop on non-existant file with findnext.
Jeremy
Modified:
trunk/source/smbd/dir.c
Changeset:
Modified: trunk/source/smbd/dir.c
===
--- trunk/source/smbd/dir.c 2005-04-01 18:14:24 UTC (rev 6167)
+++ trunk/source/smbd/dir.c 2005-04-01 19:57:17 UTC (rev 6168)
@@ -573,8 +573,6 @@
}
}
- dptr-has_wild = True;
-
/* In case sensitive mode we don't search - we know if it doesn't exist
with a stat we will fail. */
@@ -584,6 +582,7 @@
dptr-dir_hnd-offset = *poffset = -1;
return NULL;
} else {
+ dptr-has_wild = True;
return dptr_normal_ReadDirName(dptr, poffset, pst);
}
}
@@ -602,7 +601,7 @@
return False;
}
- while (SearchDir(dptr-dir_hnd, name, poffset) == True) {
+ if (SearchDir(dptr-dir_hnd, name, poffset)) {
if (is_visible_file(dptr-conn, dptr-path, name, pst, True)) {
return True;
}
svn commit: samba r6169 - in branches/SAMBA_3_0/source/smbd: .
Author: jra
Date: 2005-04-01 19:57:22 + (Fri, 01 Apr 2005)
New Revision: 6169
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6169
Log:
Fix bug #2563. Infinite loop on non-existant file with findnext.
Jeremy
Modified:
branches/SAMBA_3_0/source/smbd/dir.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/dir.c
===
--- branches/SAMBA_3_0/source/smbd/dir.c2005-04-01 19:57:17 UTC (rev
6168)
+++ branches/SAMBA_3_0/source/smbd/dir.c2005-04-01 19:57:22 UTC (rev
6169)
@@ -573,8 +573,6 @@
}
}
- dptr-has_wild = True;
-
/* In case sensitive mode we don't search - we know if it doesn't exist
with a stat we will fail. */
@@ -584,6 +582,7 @@
dptr-dir_hnd-offset = *poffset = -1;
return NULL;
} else {
+ dptr-has_wild = True;
return dptr_normal_ReadDirName(dptr, poffset, pst);
}
}
@@ -602,7 +601,7 @@
return False;
}
- while (SearchDir(dptr-dir_hnd, name, poffset) == True) {
+ if (SearchDir(dptr-dir_hnd, name, poffset)) {
if (is_visible_file(dptr-conn, dptr-path, name, pst, True)) {
return True;
}
svn commit: samba r6170 - in branches/SAMBA_3_0/source/include: .
Author: sfrench Date: 2005-04-01 21:15:09 + (Fri, 01 Apr 2005) New Revision: 6170 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6170 Log: Remove redundant flag that I had just added. Modified: branches/SAMBA_3_0/source/include/trans2.h Changeset: Modified: branches/SAMBA_3_0/source/include/trans2.h === --- branches/SAMBA_3_0/source/include/trans2.h 2005-04-01 19:57:22 UTC (rev 6169) +++ branches/SAMBA_3_0/source/include/trans2.h 2005-04-01 21:15:09 UTC (rev 6170) @@ -472,7 +472,6 @@ security and trusted */ #define CIFS_UNIX_EXTATTR_CAP 0x8 /* for support of chattr (chflags) and lsattr */ -#define CIFS_UNIX_POSIX_LOCK 0x10 #define SMB_QUERY_POSIX_FS_INFO 0x201
svn commit: samba r6171 - in trunk/source: include smbd
Author: jra Date: 2005-04-01 23:11:28 + (Fri, 01 Apr 2005) New Revision: 6171 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6171 Log: Tidy up error processing significantly. Remove unix_ERR_XXX global nastyness. Jeremy. Modified: trunk/source/include/nt_status.h trunk/source/include/nterr.h trunk/source/include/smb.h trunk/source/include/smb_macros.h trunk/source/smbd/error.c trunk/source/smbd/files.c trunk/source/smbd/nttrans.c trunk/source/smbd/open.c trunk/source/smbd/oplock.c trunk/source/smbd/process.c trunk/source/smbd/reply.c trunk/source/smbd/trans2.c Changeset: Sorry, the patch is too large (934 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6171
svn commit: samba r6172 - in branches/SAMBA_3_0/source: include smbd
Author: jra Date: 2005-04-01 23:11:28 + (Fri, 01 Apr 2005) New Revision: 6172 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6172 Log: Tidy up error processing significantly. Remove unix_ERR_XXX global nastyness. Jeremy. Modified: branches/SAMBA_3_0/source/include/nt_status.h branches/SAMBA_3_0/source/include/nterr.h branches/SAMBA_3_0/source/include/smb.h branches/SAMBA_3_0/source/include/smb_macros.h branches/SAMBA_3_0/source/smbd/error.c branches/SAMBA_3_0/source/smbd/files.c branches/SAMBA_3_0/source/smbd/nttrans.c branches/SAMBA_3_0/source/smbd/open.c branches/SAMBA_3_0/source/smbd/oplock.c branches/SAMBA_3_0/source/smbd/process.c branches/SAMBA_3_0/source/smbd/reply.c branches/SAMBA_3_0/source/smbd/trans2.c Changeset: Sorry, the patch is too large (934 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6172
Build status as of Sat Apr 2 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-04-01 00:00:17.0 + +++ /home/build/master/cache/broken_results.txt 2005-04-02 00:00:42.0 + @@ -1,19 +1,18 @@ -Build status as of Fri Apr 1 00:00:01 2005 +Build status as of Sat Apr 2 00:00:02 2005 Build counts: Tree Total Broken Panic ccache 38 3 0 distcc 38 3 0 ppp 22 2 0 -rsync38 4 0 +rsync38 5 0 samba1 1 1 samba-docs 0 0 0 -samba4 43 14 0 -samba_3_039 8 0 +samba4 42 14 0 +samba_3_039 10 0 Currently broken builds: Host Tree Compiler Status -cyberone samba4 gccok/ 2/?/? fusberta samba4 gccok/ 2/?/? samba-s390 samba4 gccok/ 2/?/? rhonwynsamba4 gcc-4.0ok/ 2/?/? @@ -21,6 +20,7 @@ rhonwynsamba4 tccok/ 2/?/? aretnapccache iccok/ok/ok/ 1 aretnapdistcc icc 77/?/?/? +aretnapsamba_3_0iccok/ok/ok/ 1 gwen distcc cc ok/ 1/?/? gwen samba4 cc ok/ 1/?/? gwen samba_3_0cc ok/ 1/?/? @@ -45,7 +45,10 @@ m30rsyncgccok/ok/ok/ 2 m30samba4 gccok/ 2/?/? m30samba_3_0gccok/ok/ok/ 1 +metze02rsyncgcc 1/?/?/? metze02sambagccok/ok/ok/ 1/PANIC +metze02samba4 gccok/ 2/?/? +metze02samba_3_0gcc 77/?/?/? metze02samba4 gcc-3.4ok/ 2/?/? opippp gccok/ 2/?/?
svn commit: samba r6173 - in trunk/source/smbd: .
Author: jra
Date: 2005-04-02 00:13:27 + (Sat, 02 Apr 2005)
New Revision: 6173
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6173
Log:
Fixup T2 open call - we were returning 2 bytes short.
Jeremy.
Modified:
trunk/source/smbd/open.c
trunk/source/smbd/reply.c
trunk/source/smbd/trans2.c
Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-04-01 23:11:28 UTC (rev 6172)
+++ trunk/source/smbd/open.c2005-04-02 00:13:27 UTC (rev 6173)
@@ -1098,23 +1098,6 @@
return print_fsp_open(conn, fname);
}
- switch(ofun) {
- case FILE_EXISTS_OPEN:
- case FILE_EXISTS_TRUNCATE:
- case FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST:
- case FILE_EXISTS_OPEN | FILE_CREATE_IF_NOT_EXIST:
- case FILE_EXISTS_TRUNCATE | FILE_CREATE_IF_NOT_EXIST:
- break; /* These are ok. */
- default:
- if (GET_OPEN_MODE(share_mode) == DOS_OPEN_EXEC) {
- ofun = FILE_EXISTS_FAIL |
FILE_CREATE_IF_NOT_EXIST;
- break;
- }
- /* Cause caller to force dos errors. */
- set_saved_error_triple(ERRDOS, ERRbadaccess,
NT_STATUS_INVALID);
- return NULL;
- }
-
DEBUG(10,(open_file_shared: fname = %s, dos_attrs = %x, share_mode =
%x, ofun = %x, mode = %o, oplock request = %d\n,
fname, new_dos_mode, share_mode, ofun, (int)mode,
oplock_request ));
Modified: trunk/source/smbd/reply.c
===
--- trunk/source/smbd/reply.c 2005-04-01 23:11:28 UTC (rev 6172)
+++ trunk/source/smbd/reply.c 2005-04-02 00:13:27 UTC (rev 6173)
@@ -1295,7 +1295,17 @@
END_PROFILE(SMBopenX);
return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
}
-
+
+ /* Strange open mode mapping. */
+ if (smb_ofun == 0) {
+ if (GET_OPEN_MODE(smb_mode) == DOS_OPEN_EXEC) {
+ smb_ofun = FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST;
+ } else {
+ END_PROFILE(SMBopenX);
+ return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess);
+ }
+ }
+
fsp =
open_file_shared(conn,fname,sbuf,smb_mode,smb_ofun,(uint32)smb_attr,
oplock_request, rmode,smb_action);
Modified: trunk/source/smbd/trans2.c
===
--- trunk/source/smbd/trans2.c 2005-04-01 23:11:28 UTC (rev 6172)
+++ trunk/source/smbd/trans2.c 2005-04-02 00:13:27 UTC (rev 6173)
@@ -732,6 +732,7 @@
files_struct *fsp;
TALLOC_CTX *ctx = NULL;
struct ea_list *ea_list = NULL;
+ uint16 flags = 0;
NTSTATUS status;
/*
@@ -742,11 +743,12 @@
return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
+ flags = SVAL(params, 0);
open_mode = SVAL(params, 2);
open_attr = SVAL(params,6);
-oplock_request = (SVAL(params,0) REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK
: 0;
+oplock_request = (flags REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK : 0;
if (oplock_request) {
-oplock_request |= (SVAL(params,0) REQUEST_BATCH_OPLOCK) ?
BATCH_OPLOCK : 0;
+oplock_request |= (flags REQUEST_BATCH_OPLOCK) ?
BATCH_OPLOCK : 0;
}
#if 0
@@ -780,6 +782,16 @@
return set_bad_path_error(errno, bad_path, outbuf,
ERRDOS,ERRnoaccess);
}
+ /* Strange open mode mapping. */
+ if (open_ofun == 0) {
+ if (GET_OPEN_MODE(open_mode) == DOS_OPEN_EXEC) {
+ open_ofun = FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST;
+ } else {
+ END_PROFILE(SMBopenX);
+ return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess);
+ }
+ }
+
/* Any data in this call is an EA list. */
if (total_data !lp_ea_support(SNUM(conn))) {
return ERROR_NT(NT_STATUS_EAS_NOT_SUPPORTED);
@@ -839,21 +851,22 @@
}
/* Realloc the size of parameters and data we will return */
- params = SMB_REALLOC(*pparams, 28);
+ params = SMB_REALLOC(*pparams, 30);
if( params == NULL ) {
return ERROR_NT(NT_STATUS_NO_MEMORY);
}
*pparams = params;
- memset((char *)params,'\0',28);
+ memset((char *)params,'\0',30);
SSVAL(params,0,fsp-fnum);
SSVAL(params,2,fmode);
put_dos_date2(params,4, mtime);
SIVAL(params,8, (uint32)size);
SSVAL(params,12,rmode);
- if (oplock_request lp_fake_oplocks(SNUM(conn)))
+ if (oplock_request lp_fake_oplocks(SNUM(conn))) {
svn commit: samba r6174 - in branches/SAMBA_3_0/source/smbd: .
Author: jra
Date: 2005-04-02 00:13:27 + (Sat, 02 Apr 2005)
New Revision: 6174
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6174
Log:
Fixup T2 open call - we were returning 2 bytes short.
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/open.c
branches/SAMBA_3_0/source/smbd/reply.c
branches/SAMBA_3_0/source/smbd/trans2.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/open.c
===
--- branches/SAMBA_3_0/source/smbd/open.c 2005-04-02 00:13:27 UTC (rev
6173)
+++ branches/SAMBA_3_0/source/smbd/open.c 2005-04-02 00:13:27 UTC (rev
6174)
@@ -1098,23 +1098,6 @@
return print_fsp_open(conn, fname);
}
- switch(ofun) {
- case FILE_EXISTS_OPEN:
- case FILE_EXISTS_TRUNCATE:
- case FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST:
- case FILE_EXISTS_OPEN | FILE_CREATE_IF_NOT_EXIST:
- case FILE_EXISTS_TRUNCATE | FILE_CREATE_IF_NOT_EXIST:
- break; /* These are ok. */
- default:
- if (GET_OPEN_MODE(share_mode) == DOS_OPEN_EXEC) {
- ofun = FILE_EXISTS_FAIL |
FILE_CREATE_IF_NOT_EXIST;
- break;
- }
- /* Cause caller to force dos errors. */
- set_saved_error_triple(ERRDOS, ERRbadaccess,
NT_STATUS_INVALID);
- return NULL;
- }
-
DEBUG(10,(open_file_shared: fname = %s, dos_attrs = %x, share_mode =
%x, ofun = %x, mode = %o, oplock request = %d\n,
fname, new_dos_mode, share_mode, ofun, (int)mode,
oplock_request ));
Modified: branches/SAMBA_3_0/source/smbd/reply.c
===
--- branches/SAMBA_3_0/source/smbd/reply.c 2005-04-02 00:13:27 UTC (rev
6173)
+++ branches/SAMBA_3_0/source/smbd/reply.c 2005-04-02 00:13:27 UTC (rev
6174)
@@ -1295,7 +1295,17 @@
END_PROFILE(SMBopenX);
return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
}
-
+
+ /* Strange open mode mapping. */
+ if (smb_ofun == 0) {
+ if (GET_OPEN_MODE(smb_mode) == DOS_OPEN_EXEC) {
+ smb_ofun = FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST;
+ } else {
+ END_PROFILE(SMBopenX);
+ return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess);
+ }
+ }
+
fsp =
open_file_shared(conn,fname,sbuf,smb_mode,smb_ofun,(uint32)smb_attr,
oplock_request, rmode,smb_action);
Modified: branches/SAMBA_3_0/source/smbd/trans2.c
===
--- branches/SAMBA_3_0/source/smbd/trans2.c 2005-04-02 00:13:27 UTC (rev
6173)
+++ branches/SAMBA_3_0/source/smbd/trans2.c 2005-04-02 00:13:27 UTC (rev
6174)
@@ -732,6 +732,7 @@
files_struct *fsp;
TALLOC_CTX *ctx = NULL;
struct ea_list *ea_list = NULL;
+ uint16 flags = 0;
NTSTATUS status;
/*
@@ -742,11 +743,12 @@
return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
}
+ flags = SVAL(params, 0);
open_mode = SVAL(params, 2);
open_attr = SVAL(params,6);
-oplock_request = (SVAL(params,0) REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK
: 0;
+oplock_request = (flags REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK : 0;
if (oplock_request) {
-oplock_request |= (SVAL(params,0) REQUEST_BATCH_OPLOCK) ?
BATCH_OPLOCK : 0;
+oplock_request |= (flags REQUEST_BATCH_OPLOCK) ?
BATCH_OPLOCK : 0;
}
#if 0
@@ -780,6 +782,16 @@
return set_bad_path_error(errno, bad_path, outbuf,
ERRDOS,ERRnoaccess);
}
+ /* Strange open mode mapping. */
+ if (open_ofun == 0) {
+ if (GET_OPEN_MODE(open_mode) == DOS_OPEN_EXEC) {
+ open_ofun = FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST;
+ } else {
+ END_PROFILE(SMBopenX);
+ return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess);
+ }
+ }
+
/* Any data in this call is an EA list. */
if (total_data !lp_ea_support(SNUM(conn))) {
return ERROR_NT(NT_STATUS_EAS_NOT_SUPPORTED);
@@ -839,21 +851,22 @@
}
/* Realloc the size of parameters and data we will return */
- params = SMB_REALLOC(*pparams, 28);
+ params = SMB_REALLOC(*pparams, 30);
if( params == NULL ) {
return ERROR_NT(NT_STATUS_NO_MEMORY);
}
*pparams = params;
- memset((char *)params,'\0',28);
+ memset((char *)params,'\0',30);
SSVAL(params,0,fsp-fnum);
SSVAL(params,2,fmode);
put_dos_date2(params,4, mtime);
svn commit: samba r6176 - branches/SAMBA_3_0/source/torture trunk/source/torture
Author: tpot
Date: 2005-04-02 00:59:12 + (Sat, 02 Apr 2005)
New Revision: 6176
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6176
Log:
Fix a possibly uninitialised variable warning.
Modified:
branches/SAMBA_3_0/source/torture/torture.c
trunk/source/torture/torture.c
Changeset:
Modified: branches/SAMBA_3_0/source/torture/torture.c
===
--- branches/SAMBA_3_0/source/torture/torture.c 2005-04-02 00:56:30 UTC (rev
6175)
+++ branches/SAMBA_3_0/source/torture/torture.c 2005-04-02 00:59:12 UTC (rev
6176)
@@ -537,7 +537,7 @@
static BOOL run_readwritetest(int dummy)
{
static struct cli_state *cli1, *cli2;
- BOOL test1, test2;
+ BOOL test1, test2 = False;
if (!torture_open_connection(cli1) || !torture_open_connection(cli2))
{
return False;
Modified: trunk/source/torture/torture.c
===
--- trunk/source/torture/torture.c 2005-04-02 00:56:30 UTC (rev 6175)
+++ trunk/source/torture/torture.c 2005-04-02 00:59:12 UTC (rev 6176)
@@ -537,7 +537,7 @@
static BOOL run_readwritetest(int dummy)
{
static struct cli_state *cli1, *cli2;
- BOOL test1, test2;
+ BOOL test1, test2 = False;
if (!torture_open_connection(cli1) || !torture_open_connection(cli2))
{
return False;
svn commit: samba r6177 - in branches/SAMBA_4_0/source/build/smb_build: .
Author: tpot Date: 2005-04-02 01:43:54 + (Sat, 02 Apr 2005) New Revision: 6177 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6177 Log: Use here documents instead of print() statements to generate the Makefile fragments for the build system. This allows the file to be edited without using quite as many backslashes. Some are still necessary for interpolation of perl variables though. I've diffed the new Makefile against the old and there are only some extra newlines as a result of making things more consistent. Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pm Changeset: Sorry, the patch is too large (620 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6177
svn commit: samba r6178 - in branches/SAMBA_4_0/source/librpc/rpc: .
Author: metze
Date: 2005-04-02 06:10:45 + (Sat, 02 Apr 2005)
New Revision: 6178
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6178
Log:
fix ncacn_np connection without sign or seal against NT4
metze
Modified:
branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c
===
--- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c 2005-04-02 01:43:54 UTC
(rev 6177)
+++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c 2005-04-02 06:10:45 UTC
(rev 6178)
@@ -936,7 +936,10 @@
status = dcerpc_bind_auth_schannel(tmp_ctx,
p, pipe_uuid, pipe_version,
credentials);
- } else if (!cli_credentials_is_anonymous(credentials)) {
+ } else if (!cli_credentials_is_anonymous(credentials)
+ !(binding-transport == NCACN_NP
+ !(binding-flags DCERPC_SIGN)
+ !(binding-flags DCERPC_SEAL))) {
uint8_t auth_type;
if (binding-flags DCERPC_AUTH_SPNEGO) {
auth_type = DCERPC_AUTH_TYPE_SPNEGO;
svn commit: samba r6179 - in branches/SAMBA_4_0/source: include librpc/idl librpc/ndr torture/rpc
Author: metze Date: 2005-04-02 06:51:54 + (Sat, 02 Apr 2005) New Revision: 6179 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6179 Log: - add new spoolss tests for all spoolss_Enum*() calls which didn't need a handle as parameter, EnumPorts EnumPrinterDrivers EnumMonitors EnumPrintProcessors EnumPrinters we now do cross checks between the different info levels and sore the results in a global context, so that we later can add cross checks between the different object types - add idl for EnumMonitors and EnumPrintProcessors metze Modified: branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/librpc/idl/spoolss.idl branches/SAMBA_4_0/source/librpc/ndr/ndr_spoolss_buf.c branches/SAMBA_4_0/source/torture/rpc/spoolss.c Changeset: Sorry, the patch is too large (1094 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6179
