[Samba] One way Samba
I am running Samba 2:3.3.2 on a Kubuntu 9.04 Linux box. With the configuration file below the linux box can see and retrieve shared files on all 5 of my windows boxes. However, none of the windows boxes can see the linux shares as they are defined in the smb.conf below. The linux box shows up in the windows network neighborhood as Mercury1 but when I try to open it to show the shares I get the message "\\Mercury1 is not accessible. . The network paath was not found. Can anyone help? Please. [global] netbios name = Mercury1 server string = Samba file and print server workgroup = MNET security = user hosts allow = 127. 192.77.0. interfaces = 127.0.0.1/8 192.168.77.0/24 bind interfaces only = yes remote announce = 192.168.77.255 remote browse sync = 192.168.77.255 printcap name = cups load printers = yes cups options = raw printing = cups guest account = smbguest log file = /var/log/samba/samba.log max log size = 1000 null passwords = no username level = 6 password level = 6 encrypt passwords = yes unix password sync = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no domain master = no preferred master = no domain logons = no os level = 33 logon drive = m: logon home = \\%L\homes\%u logon path = \\%L\profiles\%u logon script = %G.bat time server = no name resolve order = wins lmhosts bcast wins support = yes wins proxy = no dns proxy = no preserve case = yes short preserve case = yes client use spnego = no client signing = no client schannel = no server signing = no server schannel = no nt pipe support = yes nt status support = yes allow trusted domains = no obey pam restrictions = yes enable spoolss = yes client plaintext auth = no disable netbios = no follow symlinks = no update encrypted = yes pam password change = no passwd chat timeout = 120 hostname lookups = no username map = /etc/samba/smbusers smb passwd file = /etc/samba/smbpasswd passwd program = /usr/bin/passwd '%u' passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null '%u' add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null -g '%g' '%u' add group script = /usr/sbin/groupadd '%g' delete user script = /usr/sbin/userdel '%u' delete user from group script = /usr/sbin/userdel '%u' '%g' delete group script = /usr/sbin/groupdel '%g' add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c 'Samba Machine Account' -s /dev/null -M '%u' machine password timeout = 120 idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind use default domain = yes winbind separator = @ winbind cache time = 360 winbind trusted domains only = yes winbind nested groups = no winbind nss info = no winbind refresh tickets = no winbind offline logon = no [homes] comment = Home Directories path = /home read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no share modes = no locking = no [netlogon] comment = Network Logon Service path = /home/netlogon read only = no available = yes browseable = yes writable = no guest ok = no public = no printable = no share modes = no locking = no [profiles] comment = User Profiles path = /var/samba/profiles read only = no available = yes browseable = no writable = yes guest ok = no public = no printable = no locking = no create mode = 0600 directory mask = 0700 [printers] comment = All Printers path = /var/spool/samba browseable = yes writable = no guest ok = no public = no printable = yes share modes = no locking = no [pdf-documents] path = /home/pdf-documents comment = Converted PDF Documents available = yes browseable = yes writeable = yes guest ok = yes [pdf-printer] path = /tmp comment = PDF Printer Service printable = yes guest ok = yes use client driver = yes printing = bsd print command = /usr/bin/gadmin-samba-pdf %s %u lpq command = lprm command = [Book] path = /media/FreeAgent/Drive/Book comment = Book Chapters valid users = jon admin users = jon read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no share modes = no locking = no [Photos] path = /media/FreeAgent/Drive/Photos comment = All Photos valid users = jon admin users = jon read only = no available = yes browseable = yes writable = yes guest ok = no public = no printable = no share modes = no locking = no -- View this message in context: http://old.nabble.com/One-way-Samba-tp26621707p26621707.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Prevent non domain computer to access samba shares.
Hi, I'd like to ask about security in samba. We have a couple of users that use to login into their computer using local-user names, and then access samba shares with samba users. Their computer had been joinned into the domain, before they used their local admin privilleges to dislodge their computer from the domain. Currently, those computers are still listed in the pdc, if you'd ask me then. In the slapd.conf (openpdc backend), we have this configuration: access to attrs=userPassword,sambaLMPassword,sambaNTPassword by dnattr=administrator write by self write by anonymous auth by * none access to * by * read Since this is a production server that we use for almost all authentication, we cannot play with it. Do you guys know what we should do with our samba file server? Thank you in advance. Regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Deletion of directory symlink via Samba deletes files in original subdirectory on Unix
Hi Andy -- The directories are group owned by a bunch of engineers so all members of that group have permissions to delete all of it: symlink, subdir, and files in the subdir. If they do this on the Unix side, it only deletes the symlink and sometimes they have scripts on the Windows side that need to delete the symlinks, hence the issue we're seeing now. Kathy > > I don't have a solution to your problem, although I discovered a similar > problem in Samba's behavior with symlinks to FILES. Getting good Level 10 > logs was key to figuring out what the problem was -- and fixing it. That > got fixed in 3.0.14 or 3.0.15 I believe. > > I myself make extensive use of symlinks to DIRECTORIES in my applications. > If you're thinking about a workaround, here's a question: > > What are the permissions on the directories that the symlinks point to? If a > user could directly see one of those directories, would he/she be able to > delete it? > > Andy > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Deletion of directory symlink via Samba deletes files in original subdirectory on Unix
Hello Any ideas? I am going to compile the latest and greatest Samba and put it on a test machine to see if it resolves the problem. Thanks -- Kathy I don't have a solution to your problem, although I discovered a similar problem in Samba's behavior with symlinks to FILES. Getting good Level 10 logs was key to figuring out what the problem was -- and fixing it. That got fixed in 3.0.14 or 3.0.15 I believe. I myself make extensive use of symlinks to DIRECTORIES in my applications. If you're thinking about a workaround, here's a question: What are the permissions on the directories that the symlinks point to? If a user could directly see one of those directories, would he/she be able to delete it? Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Deletion of directory symlink via Samba deletes files in original subdirectory on Unix
I'm reposting this because I posted it last time and then ran off to Thanksgiving vacation. The last question regarding it was what version of Samba we are using. We have multiple versions on different flavors of Unix: 3.0.25a (Solaris 10 package), 3.0.33 (RHEL 4 package), and hand compiled 3.2.8 on RHEL 5. All versions behave the same and have the same issue. The issue: If you delete a Unix symlink via Samba that points to a directory full of files, it will not only delete the symlink, but also the files inside the pointed to subdirectory. The subdir remains intact, but now empty with no files. Any ideas? I am going to compile the latest and greatest Samba and put it on a test machine to see if it resolves the problem. Thanks -- Kathy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CIFS and ghost files.
Linux server01 2.6.18-164.2.1.el5 #1 SMP Mon Sep 21 04:37:51 EDT 2009 i686 i686 i386 GNU/Linux Thank you. Jeff Layton 12/02/2009 03:27 PM To robertobo...@bayviewassetmanagement.com cc samba@lists.samba.org Subject Re: [Samba] CIFS and ghost files. On Wed, 2 Dec 2009 10:55:50 -0500 robertobo...@bayviewassetmanagement.com wrote: > Hello everyone. > > I hope I can get some help with this problem we are having. > > We have a CIFS mount (from a NetApp) were we write files (php > application). Then the files are being copied to a directory in the same > CIFS filesystem, then a process on a Windows server picks up the file and > deletes it. > > The thing is, later the php app, generates a new file and when it tries to > copy it it says "the file doesn't exists". So if I go to the "copy" > location and do an ls I don't see the file, but if I do ls -l "filename" > then it shows!!! > > I issue a rm "filename" and I got a "no such file or directory", then I do > a ls -l "filename" is not there anymore. here some steps: > > A.- On a CIFS filesystem /path/ on a RHEL 5 server (server1): > > 1.- PHP app generates file (test.txt) on /path/temp/ > 2.- PHP app copies file from /path/temp/ to /path/final/ > > B.- On a Windows server accessing the same /path/ share (server2) > > 1.- Informatica sees the test.txt file on /path/final/ executes a > proccess, deletes the file > > C.- On server 1 > > 1.- PHP app generates file (test.txt) on /path/temp/ > 2.- PHP app copies file from /path/temp/ to /path/final/ > the app > fails with an error > > D.- Admin (ME) > > 1.- Goes to the server an does: ls -l /path/final/ ---> file is not there > 2.- Does: ls -l /path/final/test.txt and gets: -rwxrwSrwx 1 wwwspool > wwwspool 0 Nov 4 10:38 test.txt > 3.- Does: rm /path/final/test.txt and gets: rm: cannot remove `test.txt': > No such file or directory > > The cycle starts again on A. > > thanks for your help. Interesting. What kernel are you using here? -- Jeff Layton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] User executional bit set when creating/modifying file on linux server from linux client
On Wed, 02 Dec 2009 16:53:53 +0100 Fredrik Liljegren wrote: > Jeff Layton wrote: > > I was actually more interested in a wire capture, but this tells me > > something too... > > > > The logs here indicate that unix extensions were in effect. With that, > > the file_mode and dir_mode should really never have any effect. I have > > a feeling that these are bugs that existed prior to the big overhaul of > > inode handling that went into 2.6.31. > > > > Is there a way for you to test a more recent kernel here (something > > 2.6.31 or 2.6.32-ish)? > > > I upgraded to 2.6.31-1-amd64 (debian sid), but that didn't change > anything. Without file_mode in the mount, a simple file change still > adds u+x. > > /F > > PS: I tried without nodfs, but then I get permission denied trying to > change mode with chmod u-x... > (adding samba list back to cc list) I see where we do send the mnt_file_mode in a posix open call if we're opening an existing file. The server should ignore that however. Even if it didn't, 3.0.24 probably has broken posix open calls for existing files so I'm not sure it would use that codepath anyway. This sounds really strange. Could you get a wire capture so we can see what's happening there? It might also be best to open a bug at bugzilla.samba.org as that would give us a better forum for tracking this issue. If you do that, please add me to the cc list (or email me with the bug number and I'll add myself). Thanks, -- Jeff Layton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CIFS and ghost files.
On Wed, 2 Dec 2009 10:55:50 -0500 robertobo...@bayviewassetmanagement.com wrote: > Hello everyone. > > I hope I can get some help with this problem we are having. > > We have a CIFS mount (from a NetApp) were we write files (php > application). Then the files are being copied to a directory in the same > CIFS filesystem, then a process on a Windows server picks up the file and > deletes it. > > The thing is, later the php app, generates a new file and when it tries to > copy it it says "the file doesn't exists". So if I go to the "copy" > location and do an ls I don't see the file, but if I do ls -l "filename" > then it shows!!! > > I issue a rm "filename" and I got a "no such file or directory", then I do > a ls -l "filename" is not there anymore. here some steps: > > A.- On a CIFS filesystem /path/ on a RHEL 5 server (server1): > > 1.- PHP app generates file (test.txt) on /path/temp/ > 2.- PHP app copies file from /path/temp/ to /path/final/ > > B.- On a Windows server accessing the same /path/ share (server2) > > 1.- Informatica sees the test.txt file on /path/final/ executes a > proccess, deletes the file > > C.- On server 1 > > 1.- PHP app generates file (test.txt) on /path/temp/ > 2.- PHP app copies file from /path/temp/ to /path/final/ > the app > fails with an error > > D.- Admin (ME) > > 1.- Goes to the server an does: ls -l /path/final/ ---> file is not there > 2.- Does: ls -l /path/final/test.txt and gets: -rwxrwSrwx 1 wwwspool > wwwspool 0 Nov 4 10:38 test.txt > 3.- Does: rm /path/final/test.txt and gets: rm: cannot remove `test.txt': > No such file or directory > > The cycle starts again on A. > > thanks for your help. Interesting. What kernel are you using here? -- Jeff Layton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba & unix group permissions problems
On Sat, Nov 7, 2009 at 17:21, Mariano Absatz wrote: > On Sat, Nov 7, 2009 at 07:32, vishesh kumar wrote: >> Dear mariano >> >> Why you not using 'force group' parameter . This will set group owner of >> newly created folder correctly. > That I tried to no avail... it didn't work either :-( Hi... I'm sorry I didn't follow this up on time... I did eventually solve it and wanted to share what the problem was. The problem was that the uidNumber of the users involved, as they had been created 'before samba', I had left them out of the idmap range and somehow samba was either trying to generate new unix user id's or something. Widening the idmap range to cover the already created uidNumber's solved the problem. -- Mariano Absatz - El Baby www.clueless.com.ar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] acl_tdb
On Wed, Dec 02, 2009 at 08:50:59PM +0200, Vytautas Kasparavicius wrote: > Hello, > How to manage acl from command line when using acl_tdb module? smbcacls. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] acl_tdb
Hello, How to manage acl from command line when using acl_tdb module? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] unsuscribe
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba + LDAP: Changing user's group
I'm having this same problem, but it's new. Using 3.4.2 Debian packages, recently upgraded. I never had any type of LDAP group caching problem until the last 2 weeks. I added a user to an LDAP group as normal because they needed access to a new share. Cleared the nscd caches as normal. The service definition uses force group = +groupName valid users = @admins, @groupName write list = @admins, @groupName All of the people previously in @groupName retain access to the share. The person I just added cannot access it. getent, groups, etc all return the correct group membership. If I add the account explicitly to valid users & write list, it works as soon as I do an smbd reload. Did some behavior change or have we stumbled on a new bug? Wes On Monday 30 November 2009 07:29:33 am davefu wrote: > > Hi, thanks for answering. > > I have only 1 Samba server. When I mentioned changes on groups, I meant on > LDAP server. LDAP is used on both system and samba environments. When > changing groups on users, those changes are instant on the system > environment, but not on Samba. > > - I create a new "Folder A", with full permissions for "Group A" > - "User B" (belonging to group B), logs via SSH to the server, and can't > access the "Folder A". > - "User B" logs via Samba using his Windows desktop machine, and can't > access the "Folder A" (previously configured inside a Samba Resource). > - Now I add "User B" to "Group A" via LDAP. He belongs now to "Group A" and > "Group B". > - Getent group | grep "User B" shows correctly both groups on the user. > - "User B" correctly access "Folder A", write files, etc via console, ssh, > or any kind of regular system authentication (since system is using pam > libraries, configured to use LDAP as backend). > - "User B" still can't access "Folder A" in any way. Samba has cached "User > B" credentials, and haven't checked LDAP again for a while. The only option > is to restart Samba, or wait randomly until Samba refreshes / syncs LDAP > info about that user again. > > Hope this little story explains my problem better. > Sorry for my english. > > Thanks! > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbclient, meaning of workgroup/master table
Hello list, I have a little question. When I do smbclient -L //server, what does the following table mean? WorkgroupMaster ---- ADMINISTRACION ADM003 AEYT AEYT4 TRABAJO ESTEEQUIPO WORKGROUPJUKEBOX I'm asking because I have 5 samba domains and when I do smbclient -L against the domain servers, I get different information in the table. For example I get something like the following: smbclient -L //server1 -U% WorkgroupMaster ---- domain1 server1 domain2 server2 domain3 server3 smbclient -L //server2 -U% WorkgroupMaster ---- domain1 server1 domain2 someworkstation-in.domain2 domain3 someworkstation-in-domain3 smbclient -L //server3 -U% WorkgroupMaster ---- domain1 server1 domain2 someworkstation-in-domain2 domain3 server3 Is this normal? Thanks, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] CIFS and ghost files.
Hello everyone. I hope I can get some help with this problem we are having. We have a CIFS mount (from a NetApp) were we write files (php application). Then the files are being copied to a directory in the same CIFS filesystem, then a process on a Windows server picks up the file and deletes it. The thing is, later the php app, generates a new file and when it tries to copy it it says "the file doesn't exists". So if I go to the "copy" location and do an ls I don't see the file, but if I do ls -l "filename" then it shows!!! I issue a rm "filename" and I got a "no such file or directory", then I do a ls -l "filename" is not there anymore. here some steps: A.- On a CIFS filesystem /path/ on a RHEL 5 server (server1): 1.- PHP app generates file (test.txt) on /path/temp/ 2.- PHP app copies file from /path/temp/ to /path/final/ B.- On a Windows server accessing the same /path/ share (server2) 1.- Informatica sees the test.txt file on /path/final/ executes a proccess, deletes the file C.- On server 1 1.- PHP app generates file (test.txt) on /path/temp/ 2.- PHP app copies file from /path/temp/ to /path/final/ > the app fails with an error D.- Admin (ME) 1.- Goes to the server an does: ls -l /path/final/ ---> file is not there 2.- Does: ls -l /path/final/test.txt and gets: -rwxrwSrwx 1 wwwspool wwwspool 0 Nov 4 10:38 test.txt 3.- Does: rm /path/final/test.txt and gets: rm: cannot remove `test.txt': No such file or directory The cycle starts again on A. thanks for your help. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] User executional bit set when creating/modifying file on linux server from linux client
On Wed, 02 Dec 2009 15:01:35 +0100 Fredrik Liljegren wrote: > Jeff Layton wrote: > > On Wed, 02 Dec 2009 10:19:52 +0100 > > Fredrik Liljegren wrote: > > > > > >> Whenever I create or modify a file on my cifs-mount, be it by `echo > >> "test" >> file` or from bash, the file mode is changed with u+x. > >> However, that does not happen with touch, and usign chmod u-x works as > >> it should. This is very annoying... > >> > > That is strange, I'm not aware of anything in cifs that would change inode > > permissions on a write call. Some questions: > > > > What mount options are you using? > > > I used > nodfs,rw,iocharset=utf8,localcharset=utf8,uid=fiddur,gid=fiddur,credentials=/home/fiddur/.effie-smb > > Hmm, could it be nodfs that messes it up? That's a remnant of earlier > tries to get this right... > > I discovered now that using file_mode=0664,dir_mode=0775 works, but that > is quite suboptimal... > > > > Does the server have any special "create mode" or "create mask" type > > settings that might affect the mode assigned to the inode? > > > The server uses: > force create mode = 0664 > force directory mode = 0775 > > ...but I guess it is unix extensions that makes files other than 0664. > > > What kernel is this client running? > > > 2.6.30-1-amd64 from debian. > > > What kernel is the ubuntu client running? > > > The ubuntu mount used file_mode and dir_mode in the mounting, so that > would be the reason for the difference. (It's a collegues computer...) > > > It might be interesting to see a wire capture while recreating this. > > Instructions on doing that are here: > > > > http://wiki.samba.org/index.php/LinuxCIFS_troubleshooting > > > > If you like, you can send the capture to me directly and I'll have a > > look. > > > Here's the output from a `echo "test" > test1` where test1 gets u+x > (including it, it's <100 rows): > > [195493.276026] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: > CIFS VFS: in cifs_writepages as Xid: 940557 with uid: 0 > [195493.276031] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: > CIFS VFS: leaving cifs_writepages (xid = 940557) rc = 0 > [195500.523217] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > CIFS VFS: in cifs_revalidate as Xid: 940558 with uid: 1000 > [195500.523224] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > Revalidate: /tmp/test1 inode 0x880112cf75e0 count 1 dentry: > 0x880112cb18c0 d_time 4343754864 jiffies 4343767426 > [195500.523228] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > Getting info on /tmp/test1 > [195500.523231] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/cifssmb.c: > In QPathInfo (Unix) the path /tmp/test1 > [195500.523252] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/transport.c: > For smb_command 50 > [195500.523255] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/transport.c: > Sending smb: total_len 98 > [195500.523618] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/connect.c: > rfc1002 length 0xa4 > [195500.523628] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > Old time 4343754864 > [195500.523630] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > New time 4343767426 > [195500.523634] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > Size 5 and blocks 8 > [195500.523636] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > cifs_revalidate - inode unchanged > [195500.523641] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: > CIFS VFS: in cifs_writepages as Xid: 940559 with uid: 1000 > [195500.523645] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: > CIFS VFS: leaving cifs_writepages (xid = 940559) rc = 0 > [195500.523648] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > CIFS VFS: leaving cifs_revalidate (xid = 940558) rc = 0 > [195500.523654] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: > setattr_unix on file test1 attrs->ia_valid=0x8068 > [195500.523657] > /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linu
Re: [Samba] Ldap replication
On 12/02/09 01:51, Kevin Kimani wrote: Hi all, i have a setup where by there is a PDC thats authenticating users through ldap. i have several other BDCs' that are doing the replication of the main server. am trying to setup the users to be authenticated by the BDC but am not able to. Any suggestions will be quite helpful Regards kevin Do you mean samba replication or ldap replication? All DC's should be configured for security=user domain logons=yes passdb backend = ldapsam:ldap://yourldapserver They don't actually have to point to the same ldap server- they should be able to point to a replica ldap server (if that exists.) The PDC would have to point either to a master LDAP server or a writable replica. I have been setting this up with Sun Directory Server so I can't comment on OpenLDAP. On each DC the " net getdomainsid" should show that the machine SID is the same as the domain SID. I would also make sure that the output of "net groupmap list" and "pbedit -Lv" is the same on all DC's. I would make sure that the following "net rpc user info" command is returning the same results from each DC. e.g # net rpc user info someuser -U Administrator -S mypdc Password: Domain Users Sales Marketing # Make sure that all machines are using the same WINS server. I have my PDC as the WINS server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] User executional bit set when creating/modifying file on linux server from linux client
Jeff Layton wrote: > On Wed, 02 Dec 2009 10:19:52 +0100 > Fredrik Liljegren wrote: > > >> Whenever I create or modify a file on my cifs-mount, be it by `echo >> "test" >> file` or from bash, the file mode is changed with u+x. >> However, that does not happen with touch, and usign chmod u-x works as >> it should. This is very annoying... >> > That is strange, I'm not aware of anything in cifs that would change inode > permissions on a write call. Some questions: > > What mount options are you using? > I used nodfs,rw,iocharset=utf8,localcharset=utf8,uid=fiddur,gid=fiddur,credentials=/home/fiddur/.effie-smb Hmm, could it be nodfs that messes it up? That's a remnant of earlier tries to get this right... I discovered now that using file_mode=0664,dir_mode=0775 works, but that is quite suboptimal... > Does the server have any special "create mode" or "create mask" type > settings that might affect the mode assigned to the inode? > The server uses: force create mode = 0664 force directory mode = 0775 ...but I guess it is unix extensions that makes files other than 0664. > What kernel is this client running? > 2.6.30-1-amd64 from debian. > What kernel is the ubuntu client running? > The ubuntu mount used file_mode and dir_mode in the mounting, so that would be the reason for the difference. (It's a collegues computer...) > It might be interesting to see a wire capture while recreating this. > Instructions on doing that are here: > > http://wiki.samba.org/index.php/LinuxCIFS_troubleshooting > > If you like, you can send the capture to me directly and I'll have a > look. > Here's the output from a `echo "test" > test1` where test1 gets u+x (including it, it's <100 rows): [195493.276026] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: CIFS VFS: in cifs_writepages as Xid: 940557 with uid: 0 [195493.276031] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: CIFS VFS: leaving cifs_writepages (xid = 940557) rc = 0 [195500.523217] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: CIFS VFS: in cifs_revalidate as Xid: 940558 with uid: 1000 [195500.523224] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: Revalidate: /tmp/test1 inode 0x880112cf75e0 count 1 dentry: 0x880112cb18c0 d_time 4343754864 jiffies 4343767426 [195500.523228] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: Getting info on /tmp/test1 [195500.523231] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/cifssmb.c: In QPathInfo (Unix) the path /tmp/test1 [195500.523252] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/transport.c: For smb_command 50 [195500.523255] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/transport.c: Sending smb: total_len 98 [195500.523618] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/connect.c: rfc1002 length 0xa4 [195500.523628] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: Old time 4343754864 [195500.523630] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: New time 4343767426 [195500.523634] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: Size 5 and blocks 8 [195500.523636] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: cifs_revalidate - inode unchanged [195500.523641] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: CIFS VFS: in cifs_writepages as Xid: 940559 with uid: 1000 [195500.523645] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/file.c: CIFS VFS: leaving cifs_writepages (xid = 940559) rc = 0 [195500.523648] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: CIFS VFS: leaving cifs_revalidate (xid = 940558) rc = 0 [195500.523654] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: setattr_unix on file test1 attrs->ia_valid=0x8068 [195500.523657] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/inode.c: CIFS VFS: in cifs_setattr_unix as Xid: 940560 with uid: 1000 [195500.523661] /build/buildd-linux-2.6_2.6.30-4-amd64-zA7FCt/linux-2.6-2.6.30/debian/build/source_amd64_none/fs/cifs/cifssmb.c: In SetEOF [195500.523664]
[Samba] syslog messages
Hello, my syslog contains strange messages of smbd : Dec 2 11:35:31 srv-scribe smbd[11825]: call_nt_transact_ioctl(0x90073): Curre ntly not implemented. Does anybody knows what it is ? Thanks -- Damien VARREL Lycée Saint Exupéry 01200 Bellegarde/Valserine Eco-attitudeN'imprimez ce mail que si c'est vraiment nécessaire -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] User executional bit set when creating/modifying file on linux server from linux client
On Wed, 02 Dec 2009 10:19:52 +0100 Fredrik Liljegren wrote: > Whenever I create or modify a file on my cifs-mount, be it by `echo > "test" >> file` or from bash, the file mode is changed with u+x. > However, that does not happen with touch, and usign chmod u-x works as > it should. This is very annoying... > > It is a linux samba server running samba 3.0.24. I know it's not the > latest, and if you know there was a bug fixed that can solve my problem, > I can probably get the serveradmins to upgrade it... but if it's a > config problem, that's easier... > > I use linux mount.cifs version: 1.12-3.4.3 > > On another computer here, runnig ubuntu instead of debian, and > mount.cifs 1.12-3.3.2, modifying files does NOT set u+x! > > > > Example: > > Initial directory: > > fid...@ydalar:~/mnt/liljegren/tmp$ ls -la > totalt 0 > drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.51 . > drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. > > > Creating file with touch doesn't get any u+x: > fid...@ydalar:~/mnt/liljegren/tmp$ touch test1 > fid...@ydalar:~/mnt/liljegren/tmp$ ls -la > totalt 0 > drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.52 . > drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. > -rw-rw-r-- 1 fiddur fiddur 0 2 dec 09.52 test1 > > > Creating a file by output redirection gives u+x: > fid...@ydalar:~/mnt/liljegren/tmp$ echo "hej" > test2 > fid...@ydalar:~/mnt/liljegren/tmp$ ls -la > totalt 4 > drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.53 . > drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. > -rw-rw-r-- 1 fiddur fiddur 0 2 dec 09.52 test1 > -rwxrw-r-- 1 fiddur fiddur 4 2 dec 09.53 test2 > > Removing with chmod works: > fid...@ydalar:~/mnt/liljegren/tmp$ chmod u-x test2 > fid...@ydalar:~/mnt/liljegren/tmp$ ls -la > totalt 4 > drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.53 . > drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. > -rw-rw-r-- 1 fiddur fiddur 0 2 dec 09.52 test1 > -rw-rw-r-- 1 fiddur fiddur 4 2 dec 09.53 test2 > > Modifying with appending redirection adds u+x too: > fid...@ydalar:~/mnt/liljegren/tmp$ echo "test" >> test1 > fid...@ydalar:~/mnt/liljegren/tmp$ ls -la > totalt 8 > drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.53 . > drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. > -rwxrw-r-- 1 fiddur fiddur 5 2 dec 09.54 test1 > -rw-rw-r-- 1 fiddur fiddur 4 2 dec 09.53 test2 > > > > Additional info: > > fid...@ydalar:~/mnt/liljegren/tmp$ cat /proc/fs/cifs/DebugData > Display Internal CIFS Data Structures for Debugging > --- > CIFS Version 1.58 > Active VFS Requests: 0 > Servers: > 1) Name: xxx.xxx.xxx.xxx Domain: Uses: 1 OS: Unix > NOS: Samba 3.0.24Capability: 0x80f3fd > SMB session status: 1TCP status: 1 > Local Users To Server: 1 SecMode: 0x3 Req On Wire: 0 > Shares: > 1) \\EFFIE\liljegren.devshop Mounts: 1 Type: NTFS DevInfo: 0x0 > Attributes: 0x2b > PathComponentMax: 255 Status: 0x1 type: 0 > > MIDs: > That is strange, I'm not aware of anything in cifs that would change inode permissions on a write call. Some questions: What mount options are you using? Does the server have any special "create mode" or "create mask" type settings that might affect the mode assigned to the inode? What kernel is this client running? What kernel is the ubuntu client running? It might be interesting to see a wire capture while recreating this. Instructions on doing that are here: http://wiki.samba.org/index.php/LinuxCIFS_troubleshooting If you like, you can send the capture to me directly and I'll have a look. -- Jeff Layton -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] User executional bit set when creating/modifying file on linux server from linux client
Whenever I create or modify a file on my cifs-mount, be it by `echo "test" >> file` or from bash, the file mode is changed with u+x. However, that does not happen with touch, and usign chmod u-x works as it should. This is very annoying... It is a linux samba server running samba 3.0.24. I know it's not the latest, and if you know there was a bug fixed that can solve my problem, I can probably get the serveradmins to upgrade it... but if it's a config problem, that's easier... I use linux mount.cifs version: 1.12-3.4.3 On another computer here, runnig ubuntu instead of debian, and mount.cifs 1.12-3.3.2, modifying files does NOT set u+x! Example: Initial directory: fid...@ydalar:~/mnt/liljegren/tmp$ ls -la totalt 0 drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.51 . drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. Creating file with touch doesn't get any u+x: fid...@ydalar:~/mnt/liljegren/tmp$ touch test1 fid...@ydalar:~/mnt/liljegren/tmp$ ls -la totalt 0 drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.52 . drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. -rw-rw-r-- 1 fiddur fiddur 0 2 dec 09.52 test1 Creating a file by output redirection gives u+x: fid...@ydalar:~/mnt/liljegren/tmp$ echo "hej" > test2 fid...@ydalar:~/mnt/liljegren/tmp$ ls -la totalt 4 drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.53 . drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. -rw-rw-r-- 1 fiddur fiddur 0 2 dec 09.52 test1 -rwxrw-r-- 1 fiddur fiddur 4 2 dec 09.53 test2 Removing with chmod works: fid...@ydalar:~/mnt/liljegren/tmp$ chmod u-x test2 fid...@ydalar:~/mnt/liljegren/tmp$ ls -la totalt 4 drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.53 . drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. -rw-rw-r-- 1 fiddur fiddur 0 2 dec 09.52 test1 -rw-rw-r-- 1 fiddur fiddur 4 2 dec 09.53 test2 Modifying with appending redirection adds u+x too: fid...@ydalar:~/mnt/liljegren/tmp$ echo "test" >> test1 fid...@ydalar:~/mnt/liljegren/tmp$ ls -la totalt 8 drwxrwxr-x 2 fiddur fiddur 0 2 dec 09.53 . drwxrwsr-x 15 fiddur fiddur 0 2 dec 09.51 .. -rwxrw-r-- 1 fiddur fiddur 5 2 dec 09.54 test1 -rw-rw-r-- 1 fiddur fiddur 4 2 dec 09.53 test2 Additional info: fid...@ydalar:~/mnt/liljegren/tmp$ cat /proc/fs/cifs/DebugData Display Internal CIFS Data Structures for Debugging --- CIFS Version 1.58 Active VFS Requests: 0 Servers: 1) Name: xxx.xxx.xxx.xxx Domain: Uses: 1 OS: Unix NOS: Samba 3.0.24Capability: 0x80f3fd SMB session status: 1TCP status: 1 Local Users To Server: 1 SecMode: 0x3 Req On Wire: 0 Shares: 1) \\EFFIE\liljegren.devshop Mounts: 1 Type: NTFS DevInfo: 0x0 Attributes: 0x2b PathComponentMax: 255 Status: 0x1 type: 0 MIDs: Regards, Fredrik -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4.2 with Solaris ZFS Snaphots
Hi, Ed Plese wrote: What patches are currently pending? Do any of them eliminate the need for some of the ZFS patches? Obviously none. The patches from http://www.edplese.com/samba-with-zfs.html do actually work with some modifications. But with 3.5 after compiling well the module doesn't work at all, and breaks folder sharing: [2009/12/01 14:14:55.967820, 0] smbd/service.c:1009(make_connection_snum) '/data/daten' is not a directory, when connecting to [Daten] Has anyone else started merging these patches to the shadow_copy2 module? If not, I'll get started with it. Is there any documentation about this modules (resp. shadow_copy2) ? I need some hints how to configure e.g. the location of the snapdir, format, ... Regards Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 + openldap: provisioning isnt working
Wiki seems to be out of date here. The wiki reference's [1] [2] a "setup/provision-backend" script, as well as a "setup/provision" script, yet current git only has a setup/provision executable. Some #samba and #openldap IRC advice was that provision-backend wasnt needed anymore, but based off the errors i'm seeing, there's definitely _something_ missing, I just dont know if that something ( /usr/local/samba4/private/ldap/slapd.d/ files ) ought to be provided by the missing setup/provision-backend. [1] http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP [2] http://wiki.samba.org/index.php/Samba4/HOWTO/Ubuntu_Server_9.04 Following IRC advice, I attempted to just use the setup/provision script. It didnt work. I added a "[running]" print to provisionbackend.py, to see what it was running, so I could attempt to run slapd as it was running it, with debugging enabled. Heres the result: rekt...@deneb:~/archives/samba/source4$ setup/provision --realm=ELDERGODS.COM --ldap-backend-type=openldap --server-role=dc --domain=ELDERGODS --slapd-path='/usr/sbin/slapd' [running] '/usr/sbin/slapd' '-F/usr/local/samba4/private/ldap/slapd.d' '-h' 'ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi' Failed to bind - LDAP client internal error: NT_STATUS_UNEXPECTED_NETWORK_ERROR Failed to connect to 'ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi' Traceback (most recent call last): File "setup/provision", line 213, in nosync=opts.nosync,ldap_dryrun_mode=opts.ldap_dryrun_mode) File "bin/python/samba/provision.py", line 1257, in provision provision_backend.start() File "bin/python/samba/provisionbackend.py", line 252, in start raise ProvisioningError("slapd died before we could make a connection to it") NameError: global name 'ProvisioningError' is not defined rekt...@deneb:~/archives/samba/source4$ rekt...@deneb:~/archives/samba/source4$ rekt...@deneb:~/archives/samba/source4$ '/usr/sbin/slapd' '-F/usr/local/samba4/private/ldap/slapd.d' '-h' 'ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi' -d 32767 @(#) $OpenLDAP: slapd 2.4.17 (Nov 10 2009 19:58:41) $ bui...@nautilus:/build/buildd/openldap-2.4.17/debian/build/servers/slapd ldap_pvt_gethostbyname_a: host=deneb, r=0 daemon_init: ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi daemon_init: listen on ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi daemon_init: 1 listeners to open... ldap_url_parse_ext(ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi) daemon: listener initialized ldapi://%2Fusr%2Flocal%2Fsamba4%2Fprivate%2Fldap%2Fldapi daemon_init: 1 listeners opened ldap_create slapd init: initiated server. slap_sasl_init: initialized! backend_startup_one: starting "cn=config" ldif_read_file: no entry file "/usr/local/samba4/private/ldap/slapd.d/cn=config.ldif" send_ldap_result: conn=-1 op=0 p=0 send_ldap_result: err=32 matched="" text="" slapd destroy: freeing system resources. slapd stopped. connections_destroy: nothing to destroy. The /usr/local/samba4/private/ldap/slapd.d/ directory is completely empty. I'm not sure what is supposed to populate this, but as can be seen from the above debug logs, the slapd kicked off by setup/provision is definitely expecting there to be contents. This could very well be a result of the missing-in-action setup/provision-backend script. I'll be happy to do some wiki updating if I can get this issue resolved: the OpenLDAP wiki entry's last major work was the Ides of June 2008. Regards, rektide -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba