[Samba] smbcacls add acl issue
Hi , I am facing weird issue with samba 3.0.28 package on Cent OS 5.2. Following is acl of the file hi.txt === # smbcacls //ntap/shkdata /RahulkTest/hi.txt -U QALAB\\Administrator%password REVISION:1 OWNER:QALAB+administrator GROUP:QALAB+Domain Users ACL:QALAB+tempAcct1:ALLOWED/0/FULL === I want to add acl "ACL:+Everyone:ALLOWED/16/FULL" for file hi.txt. But If I try to add, it gives following error: = [root@shekok1 ~]# smbcacls -a "ACL:Everyone:ALLOWED/16/FULL" //ntap/shkdata /RahulkTest/hi.txt -U QALAB\\Administrator%password cacl_set failed to open \RahulkTest\hi.txt: NT_STATUS_ACCESS_DENIED = But if I try to add same acl with samba 3.0.23c, it is successful. Why it is an issue with latest versions as it works fine with older version 3.0.23c. Following is snippet of strace of smbcacls command: == # strace smbcacls -a "ACL:Everyone:ALLOWED/16/FULL" //ntap/shkdata /RahulkTest/hi.txt -U QALAB\\Administrator%password execve("/usr/bin/smbcacls", ["smbcacls", "-a", "ACL:Everyone:ALLOWED/16/FULL", "//ntap/shkdata", "/RahulkTest/hi.txt", "-U", "QALAB\\Administrator%password"], [/* 27 vars */]) = 0 brk(0) = 0x9f03000 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ffd000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/opt/openkaz/lib/tls/i686/sse2/libcrypt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/opt/openkaz/lib/tls/i686/sse2", 0xbfc59498) = -1 ENOENT (No such file or directory) .. read(4, "\377SMB\4\0\0\0\0\210\1\200\0\0\0\0\0\0\0\0\0\0\0\0@\0$r\0\10\7\0"..., 35) = 35 write(4, "\0\0\0z\377SMB\242\0\0\0\0\10\1\310\0\0\0\0\0\0\0\0\0\0\0\0@\0$r"..., 126) = 126 gettimeofday({1308224649, 923904}, NULL) = 0 select(5, [4], NULL, NULL, {10, 0}) = 1 (in [4], left {10, 0}) read(4, "\0\0\0#", 4) = 4 gettimeofday({1308224649, 924291}, NULL) = 0 select(5, [4], NULL, NULL, {10, 0}) = 1 (in [4], left {10, 0}) read(4, "\377SMB\242\"\0\0\300\210\1\300\0\0\0\0\0\0\0\0\0\0\0\0@\0$r\0\10\10\0"..., 35) = 35 fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 11), ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ff4000 write(1, "cacl_set failed to open \\RahulkT"..., 68cacl_set failed to open \RahulkTest\hi.txt: NT_STATUS_ACCESS_DENIED ) = 68 exit_group(1) == After adding acl, I change owner to QALAB+tempAcct1 to give exclusive access of file to tempAcct1user. So just wondering why it is not working with samba 3.0.28 or 3.0.33? Thanks, Rahul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to change owner of the file through smbcacls
I am able to change owner from User1 to Administrator at Domain Controller/active-directory machine. And after that from linux box, using smbcacls -C DOMAIN\\User1 .. command I am able to change owner from Administrator --> User1. But changing owner from User1 to Administrator using smbcacls is not working. User1 is in Domain admins, Administrators , backup operators group in active directory. ~rahul On Wed, 23 Mar 2011 15:11:13 , " Katariya Rahul " <rahulrahu...@rediffmail.com> wrote Hi , I am unable to change owner to Administrator of the file through smbcacls command. CIFS share is in french domain. SMBACLS for the file are: == smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\èçæreg;ôû%èçæreg;ôû REVISION:1 OWNER:ES1KR+èçæreg;ôû GROUP:ES1KR+Utilisa. du domaine ACL:+Tout le monde:DENIED/0/0x000d0116 ACL:ES1KR+èçæreg;ôû:ALLOWED/0/FULL smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy Failed to open \test.txt: NT_STATUS_ACCESS_DENIED smbcacls -C es1kr\Administrateur\%Qy //10.10.180.169/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy Failed to open \test.txt: NT_STATUS_ACCESS_DENIED === Although Administrator is not user, it can take ownership at any time. But this is not happening. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CIFS mount with non-ascii (UTF8) password is not working
This is a windows share. But I am trying to mount it from Linux. I tried iocharset=utf8 option, but it didn't work. If I map the same share from laptop (Windows OS), it work fine. I enabled CIFS debugging. Following are errors: == kernel: Status code returned 0xc06d NT_STATUS_LOGON_FAILURE !!Mapping smb error code 5 to POSIX err -13 !! nt_status is c06d == I am using username : ùrkkk and password ùrkkk. And user ùrkkk is in Administrators group. ~rahul On Sun, 27 Mar 2011 14:00:38 +0530 Jeff Layton <jlay...@redhat.com> wrote >On Fri, 25 Mar 2011 10:44:42 + >Moray Henderson <moray.hender...@ict-software.org> wrote: > >> Katariya Rahul wrote: >> > I have French CIFS server. >> > >> > If I try to map a share from any windows machine with non-ascii (UTF-8, >> > french characters are part of password) password, it is successful. >> > >> > But If I try from linux machine, it fails. >> > >> > mount -t cifs //MACHINE/DatasetFIGS_ùÉÀÊÚÎÏŒÄÑ£₣€ /tmp/rahul -o >> > user=ùù,password=ùù,domain=eKKDr >> > mount error 13 = Permission denied >> > Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) >> > >> > >> > Does CIFS supports non-ascii password? >> >> On the Linux machine, what output does the "locale" command give you? >> >> If you type the password at the Linux prompt where you can see it, do you get the right characters? If the keyboard isn't set right in Linux, it won't work. To see exactly how the password is being encoded, use "echo <password> | xxd" (although obviously don't post the output for a real password here). >> >> Was the password set from Windows or from Linux? If from Windows, then I would expect the encoding to be in either UTF-16 or the Windows locale 8-bit encoding, not UTF-8. For example, "Latin Small Letter E With Acute" is encoded as 0xE9 in the Windows Western encoding, 0xE900 in UTF-16, and 0xC3A9 in UTF-8. >> >> Does it work any better if you use Samba's own mount.cifs program directly rather than going through mount? >> >> I do not know what (if any) character encoding translation the cifs module does. Check whether the locale and "testparm -vs | grep char" on your CIFS server match the settings on the Linux machine you are doing the mapping from. >> >> > >Linux CIFS generally treats passwords as an opaque series of bytes. It >does no translation of that piece. > >-- >Jeff Layton <jlay...@redhat.com> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CIFS mount with non-ascii (UTF8) password is not working
I am able to mount same path when password is in ascii. But it gives problem when it is non-ascii. On Thu, 24 Mar 2011 12:32:56 +0530 "Helmut Hullen"wrote >Hallo, Katariya, > >Du meintest am 24.03.11: > >> I have French CIFS server. > >[...] > >> mount -t cifs //MACHINE/DatasetFIGS_ùÉ??ÄÑ£??¬ /tmp/rahul >> -o user=ùù,password=ùù,domain=eKKDr mount error 13 = Permission >> denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) >> > >> Does CIFS supports non-ascii password? > >Maybe it's not only a problem with the password; the path seems to be >non-ASCII too. > >And non-ASCII has many representations - not only UTF-8. > >Viele Gruesse! >Helmut >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Urgent: Unable to change owner of the file through smbcacls
password is having ascii characters. But path is non-ascii. I am able to mount it as password is in ascii. I am not able to change owner of the file to Administrator. On Thu, 24 Mar 2011 12:32:31 +0530 "Helmut Hullen"wrote >Hallo, Katariya, > >Du meintest am 24.03.11: > > >> I am unable to change owner to Administrator of the file through >> smbcacls command. > > > >> CIFS share is in french domain. > > > >> SMBACLS for the file are: > >> == > >> smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U >> es1kr\\USERNAME%PASSWORD > >> REVISION:1 > >> OWNER:ES1KR+èçæreg;ôû > >> GROUP:ES1KR+Utilisa. du domaine > >> ACL:+Tout le monde:DENIED/0/0x000d0116 > >> ACL:ES1KR+èçæreg;ôû:ALLOWED/0/FULL > > >No ASCII - is that the problem? > >Viele Gruesse! >Helmut >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] CIFS mount with non-ascii (UTF8) password is not working
Hi , I have French CIFS server. If I try to map a share from any windows machine with non-ascii (UTF-8, french characters are part of password) password, it is successful. But If I try from linux machine, it fails. mount -t cifs //MACHINE/DatasetFIGS_ùÉÀÊÚÎÏŒÄÑ£₣€ /tmp/rahul -o user=ùù,password=ùù,domain=eKKDr mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) Does CIFS supports non-ascii password? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Urgent: Unable to change owner of the file through smbcacls
Hi , I am unable to change owner to Administrator of the file through smbcacls command. CIFS share is in french domain. SMBACLS for the file are: == smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\USERNAME%PASSWORD REVISION:1 OWNER:ES1KR+èçæreg;ôû GROUP:ES1KR+Utilisa. du domaine ACL:+Tout le monde:DENIED/0/0x000d0116 ACL:ES1KR+èçæreg;ôû:ALLOWED/0/FULL smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\Administrateur%PASSWORD Failed to open \test.txt: NT_STATUS_ACCESS_DENIED smbcacls -C es1kr\Administrateur\%Qy //10.10.180.169/Rahulk\ test /test.txt -U es1kr\\Administrateur%PASSWORD Failed to open \test.txt: NT_STATUS_ACCESS_DENIED === Although Administrator is not a owner of the file, it should be able to take ownership at any time. But this is not happening. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to change owner of the file through smbcacls
I am correcting previous statement: Although Administrator is not owner of the file, it can take ownership at any time. But this is not happening On Wed, 23 Mar 2011 15:11:13 +0530 " Katariya Rahul " <rahulrahu...@rediffmail.com> wrote >Hi > >I am unable to change owner to Administrator of the file through smbcacls command. > >CIFS share is in french domain. > >SMBACLS for the file are: >== > smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\èç�®ôû%èç�®ôû >REVISION:1 >OWNER:ES1KR+èç�®ôû >GROUP:ES1KR+Utilisa. du domaine >ACL:+Tout le monde:DENIED/0/0x000d0116 >ACL:ES1KR+èç�®ôû:ALLOWED/0/FULL > > > > smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy >Failed to open \test.txt: NT_STATUS_ACCESS_DENIED > > smbcacls -C es1kr\Administrateur\%Qy //10.10.180.169/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy >Failed to open \test.txt: NT_STATUS_ACCESS_DENIED > > >=== > >Although Administrator is not user, it can take ownership at any time. But this is not happening. > > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Unable to change owner of the file through smbcacls
Hi , I am unable to change owner to Administrator of the file through smbcacls command. CIFS share is in french domain. SMBACLS for the file are: == smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\èçîôû%èçîôû REVISION:1 OWNER:ES1KR+èçîôû GROUP:ES1KR+Utilisa. du domaine ACL:+Tout le monde:DENIED/0/0x000d0116 ACL:ES1KR+èçîôû:ALLOWED/0/FULL smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy Failed to open \test.txt: NT_STATUS_ACCESS_DENIED smbcacls -C es1kr\Administrateur\%Qy //10.10.180.169/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy Failed to open \test.txt: NT_STATUS_ACCESS_DENIED === Although Administrator is not user, it can take ownership at any time. But this is not happening. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba