Re: [Samba] new group memberships not receognized

2009-11-24 Thread Volker Lendecke 
On Tue, Nov 24, 2009 at 02:34:07PM -0500, Daulton Theodore wrote:
> I have a peculiar problem. I am running samba 3.0.23a on a solaris 9 box. I
> am attempting to create a create a folder on a share and restrict access to 

Go get a real OS. Ditch Solaris. For the reasons, look at
Jeremy's and my comments in

https://bugzilla.samba.org/show_bug.cgi?id=6753

Volker


pgpVmBrdzOU5i.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] new group memberships not receognized

2009-11-24 Thread Daulton Theodore 
Hi all! 

I have a peculiar problem. I am running samba 3.0.23a on a solaris 9 box. I
am attempting to create a create a folder on a share and restrict access to 
a selected number of staff members. I created a new group named libssc with
gid 2013. I then created the folder named SSC belonging to the group libssc 
and with permissions 770. When I attempt save a file to the folder I get the
error message 'I:\SSC is not accessible. Access is denied.'

Looking through the log file I notice the group 2013 is not being listed as 
one of my supplementary groups. Has anyone encountered this before? I have 
done this procedure several time in the past but I am encountering problems 
this time around.

Here are some excerpts from the log file:

  params.c:pm_process() - Processing configuration file 
"/usr/local/samba3/lib/smb.conf"
[2009/11/24 13:56:42, 3] param/loadparm.c:do_section(3687)
  Processing section "[globals]"
[2009/11/24 13:56:42, 5] lib/debug.c:debug_dump_status(391)
  INFO: Current debug levels:
all: True/5
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
  doing parameter syslog = 2
  doing parameter log file = /usr/local/samba3/var/log.%m:%U:%I
  doing parameter max log size = 2000
  doing parameter debug timestamp = yes
  doing parameter printing = SYSV
  doing parameter load printers = yes
  doing parameter lprm command = cancel %p-%j
  doing parameter use client driver = yes
[2009/11/24 13:56:42, 2] param/loadparm.c:do_section(3704)



[2009/11/24 13:56:42, 2] param/loadparm.c:do_section(3704)
  Processing section "[deptshr]"
  doing parameter comment = %g Shared Directory
  doing parameter path = /files1/user/%g/common
  doing parameter read only = no
  doing parameter create mask = 0770
  doing parameter force create mode = 0770
  doing parameter directory mask = 0770
  doing parameter writable = yes
  doing parameter browseable = yes
  doing parameter invalid users = +circdesk



[2009/11/24 13:56:43, 5] auth/auth_util.c:debug_nt_user_token(455)
  NT user token of user S-1-22-1-2223
  contains 20 SIDs
  SID[  0]: S-1-22-1-2223
  SID[  1]: S-1-5-21-2267612611-771306602-3073650580-3043
  SID[  2]: S-1-1-0
  SID[  3]: S-1-5-2
  SID[  4]: S-1-5-11
  SID[  5]: S-1-5-21-2267612611-771306602-3073650580-3001
  SID[  6]: S-1-5-21-2267612611-771306602-3073650580-3003
  SID[  7]: S-1-5-21-2267612611-771306602-3073650580-3011
  SID[  8]: S-1-5-21-2267612611-771306602-3073650580-3013
  SID[  9]: S-1-5-21-2267612611-771306602-3073650580-3017
  SID[ 10]: S-1-5-21-2267612611-771306602-3073650580-3025
  SID[ 11]: S-1-5-21-2267612611-771306602-3073650580-3037
  SID[ 12]: S-1-5-21-2267612611-771306602-3073650580-3041
  SID[ 13]: S-1-5-21-2267612611-771306602-3073650580-3045
  SID[ 14]: S-1-5-21-2267612611-771306602-3073650580-3047
  SID[ 15]: S-1-5-21-2267612611-771306602-3073650580-3051
  SID[ 16]: S-1-5-21-2267612611-771306602-3073650580-3053
  SID[ 17]: S-1-5-21-2267612611-771306602-3073650580-5011
  SID[ 18]: S-1-5-21-2267612611-771306602-3073650580-5021
  SID[ 19]: S-1-5-21-2267612611-771306602-3073650580-3039
  SE_PRIV  0x0 0x0 0x0 0x0
[2009/11/24 13:56:43, 5] auth/auth_util.c:debug_unix_user_token(475)
  UNIX token of user 2223
  Primary group is 1021 and contains 16 supplementary groups
  Group[  0]: 1021
  Group[  1]: 1000
  Group[  2]: 1001
  Group[  3]: 1005
  Group[  4]: 1006
  Group[  5]: 1008
  Group[  6]: 1012
  Group[  7]: 1018
  Group[  8]: 1020
  Group[  9]: 1022
  Group[ 10]: 1023
  Group[ 11]: 1025
  Group[ 12]: 1026
  Group[ 13]: 2005
  Group[ 14]: 2010
  Group[ 15]: 1019
[2009/11/24 13:56:43, 5] smbd/uid.c:change_to_user(260)
  change_to_user uid=(0,2223) gid=(0,1021)
[2009/11/24 13:56:43, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/11/24 13:56:43, 5] auth/auth_util.c:debug_nt_user_token(449)
  NT user token: (NULL)
[2009/11/24 13:56:43, 5] auth/auth_util.c:debug_unix_user_token(475)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2009/11/24 13:56:43, 5] smbd/uid.c:change_to_root_user(275)


Thanks in advance for any help.
-- 
--- 0 
Daulton Theodore  https://lists.samba.org/mailman/options/samba