On Tue, 24 Feb 2004, Daniel Meyer wrote: > Guess i am missing something here. > > on my system the pipe has the following permissions: > > proxy:/var/locks/winbindd_privileged # ls -alp > total 0 > drwxr-x--- 2 root root 72 Feb 24 10:52 ./ > drwxrwxrwx 4 root root 352 Feb 24 10:52 ../ > srwxrwxrwx 1 root root 0 Feb 24 10:52 pipe= > > If i try to change the permissions of the directory itself, so that > the squid user can access it, winbindd fails to start: > > proxy:/var/locks # winbindd -i > winbindd version 3.0.2 started. > Copyright The Samba Team 2000-2004 > Added domain whatever whatever.Lokal S-1-5-21-3284267766-540466896-523501128 > invalid permissions on socket directory /var/locks/winbindd_privileged > open_winbind_socket: No such file or directory > > Doesnt matter if i try to change owner/group, or just the rwx > permissions for owner/group/all...
Only root should have w. The other users who should be allowed to access this directory should have x and optionally r. Recommended method is to create a group for winbind authentication and make sure all services requiring this interface (i.e. Squid) is running with this group. chgrp winbind /path/to/winbindd_privileged chmod 750 /path/to/winbindd_privileged (if you have changed the permissions) change Squid to run with group winbind Or if access to the OS of your server is restricted you can take the easy path out and allow all users access to winbindd_privileged chmod 755 /path/to/winbindd_privileged Regards Henrik
