Hallo Holger,
Wie hast du den migriert?
Da dies unsere Service-Firma gemacht hat, kenne ich nicht alle Details.
Per NFS?
Per Backupplatte?
per NAS
Welches Dateisystem hatte die?
Und jetzt müssen wir herausbekommen, wo die Rechte falsch sind.
Dazu betrachten wir zwei Ebenen:
1) samba: poste mal bitte deine /etc/samba/smb.conf und die
/etc/samba/smb.conf.shares
------------schnip ---------------smb.conf--------------------
[global]
## Browsing/Identification ###
# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = SCHULE
# server string is the equivalent of the NT Description field
# server string = Linux %h mit Samba %v
server string = Samba %v on (%L)
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
wins support = yes
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z
# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no
# What naming service and in what order should we use to resolve host names
# to IP addresses
; name resolve order = lmhosts host wins bcast
#### Debugging/Accounting ####
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
log level = 0
# Put a capping on the size of the log files (in Kb).
max log size = 1000
# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
; syslog only = no
# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
syslog = 0
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
####### Authentication #######
# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/ServerType.html in the samba-doc
# package for details.
; security = user
# You may wish to use password encryption. See the section on
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
encrypt passwords = true
ldap ssl = Off
ldap replication sleep = 5000
ldap admin dn = cn=admin,dc=paedml-linux,dc=lokal
ldap suffix = dc=paedml-linux,dc=lokal
ldap group suffix = ou=groups
ldap user suffix = ou=accounts
ldap machine suffix = ou=machines
passdb backend = ldapsam:ldap://localhost
obey pam restrictions = no
guest account = nobody
# username map = /etc/samba/username.map
# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
; unix password sync = yes
# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Augustin Luton <[email protected]>
for
# sending the correct chat script for the passwd program in Debian Potato).
passwd program = /usr/sbin/sophomorix-passwd --interactive --user %u
passwd chat = *New*password*:* %n\n *Retype*new*password*:* %n\n
# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
; pam password change = no
########## Printing ##########
# If you want to automatically load your printer list rather
# than setting them up individually then you'll need this
load printers = no
# lpr(ng) printing. You may wish to override the location of the
# printcap file
; printing = bsd
; printcap name = /etc/printcap
# CUPS printing. See also the cupsaddsmb(8) manpage in the
# cupsys-client package.
printing = cups
printcap name = cups
# When using [print$], root is implicitly a 'printer admin', but you can
# also give this right to other users to add drivers and set printer
# properties
# printer admin = root
######## File sharing ########
# Name mangling options
; preserve case = yes
; short preserve case = yes
#### linuxmuster settings ####
# interfaces = 10.16.1.1/255.240.0.0 127.0.0.1/255.0.0.0
domain logons = Yes
admin users = domadmin
unix charset = UTF8
dos charset =
logon script = login.bat
time server = Yes
logon path =
logon home = \\%L\%u
use sendfile = No
os level = 99
wide links = No
# server side cifs configuration
unix extensions = yes
map archive = No
delete readonly = Yes
case sensitive = auto
mangled names = no
# fix for #56 & #64
winbind enum users = yes
winbind enum groups = yes
unix password sync = no
ldap passwd sync = No
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
#delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
############ Misc ############
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
; include = /home/samba/etc/smb.conf.%m
# Most people will find that this option gives better performance.
# See smb.conf(5) and /usr/share/doc/samba-doc/htmldocs/speed.html
# for details
# You may want to add the following on a Linux system:
# SO_RCVBUF=8192 SO_SNDBUF=8192
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
# Domain Master specifies Samba to be the Domain Master Browser. If this
# machine will be configured as a BDC (a secondary logon server), you
# must set this to 'no'; otherwise, the default behavior is recommended.
domain master = Yes
# enable hostname lookups, for example when using smbstatus
hostname lookups = Yes
# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash
# including your own global configuration
include = /etc/samba/smb.conf.global
#======================= Share Definitions =======================
[homes]
comment = Heimatverzeichnis
browseable = no
# administrator is able to do housekeeping
admin users = administrator
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
writable = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
# create mode = 2644
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
# directory mode = 2755
# linuxmuster settings
path = %H
valid users = %S
root preexec = samba-userlog --log=in --username=%U --hostname=%I
--homedir=%H
root postexec = samba-userlog --log=out --username=%U --hostname=%I
--homedir=%H
veto files = /.locked/.htaccess/
delete veto files = no
hide files = /$RECYCLE.BIN/desktop.ini/
# Un-comment the following and create the netlogon directory for Domain
Logons
# (you need to configure Samba to act as a domain controller too.)
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = yes
writable = no
hide unreadable = Yes
force create mode = 664
write list = @domadmins
force group = domadmins
#[printers]
# comment = All Printers
# browseable = no
# path = /tmp
# printable = yes
# public = no
# writable = no
# create mode = 0700
# Windows clients look for this share name as a source of downloadable
# printer drivers
#[print$]
# comment = Printer Drivers
# path = /var/lib/samba/printers
# browseable = yes
# read only = yes
# guest ok = no
# force group = printoperators
# create mask = 664
# directory mode = 775
# Uncomment to allow remote administration of Windows print drivers.
# Replace 'ntadmin' with the name of the group your admin users are
# members of.
# write list = @ntadmin
[pgm]
comment = Programme
path = /home/samba/progs
writable = no
write list = @domadmins
force group = domadmins
force create mode = 664
force directory mode = 775
guest ok = Yes
[cdrom]
comment = CDs
path = /home/samba/cds
force group = domadmins
force create mode = 664
force directory mode = 775
write list = @domadmins
writable = no
guest ok = Yes
[linbo-repo]
comment = LINBO Images
path = /var/linbo
wide links = yes
write list = administrator,linbo
valid users = administrator,linbo
admin users = administrator,linbo
writable = no
guest ok = no
# following shares are only used by linux clients
[students]
comment = Schülerverzeichnisse
path = /home/students
writeable = no
write list = administrator,@teachers
valid users = administrator,@teachers
admin users = administrator
browseable = No
guest ok = No
[shares]
comment = Tauschen
admin users = administrator
path = /home/share
inherit acls = Yes
hide unreadable = Yes
writeable = Yes
guest ok = No
hide files =
/classes/desktop.ini/exams/projects/school/subclasses/teachers/
force create mode = 2644
force directory mode = 2755
[tasks]
comment = Vorlagen
path = /var/cache/sophomorix/tasks
writeable = no
write list = administrator,@teachers
admin users = administrator
inherit acls = Yes
hide unreadable = Yes
hide files = /classes/desktop.ini/projects/rooms/subclasses/teachers/
browseable = No
guest ok = No
[backup]
comment = Backups
path = /media/backup
valid users = administrator
browseable = No
guest ok = No
# including your own share definitions
include = /etc/samba/smb.conf.shares
------------schnap ---------------smb.conf--------------------
------------schnip ---------------smb.conf.shares--------------------
# $Id: smb.conf.shares 1099 2011-07-16 10:40:45Z tschmitt $
# program share with write permissions
;[pgmw]
; comment = Windows Programs with write perms
; path = /home/samba/pgmw
; admin users = @domadmins
; writeable = Yes
; guest ok = No
# add your own shares here
[homes]
comment = Home Directories
browseable = no
# Falls Mehrfachanmeldung möglich sein soll,
# folgende Zeile auskommentieren (Ga/MM)
# max connections = 1
# administrator is able to do housekeeping
admin users = administrator
[snapshots]
comment = Snapshots
admin users = administrator
path = /home/snapshots
writeable = no
create mode = 2664
directory mode = 2775
browseable = Yes
guest ok = Yes
# schreibbar fuer teachers und admin
[snapshots-upload]
comment = Snapshots-Upload
admin users = administrator
path = /home/snapshots-upload
writeable = no
write list = administrator,@teachers
create mode = 2664
directory mode = 2775
browseable = Yes
guest ok = Yes
# By default, the home directories are exported read-only. Change next
# parameter to 'yes' if you want to be able to write to them.
writable = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mode = 2644
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mode = 2755
# linuxmuster settings
wide links = Yesls
path = %H
valid users = %S
root preexec = samba-userlog --log=in --username=%U --hostname=%I
--homedir=%H
root postexec = samba-userlog --log=out --username=%U --hostname=%I
--homedir=%H
veto files = /.locked/.htaccess/
delete veto files = no
# Un-comment the following and create the netlogon directory for Domain
Logons
# (you need to configure Samba to act as a domain controller too.)
# A sample share for sharing your CD-ROM with others.
;[cdrom]
; comment = Samba server's CD-ROM
; writable = no
; locking = no
; path = /cdrom
; public = yes
# The next two parameters show how to auto-mount a CD-ROM when the
# cdrom share is accesed. For this to work /etc/fstab must contain
# an entry like this:
#
# /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
#
# The CD-ROM gets unmounted automatically after the connection to the
#
# If you don't want to use auto-mounting/unmounting make sure the CD
# is mounted on /cdrom
#
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom
------------schnap ---------------smb.conf.shares--------------------
2) Dateisystem: poste mal die Ausgabe von
ls -al/home/
drwxr-xr-x 8 root root 4096 Jan 9 22:17 .
drwxr-xr-x 27 root root 4096 Mär 12 22:12 ..
drwxr-xr-x 48 linuxadmin linuxadmin 4096 Feb 27 14:44 linuxadmin
drwx--x--x 4 lightdm lightdm 4096 Sep 20 2013 samba
drwxr-xr-x 46 schueler schueler 4096 Feb 16 12:27 schueler
drwxr-xr-x+ 8 root domadmins 0 Sep 10 2014 share
drwx--x--x 3 lightdm lightdm 4096 Mär 10 06:45 students
ls -al /home/shares
drwxr-xr-x+ 8 root domadmins 0 Sep 10 2014 .
drwxr-xr-x 8 root root 4096 Jan 9 22:17 ..
drwxrwxr-x 69 root root 0 Feb 17 15:29 classes
drwxrwxr-x 2 root root 0 Jul 31 2008 exams
lrwxrwxrwx 1 root root 7 Feb 24 14:29 Klassen -> classes
drwxrwxr-x 36 root root 0 Feb 13 21:35 projects
lrwxrwxrwx 1 root root 8 Feb 24 14:29 Projekte -> projects
drwxrwsrwt 14 administrator teachers 0 Mär 11 08:49 school
lrwxrwxrwx 1 root root 6 Feb 24 14:29 Schule -> school
drwxrwxr-x 2 root root 0 Jul 31 2008 subclasses
Schon mal vielen Dank fürs Drüberschauen!
Viele Grüße
Jürgen
_______________________________________________
linuxmuster-user mailing list
[email protected]
https://mail.lehrerpost.de/mailman/listinfo/linuxmuster-user
