thanks for your answer. I don't think it's a permission issue, as the script is invoked as root and I don't think it's changing its uid.
I've had a look into the code and what I see is, it's somewhat selective about the method to set ACLs depending on the filesystem AFAIR. The stack trace only shows the python part. The actual error results from C code. Setting ACLs using a windows client seems to work. Furthermore, if I'm mounting the glusterfs volume, in the mount list, the acl option is not shown. I think somewhere a decision about the availabilty of ACLs is going wrong. Very funny, at one occasion it did work, though complaining after minutes of activity, and ACLs were present after that (can't tell if they're correct). But this part is not well reproducable. In fact there is no reasonable way to do a sysvolreset at the moment, lengthening my list of issues. Andreas On 06.03.13 17:44, Mr J Potter wrote: > Hi, > I had similar problems with gluster. I set up a gluster sysvol first > then tried provisioning and it failed with the same error. So it maybe > to do with permissions on the sysvol folder itself? > > It worked if I set up dc and bdc each with local sysvols then moved them > onto gluster. > > Jim > > On Mar 3, 2013 5:32 PM, "Andreas Gaiser/L" <[email protected] > <mailto:[email protected]>> wrote: >> >> Hi, >> >> >> I'm trying to setup a domain with two DCs based on 4.0.3. Following some >> hint, I wanna use glusterfs for the sysvol. Glusterfs it runs nicely. I >> can set acls on both machines using setfacl and the other one lists them >> almost immediately with getfacl. >> >> But running "samba-tool ntacl sysvolreset is failing badly giving the >> following error. >> >> In a later attempt, without significant changes I remember, the script >> more or less seemed to work and created indeed ACEs, but still came up >> with this error after some minutes. >> >> root@dc1:~# samba-tool ntacl sysvolreset >> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_NOT_SUPPORTED. >> ERROR(runtime): uncaught exception - (-1073741637, >> 'NT_STATUS_NOT_SUPPORTED') >> File >> "/opt/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py", line >> 175, in _run >> return self.run(*args, **kwargs) >> File "/opt/samba/lib/python2.6/site-packages/samba/netcmd/ntacl.py", >> line 214, in run >> lp, use_ntvfs=use_ntvfs) >> File >> "/opt/samba/lib/python2.6/site-packages/samba/provision/__init__.py", >> line 1563, in setsysvolacl >> setntacl(lp,sysvol, SYSVOL_ACL, str(domainsid), use_ntvfs=use_ntvfs, >> skip_invalid_chown=True, passdb=s4_passdb) >> File "/opt/samba/lib/python2.6/site-packages/samba/ntacls.py", line >> 154, in setntacl >> smbd.set_nt_acl(file, security.SECINFO_OWNER | >> security.SECINFO_GROUP | security.SECINFO_DACL | > security.SECINFO_SACL, sd) >> >> Running mount is showing the target fs without ACLs, although they do >> work, as said before, and although I do have mounted the fs using -o >> acl,rw. The underlying ext3 fs is of cause running with acls enabled, >> too. This is what mount looks like for the involved fs's: >> >> fusectl on /sys/fs/fuse/connections type fusectl (rw) >> /dev/xvda3 on /var/glusterfs/brick1 type ext3 (rw,acl,user_xattr) >> localhost:/dc-vol on /export/dc-vol type fuse.glusterfs >> (rw,allow_other,max_read=131072) >> >> >> Andreas >> -- >> Andreas Gaiser, Berlin, Germany >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
