Do you have extended attributes enabled on your glusterfs filesystem? Out of curiosity, what version of glusterfs are you seeing this problem?
On 03/06/2013 04:21 PM, Andreas Gaiser wrote: > thanks for your answer. > > I don't think it's a permission issue, as the script is invoked as root > and I don't think it's changing its uid. > > I've had a look into the code and what I see is, it's somewhat selective > about the method to set ACLs depending on the filesystem AFAIR. The > stack trace only shows the python part. The actual error results from C > code. Setting ACLs using a windows client seems to work. > > Furthermore, if I'm mounting the glusterfs volume, in the mount list, > the acl option is not shown. > > I think somewhere a decision about the availabilty of ACLs is going wrong. > > Very funny, at one occasion it did work, though complaining after > minutes of activity, and ACLs were present after that (can't tell if > they're correct). But this part is not well reproducable. In fact there > is no reasonable way to do a sysvolreset at the moment, lengthening my > list of issues. > > Andreas > > On 06.03.13 17:44, Mr J Potter wrote: >> Hi, >> I had similar problems with gluster. I set up a gluster sysvol first >> then tried provisioning and it failed with the same error. So it maybe >> to do with permissions on the sysvol folder itself? >> >> It worked if I set up dc and bdc each with local sysvols then moved them >> onto gluster. >> >> Jim >> >> On Mar 3, 2013 5:32 PM, "Andreas Gaiser/L" <[email protected] >> <mailto:[email protected]>> wrote: >>> Hi, >>> >>> >>> I'm trying to setup a domain with two DCs based on 4.0.3. Following some >>> hint, I wanna use glusterfs for the sysvol. Glusterfs it runs nicely. I >>> can set acls on both machines using setfacl and the other one lists them >>> almost immediately with getfacl. >>> >>> But running "samba-tool ntacl sysvolreset is failing badly giving the >>> following error. >>> >>> In a later attempt, without significant changes I remember, the script >>> more or less seemed to work and created indeed ACEs, but still came up >>> with this error after some minutes. >>> >>> root@dc1:~# samba-tool ntacl sysvolreset >>> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_NOT_SUPPORTED. >>> ERROR(runtime): uncaught exception - (-1073741637, >>> 'NT_STATUS_NOT_SUPPORTED') >>> File >>> "/opt/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py", line >>> 175, in _run >>> return self.run(*args, **kwargs) >>> File "/opt/samba/lib/python2.6/site-packages/samba/netcmd/ntacl.py", >>> line 214, in run >>> lp, use_ntvfs=use_ntvfs) >>> File >>> "/opt/samba/lib/python2.6/site-packages/samba/provision/__init__.py", >>> line 1563, in setsysvolacl >>> setntacl(lp,sysvol, SYSVOL_ACL, str(domainsid), use_ntvfs=use_ntvfs, >>> skip_invalid_chown=True, passdb=s4_passdb) >>> File "/opt/samba/lib/python2.6/site-packages/samba/ntacls.py", line >>> 154, in setntacl >>> smbd.set_nt_acl(file, security.SECINFO_OWNER | >>> security.SECINFO_GROUP | security.SECINFO_DACL | >> security.SECINFO_SACL, sd) >>> Running mount is showing the target fs without ACLs, although they do >>> work, as said before, and although I do have mounted the fs using -o >>> acl,rw. The underlying ext3 fs is of cause running with acls enabled, >>> too. This is what mount looks like for the involved fs's: >>> >>> fusectl on /sys/fs/fuse/connections type fusectl (rw) >>> /dev/xvda3 on /var/glusterfs/brick1 type ext3 (rw,acl,user_xattr) >>> localhost:/dc-vol on /export/dc-vol type fuse.glusterfs >>> (rw,allow_other,max_read=131072) >>> >>> >>> Andreas >>> -- >>> Andreas Gaiser, Berlin, Germany >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
