On Thu, Feb 26, 2009 at 7:36 PM, Günter Kukkukk <[email protected]> wrote: > Am Freitag, 27. Februar 2009 schrieb Steven Truong: >> Dear, all. I am pulling my hair because I could not find any error >> messsages that could point me to a fix to my problem. >> >> The directory I want to share was mounted on /home with drbd and >> heartbeat but then my users could not access any shares / their home >> directories. However, if I set up shares else where on my box like >> share under /opt or /usr/local, then the same users would be able to >> access these directories with out any error. >> >> I ran strace and smbd seemed unable to access/stat the /home and >> shares under home. I looked into the access log of the client machine >> and found out that the error was share "does not exist or permission >> denied". I would say that from my investigation of this problem, it >> is clear that smbd could not see /home and its share. >> >> Even though I set up my samba server as a standalone and authenticate >> all users directly to openldap directory but my users clearly have >> been able to access share that are not under /home (that were mounted >> on /opt or /usr/local). >> >> >> [r...@polaris2 home]# strace -f /etc/init.d/smb start >> >> [pid 4646] geteuid32() = 10024 >> [pid 4646] stat64("/home/share2", 0xbfc79dc8) = -1 EACCES (Permission >> denied) >> [pid 4646] time(NULL) = 1235688608 >> [pid 4646] stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2819, >> ...}) >> = 0 >> [pid 4646] geteuid32() = 10024 >> [pid 4646] write(22, "[2009/02/26 14:50:08, 0] smbd/s"..., 68) = 68 >> [pid 4646] geteuid32() = 10024 >> [pid 4646] write(22, " \'/home/share2\' does not exist "..., 110) = 110 >> >> [r...@polaris2 home]# tailf /var/log/samba/user-39.log >> ..... >> [2009/02/26 14:50:08, 0] smbd/service.c:make_connection_snum(1078) >> Can't become connected user! >> [2009/02/26 14:50:08, 0] smbd/service.c:make_connection_snum(1152) >> '/home/share2' does not exist or permission denied when connecting >> to [share2] Error was Permission denied >> ... >> >> >> [r...@polaris2 samba]# testparm >> Load smb config files from /usr/local/stow/samba-3.2.5/etc/samba/smb.conf >> Processing section "[share1]" >> Processing section "[share2]" >> Processing section "[homes]" >> Loaded services file OK. >> Server role: ROLE_STANDALONE >> Press enter to see a dump of your service definitions >> >> [global] >> workgroup = MYNETWORK >> netbios name = POLARIS >> server string = polaris >> interfaces = lo, eth1 >> bind interfaces only = Yes >> passdb backend = ldapsam:ldaps://ldapvm.mynetwork.com >> syslog = 4 >> log file = /var/log/samba/%m.log >> max log size = 500 >> name resolve order = wins bcast host >> deadtime = 10 >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >> load printers = No >> printcap name = /etc/printcap >> disable spoolss = Yes >> show add printer wizard = No >> add user script = /usr/sbin/smbldap-useradd -m "%u" >> add group script = /usr/sbin/smbldap-groupadd -p "%g" >> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" >> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" >> "%g" >> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" >> add machine script = /usr/sbin/smbldap-useradd -w "%u" >> logon path = "" >> logon home = "" >> os level = 0 >> local master = No >> domain master = No >> dns proxy = No >> ldap admin dn = cn=Manager,dc=mynetwork,dc=com >> ldap group suffix = ou=groups >> ldap passwd sync = Yes >> ldap suffix = dc=mynetwork,dc=com >> ldap user suffix = ou=people >> valid users = user1, user2, user3 >> hosts allow = 127., 192.168.10. >> >> [share1] >> comment = share1 on polaris >> path = /opt/QB >> read only = No >> create mask = 0664 >> directory mask = 0775 >> inherit permissions = Yes >> >> [share2] >> comment = share2 on polaris >> path = /home/share2 >> read only = No >> create mask = 0664 >> directory mask = 0775 >> inherit permissions = Yes >> >> [homes] >> valid users = %S >> read only = No >> inherit permissions = Yes >> browseable = No >> --------------------------------------------- >> [r...@polaris2 samba]# df >> Filesystem 1K-blocks Used Available Use% Mounted on >> /dev/md0 1524876 342648 1103516 24% / >> /dev/md6 3049960 456616 2435916 16% /opt >> /dev/md5 505508 10559 468850 3% /tmp >> /dev/md3 6092288 2155656 3622168 38% /usr >> /dev/md4 10153912 545084 9084716 6% /usr/local >> /dev/md2 4061440 550224 3301576 15% /var >> /dev/md1 256586 26682 216656 11% /boot >> tmpfs 1037772 0 1037772 0% /dev/shm >> /dev/drbd0 212232684 191988 201259812 1% /home >> >> [r...@polaris2 samba]# mount >> /dev/md0 on / type ext3 (rw) >> proc on /proc type proc (rw) >> sysfs on /sys type sysfs (rw) >> devpts on /dev/pts type devpts (rw,gid=5,mode=620) >> /dev/md6 on /opt type ext3 (rw) >> /dev/md5 on /tmp type ext3 (rw) >> /dev/md3 on /usr type ext3 (rw) >> /dev/md4 on /usr/local type ext3 (rw) >> /dev/md2 on /var type ext3 (rw) >> /dev/md1 on /boot type ext3 (rw) >> tmpfs on /dev/shm type tmpfs (rw) >> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) >> /dev/drbd0 on /home type ext3 (rw) >> >> [r...@polaris2 samba]# ls /home/ >> a lost+found share2 testuser >> [r...@polaris2 samba]# cd /home/ >> [r...@polaris2 home]# !echo >> echo "Hello world" > b >> [r...@polaris2 home]# ls >> a b lost+found share2 testuser >> [r...@polaris2 home]# cat b >> Hello world >> [r...@polaris2 home]# cd share2 >> [r...@polaris2 share2]# ls >> a >> [r...@polaris2 share2]# rm a >> rm: remove regular empty file `a'? y >> [r...@polaris2 share2]# !echo >> echo "Hello world" > b >> [r...@polaris2 share2]# echo "Hello world" > c >> [r...@polaris2 share2]# cat c >> Hello world >> [r...@polaris2 home]# ls -laht share2 >> total 12K >> drwxr-xr-x 2 masistin humanresource 4.0K Feb 26 14:46 . >> -rw-r--r-- 1 masistin humanresource 12 Feb 26 14:46 c >> drwxrwx--- 9 root root 4.0K Feb 26 14:45 .. >> >> Could somebody take help me to solve this problem? >> >> Thank you in advance, >> Steven. > > are you running selinux or similar stuff on that box? > Subdir /home is then usually protected and you must > configure those "security observers". > Cheers, Günter > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Hi. I disabled selinux on this Centos box and I just do not think this is the case because I have a bunch of other Centos boxes running on my network and Samba on these boxes serve the /home directories to my users. This box is different since its /home directory is mounted under drbd. Steven. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
