Re: [Samba] Samba performance
On Wed, Jun 01, 2011 at 06:46:51PM -0700, Juan Pablo wrote: Hi Volker, I've removed the SO_RCVBUF=65536 SO_SNDBUF=65536 and the 3 other setting, reloaded samba and repeated the tests but still getting the same results for the local tests and also from Windows. I am getting the following results in MBytes/s: Test typeLocal (dd) Local (smbclient) Window 7 Case1161 101 63 Case2122 119 68 Case1: Read 1000 files 8 MByte each Case2: 4 processes each reading 1000 files of 8 MByte each Any idea how can I debug where the bottleneck is or why I get so low numbers when reading from Windows? strace the smbd process with strace -ttT. Network trace. Look at netstat -nt while the test is running. Send/Recv queues full? Run top, is the CPU fully busy? There's no silver bullet for performance tuning unfortunately, sorry. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Single sign on nivana
Given that I have currently have 6 member servers, I think that amount of ldap replication would be over-kill. I was considering one ldap slave. I will consult the Docs that Louis pointed me to and look at the winbind config. Thanks, Dp. On 1 June 2011 19:04, Dale Schroeder d...@briannassaladdressing.com wrote: Dermot, What Louis describes does indeed allow for single sign on. The non-PDC systems are no longer member servers in the truest sense, but rather, all become BDC's (security = user). If you do not wish to install ldap on all systems, then the options are to use winbind, or to use nss-ldap and pam-ldap instead. Either will allow for single sign on as true member servers (security = DOMAIN) to authenticate against the PDC. The former is well documented; the latter is much harder to find. Dale On 06/01/2011 10:21 AM, Dermot wrote: Thanks but I am not sure that I have made myself clear. I want to remove Windows NT from my production environment. I would like to use Samba as the PDC with ldap backend and some replication. So far in tests this all works EG, Window7 and WinXP can authenticate. I have one more thing I would like to achieve. I want files on the Samba member server to be owned by the domain user without having to add each domain user locally to the member server's /etc/passwd file. I don't think the articles you have suggested address how to do that. Dp. On 1 June 2011 12:37, L.P.H. van Bellebe...@bazuin.nl wrote: Wel setup ldap with replication. I have this setup and i use syncrepl for ldap replication. This is working for 5 years now. I manage my users and groups with the NT4 user manager. Look here. http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-bdc.html I use this setup : PDC - LDAP master server, BDC - LDAP slave server. My ldap slave is readonly. I use debian OS. look here for a nice example http://www.server-world.info/en/note?os=Debian_6.0p=sambaf=6 and look hier http://fr33co.wordpress.com/2009/02/19/replicacion-ldap-con-syncrepl-en-debian-lenny/ if you need other language put it in a translator ;-) Good luck. Louis -Oorspronkelijk bericht- Van: paik...@googlemail.com [mailto:samba-boun...@lists.samba.org] Namens Dermot Verzonden: 2011-06-01 13:04 Aan: samba@lists.samba.org Onderwerp: [Samba] Single sign on nivana Hi, I have Samba 3.5.6 that is running as a PDC for testing purposes. In my production environment I still use a NT4 domain and all the samba member server use domain security. One of the irritations I have with the Samba members set-up is that I have to add the users to the local server so that files created by a domain user are owned by them and not the guest account. Ideally I would like to add the users to the PDC alone and then if a domain user creates a file on a member server, when I viewed those file, either from a windows machine or from a shell on the member server, I could see who they belong to. I'm sure that there is a means of doing this, but I get gleam it from the docs. Can anyone advise me on the configuration I would need? Thank you, Dermot. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Single sign on nivana
Given that I have currently have 6 member servers, I think that amount of ldap replication would be over-kill. I was considering one ldap slave. I will consult the Docs that Louis pointed me to and look at the winbind config. You do not have to make every server an ldap server. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba serving sshfs shares: can't delete files
On 06/02/2011 03:58 AM, Jeremy Allison wrote: On Wed, Jun 01, 2011 at 02:02:03PM +0400, TLoD,Snake wrote: On 05/31/2011 10:26 PM, Jeremy Allison wrote: On Tue, May 31, 2011 at 07:43:16PM +0400, TLoD,Snake wrote: Hello! I have samba share on my sshfs-mounted folder. All works just fine except I can't delete files from sshfs unless they are in 0777 chmodded directory. Even if that files were putted trough smbclient. I can read files, write files (regardless their directory permissions) but not delete them. Here is my share config: [myshare] comment = shre over sshfs path = /home/kli/work/remotes/dev valid users = kli public = no writable = yes printable = no delete readonly = yes read only = no force group = kli force user = kli Post a debug level 10 log snippet of smbclient attempting to delete files. [2011/06/01 13:57:16, 3] param/loadparm.c:9039(lp_load_ex) lp_load_ex: refreshing parameters Sorry, this is the client log - I meant a debug level 10 log snipped from smbd when you're trying to delete files using smbclient. Jeremy. I hope this is right part of logfile cause it's quite large. [2011/06/02 14:08:00, 10] smbd/posix_acls.c:838(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-22-1-65534 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-- [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1e01ff [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 100 to (NT) 120089 [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 100 to (NT) 120089 [2011/06/02 14:08:00, 10] smbd/open.c:113(check_open_rights) check_open_rights: file examplelk.ru/aaa requesting 0x1 returning 0x1 (NT_STATUS_ACCESS_DENIED) [2011/06/02 14:08:00, 10] smbd/posix_acls.c:3372(posix_get_nt_acl) posix_get_nt_acl: called for file examplelk.ru [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2522(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-22-1-65534 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2011/06/02 14:08:00, 10] smbd/posix_acls.c:838(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-22-1-65534 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2011/06/02 14:08:00, 10] smbd/open.c:496(open_file) open_file: Access denied on file examplelk.ru/aaa [2011/06/02 14:08:00, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 0E005C70 [2011/06/02 14:08:00, 5] smbd/files.c:474(file_free) freed files structure 4932 (0 used) [2011/06/02 14:08:00, 10] smbd/open.c:3186(create_file_unixpath) create_file_unixpath: NT_STATUS_ACCESS_DENIED [2011/06/02 14:08:00, 10] smbd/open.c:3465(create_file_default) create_file: NT_STATUS_ACCESS_DENIED [2011/06/02 14:08:00, 10] smbd/reply.c:2402(do_unlink) SMB_VFS_CREATEFILE failed: NT_STATUS_ACCESS_DENIED [2011/06/02 14:08:00, 3] smbd/error.c:60(error_packet_set) error packet at smbd/reply.c(2637) cmd=6 (SMBunlink) NT_STATUS_ACCESS_DENIED -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba serving sshfs shares: can't delete files
On 06/02/2011 02:23 PM, TLoD,Snake wrote: On 06/02/2011 03:58 AM, Jeremy Allison wrote: On Wed, Jun 01, 2011 at 02:02:03PM +0400, TLoD,Snake wrote: On 05/31/2011 10:26 PM, Jeremy Allison wrote: On Tue, May 31, 2011 at 07:43:16PM +0400, TLoD,Snake wrote: Hello! I have samba share on my sshfs-mounted folder. All works just fine except I can't delete files from sshfs unless they are in 0777 chmodded directory. Even if that files were putted trough smbclient. I can read files, write files (regardless their directory permissions) but not delete them. Here is my share config: [myshare] comment = shre over sshfs path = /home/kli/work/remotes/dev valid users = kli public = no writable = yes printable = no delete readonly = yes read only = no force group = kli force user = kli Post a debug level 10 log snippet of smbclient attempting to delete files. [2011/06/01 13:57:16, 3] param/loadparm.c:9039(lp_load_ex) lp_load_ex: refreshing parameters Sorry, this is the client log - I meant a debug level 10 log snipped from smbd when you're trying to delete files using smbclient. Jeremy. I hope this is right part of logfile cause it's quite large. [2011/06/02 14:08:00, 10] smbd/posix_acls.c:838(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-22-1-65534 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-- [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1e01ff [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 100 to (NT) 120089 [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 100 to (NT) 120089 [2011/06/02 14:08:00, 10] smbd/open.c:113(check_open_rights) check_open_rights: file examplelk.ru/aaa requesting 0x1 returning 0x1 (NT_STATUS_ACCESS_DENIED) [2011/06/02 14:08:00, 10] smbd/posix_acls.c:3372(posix_get_nt_acl) posix_get_nt_acl: called for file examplelk.ru [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2522(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2011/06/02 14:08:00, 10] smbd/posix_acls.c:2535(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-22-1-65534 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2011/06/02 14:08:00, 10] smbd/posix_acls.c:838(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-22-1-65534 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-22-2-65534 gid 65534 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2011/06/02 14:08:00, 10] smbd/posix_acls.c:1116(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2011/06/02 14:08:00, 10] smbd/open.c:496(open_file) open_file: Access denied on file examplelk.ru/aaa [2011/06/02 14:08:00, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 0E005C70 [2011/06/02 14:08:00, 5] smbd/files.c:474(file_free) freed files structure 4932 (0 used) [2011/06/02 14:08:00, 10] smbd/open.c:3186(create_file_unixpath) create_file_unixpath: NT_STATUS_ACCESS_DENIED [2011/06/02 14:08:00, 10] smbd/open.c:3465(create_file_default) create_file: NT_STATUS_ACCESS_DENIED [2011/06/02 14:08:00, 10] smbd/reply.c:2402(do_unlink) SMB_VFS_CREATEFILE failed: NT_STATUS_ACCESS_DENIED [2011/06/02 14:08:00, 3] smbd/error.c:60(error_packet_set) error packet at smbd/reply.c(2637) cmd=6 (SMBunlink) NT_STATUS_ACCESS_DENIED Also I think I have to say that all files on remote server are owned by remote server's 'nobody'. As I saw in logfile samba tries to locate such a nobody locally which is wrong cause sshfs will handle translation local user (any local user due to 'allow_other' option) to remote
Re: [Samba] Unable to change owner of the file through smbcacls
I am able to change owner from User1 to Administrator at Domain Controller/active-directory machine. And after that from linux box, using smbcacls -C DOMAIN\\User1 .. command I am able to change owner from Administrator --gt; User1. But changing owner from User1 to Administrator using smbcacls is not working. nbsp; User1 is in Domain admins, Administrators , backup operators groupnbsp; in active directory. ~rahul On Wed, 23 Mar 2011 15:11:13 , Katariya Rahul lt;rahulrahu...@rediffmail.comgt; wrote Hi , I am unable to change owner to Administrator of the file through smbcacls command. CIFS share is in french domain. SMBACLS for the file are: == amp;nbsp;smbcacls -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\èçæreg;ôû%èçæreg;ôû REVISION:1 OWNER:ES1KR+èçæreg;ôû GROUP:ES1KR+Utilisa. du domaine ACL:+Tout le monde:DENIED/0/0x000d0116 ACL:ES1KR+èçæreg;ôû:ALLOWED/0/FULL amp;nbsp;smbcaclsamp;nbsp; -n //10.10.18.19/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy Failed to open \test.txt: NT_STATUS_ACCESS_DENIED amp;nbsp;smbcaclsamp;nbsp; -C es1kr\Administrateur\%Qy //10.10.180.169/Rahulk\ test /test.txt -U es1kr\\Administrateur%Qy Failed to open \test.txt: NT_STATUS_ACCESS_DENIED === Although Administrator is not user, it can take ownership at any time. But this is not happening. -- To unsubscribe from this list go to the following URL and read the instructions: nbsp;https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba performance
On 5/25/2011 10:02 PM, Juan Pablo wrote: OS access: Simultaneous read (4 processes): 118 MByte/s average Samba local access: Simultaneous read (4 processes): 102 MByte/s average Samba server from Windows 7: Simultaneous read (4 terminals): 70 MByte/s average The first two results above demonstrate a slow disk subsystem not suitable for streaming multiple files to multiple concurrent clients at high data rates. Your spindles are too slow and/or you don't have enough to satisfy your test methodology. Four concurrent dd copies yields 118 MB/s per process, only ~15% disk headroom above wire speed GbE. Your smbd+smbclient local process disk bandwidth overhead appears to be roughly 13 percent. I don't know what the optimal percent here should be but 13% above a dd copy process seems reasonable given the additional data movement through smbd and smbclient buffers. It is clear that you don't have enough head seek performance for 4 or more client streams of 1000 x 8MB files. This doesn't necessarily address the 30% drop in over the wire to Win7 client performance, but we'll get to that later. To confirm the disk deficiency issue, I recommend the following test: Make a 2GB tmpfs ramdisk on the server and run your tests against it, albeit with 200 instead of 1000 8MB files. Instructions: http://prefetch.net/blog/index.php/2006/11/30/creating-a-ramdisk-with-linux/ This will tell you if your server block storage subsystem is part of the problem, and will give you a maximum throughput per Samba process baseline. You should get something like 5GB/s+ local smbclient throughput from a tmpfs ramdisk on that Xeon platform with its raw 25GB/s memory bandwidth. Run a single Win7 workstation SMB test copy to a freshly booted machine so most of the memory is free for buffering the inbound files. This will mostly eliminate the slow local disk as a bottleneck. Now run your 4 concurrent Win7 client test and compare to the single client test results. This should tell you if you have a bonding problem or not, either in the server NICs or the switch. You didn't mention jumbo frames. Enable jumbo if not already. It may help. Something else to consider is that the kernel shipped with CentOS 5.6, 2.6.18, the Pirate kernel, is now 4.5 years old, released in Sept of 2006 (http://kerneltrap.org/node/7144). There have been just a few performance enhancements between 2.6.18 and 3.0, specifically to the network stack. ;) The CentOS packages are older than dirt as well. If you're not wed to CentOS you should look at more recent distros. -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba performance
Thanks a lot for the advice. It will run these tests and try to find meaningfull information from them. I will post back results. Thanks Juan Pablo From: Volker Lendecke volker.lende...@sernet.de To: Juan Pablo jhur...@yahoo.com Cc: Jeremy Allison j...@samba.org; samba@lists.samba.org Sent: Thu, June 2, 2011 3:49:17 AM Subject: Re: [Samba] Samba performance On Wed, Jun 01, 2011 at 06:46:51PM -0700, Juan Pablo wrote: Hi Volker, I've removed the SO_RCVBUF=65536 SO_SNDBUF=65536 and the 3 other setting, reloaded samba and repeated the tests but still getting the same results for the local tests and also from Windows. I am getting the following results in MBytes/s: Test typeLocal (dd) Local (smbclient) Window 7 Case1161 101 63 Case2122 119 68 Case1: Read 1000 files 8 MByte each Case2: 4 processes each reading 1000 files of 8 MByte each Any idea how can I debug where the bottleneck is or why I get so low numbers when reading from Windows? strace the smbd process with strace -ttT. Network trace. Look at netstat -nt while the test is running. Send/Recv queues full? Run top, is the CPU fully busy? There's no silver bullet for performance tuning unfortunately, sorry. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind issue with Windows 2008 R2 - domain trusts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/01/2011 04:24 PM, Terry wrote: On Wed, Jun 1, 2011 at 3:21 PM, Terry td3...@gmail.com wrote: Hello, I have a problem that just propped up after our windows admin did some work. �He introduced some new domain controllers and upgraded the domain to 2008 R2. �The primary domain that our linux boxes are in seems to work, it's trusted domains. �Here's an example domain: FOO.BAR.LOCAL The boxes are in the FOO domain and I can getent passwd and see accounts in there fine. �I used to be able see accounts in BAR as well but now can't. I am using samba-3.0.33-3.29.el5_5.1 on RHEL5.2. Here's an error I see in the logs. �Not sure Jun �1 15:16:01 omadvdss01a winbindd[10772]: [2011/06/01 15:16:01, 0] rpc_client/cli_pipe.c:rpc_api_pipe(790) Jun �1 15:16:01 omadvdss01a winbindd[10772]: � rpc_api_pipe: Remote machine foodc03.foo.bar.local pipe \NETLOGON fnum 0x3returned critical error. Error was NT_STATUS_PIPE_DISCONNECTED That domain controller referenced in the logs is a new DC he added. All windows operations appear to be normal. Thoughts? Thanks! Sorry for replying to my own post so early here. I removed that domain controller from my smb.conf and that appears to have fixed things. Anyone have an idea on what the issue could be? Terry, The version of samba is quite old and unsupported upstream by the samba team. There were many issues with that version and 2008 AD controllers. RHEL 5.5 on up uses a more up to date version of samba and you can migrate to that. Red Hat's release notes detail it a bit more. There still may be ntlmv2 issues, but as long as there is kerberos access, things should be okay. - -- Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=getsearch=0xBA9DF9ED3E4C7D36 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk3nk9IACgkQup357T5MfTawZwCfedWvHYQC1SPwqHmw8QPB9n+h a6oAoLnslQNyG24ipnFxfoiefI+g2gX+ =1au8 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba vs Linux file permissions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I cannot find anything in the documentation or mailing list that addresses this oddity. I've installed Samba Version 3.4.7 on Ubuntu Server 10.04, and I'm utterly confused by samba's behavior regarding permissions. Users on the server have home directories in /home/chemgroup/username. (chemgroup is actually a symlink to another volume mounted at /labs/chemgroup.) Permissions on /lab/chemgroup are: drwxrwx---username chemgroup /labs/chemgroup Permissions on /lab/group/username are: drwxr-x---username chemgroup /labs/chemgroup/username Clearly, username has rights to write to /home/chemgroup/username, and can do so just fine via ssh. The Samba share is configured as follows: [chemgroup] comment = Chemistry Group Share path = /home/chemgroup valid users = @chemgroup public = no browseable = no writeable = yes printable = no force group = chemgroup create mask = 0660 directory mask = 0770 Note, username is a member of chemgroup. username can connect to \\server\chemgroup and can create new files and directories there. And username can navigate to the username folder within chemgroup. BUT, here's where it gets weird . . . username can create a new file within the chemgroup\username folder, but they cannot even change the name of the file they just created. And they can't delete the file they just created (and couldn't rename). This same behavior is even presented with Home directories, with the homes section looking like this: [homes] comment = Home Directories browseable = no read only = no create mask = 0640 directory mask = 0750 valid users = %S Thank you for any help or guidance. John - -- * - - - - * - - - - * - - - - * - - - - * - - - - * - - - - * - - - - * John Maher Senior Systems and Network Administrator Department of Biochemistry Molecular Biology and Department of Chemistry University of Massachusetts - Amherst voice: 413-577-3120 fax: 413-545-4490 OpenPGP Key ID: 0x2970A144 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3nn9kACgkQG+X1pClwoUQ4MwCaA0LA6XGt9mkOtkHwUfOrkrud 184AoKf+YL0oNNB3caqtEyvbLFe07i/H =Q2wx -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba serving sshfs shares: can't delete files
On Thu, Jun 02, 2011 at 02:33:21PM +0400, TLoD,Snake wrote: error packet at smbd/reply.c(2637) cmd=6 (SMBunlink) NT_STATUS_ACCESS_DENIED Also I think I have to say that all files on remote server are owned by remote server's 'nobody'. As I saw in logfile samba tries to locate such a nobody locally which is wrong cause sshfs will handle translation local user (any local user due to 'allow_other' option) to remote nobody (as it's mounted with remote nobody rights) itself. smbd has to check at open time to see if an unlink would succeed (it's just the way Windows does it :-( ). If all files are owned by 'nobody' and that user doesn't have write access into the directory that might explain your problem. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba performance
Hi Stan, Thanks for your feedback and suggestions! The disk subsystem is composed by: - 8 WD2002FAEX SATA 2TB hard drives (7200 RPM, 64MB cache, 4.2 ms avg latency) - 1 Intel RAID controller RS2BL080 with 512 MB configured with 1 virtual drive 12.7 TB (hardware RAID 5 with 1 MB stripe size, caches enabled, read-ahead enabled) In your experience, should I expect higher performance from this hardware? Will try the ramdisk test you are suggesting and post back the results. Thanks for the suggestion! I have jumbo frames enabled in the switches but windows drivers for the Intel network cards don't have the option to enable jumbo frames. I also tried raising the MTU in the linux server but performance was even worse (I thought this was related to the windows NIC driver not supporting MTUs larger than 1500). I also modified windows registry to manually enable smb2 protocol because it was not negotiating smb2. Do you think of any other optimization that can be done on the windows terminals? Thanks Juan Pablo From: Stan Hoeppner s...@hardwarefreak.com To: Juan Pablo jhur...@yahoo.com Cc: samba@lists.samba.org Sent: Thu, June 2, 2011 8:50:21 AM Subject: Re: [Samba] Samba performance On 5/25/2011 10:02 PM, Juan Pablo wrote: OS access: Simultaneous read (4 processes): 118 MByte/s average Samba local access: Simultaneous read (4 processes): 102 MByte/s average Samba server from Windows 7: Simultaneous read (4 terminals): 70 MByte/s average The first two results above demonstrate a slow disk subsystem not suitable for streaming multiple files to multiple concurrent clients at high data rates. Your spindles are too slow and/or you don't have enough to satisfy your test methodology. Four concurrent dd copies yields 118 MB/s per process, only ~15% disk headroom above wire speed GbE. Your smbd+smbclient local process disk bandwidth overhead appears to be roughly 13 percent. I don't know what the optimal percent here should be but 13% above a dd copy process seems reasonable given the additional data movement through smbd and smbclient buffers. It is clear that you don't have enough head seek performance for 4 or more client streams of 1000 x 8MB files. This doesn't necessarily address the 30% drop in over the wire to Win7 client performance, but we'll get to that later. To confirm the disk deficiency issue, I recommend the following test: Make a 2GB tmpfs ramdisk on the server and run your tests against it, albeit with 200 instead of 1000 8MB files. Instructions: http://prefetch.net/blog/index.php/2006/11/30/creating-a-ramdisk-with-linux/ This will tell you if your server block storage subsystem is part of the problem, and will give you a maximum throughput per Samba process baseline. You should get something like 5GB/s+ local smbclient throughput from a tmpfs ramdisk on that Xeon platform with its raw 25GB/s memory bandwidth. Run a single Win7 workstation SMB test copy to a freshly booted machine so most of the memory is free for buffering the inbound files. This will mostly eliminate the slow local disk as a bottleneck. Now run your 4 concurrent Win7 client test and compare to the single client test results. This should tell you if you have a bonding problem or not, either in the server NICs or the switch. You didn't mention jumbo frames. Enable jumbo if not already. It may help. Something else to consider is that the kernel shipped with CentOS 5.6, 2.6.18, the Pirate kernel, is now 4.5 years old, released in Sept of 2006 (http://kerneltrap.org/node/7144). There have been just a few performance enhancements between 2.6.18 and 3.0, specifically to the network stack. ;) The CentOS packages are older than dirt as well. If you're not wed to CentOS you should look at more recent distros. -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba performance
On 6/2/2011 2:24 PM, Juan Pablo wrote: Hi Stan, Thanks for your feedback and suggestions! You're welcome. Let's hope they're beneficial. The disk subsystem is composed by: - 8 WD2002FAEX SATA 2TB hard drives (7200 RPM, 64MB cache, 4.2 ms avg latency) - 1 Intel RAID controller RS2BL080 with 512 MB configured with 1 virtual drive 12.7 TB (hardware RAID 5 with 1 MB stripe size, caches enabled, read-ahead enabled) In your experience, should I expect higher performance from this hardware? That depends on your target workload(s). You're currently achieving single stream read performance of 780 MB/s, over 110MB/s per drive. That's a really good streaming read, close to peak drive read performance. The problem I see is when you have 4 readers (Win7 clients) reading 4,000 files each. If these are 16,000 unique files, not each Win7 machine reading the same 4,000 files, i.e. no cache benefit, then I don't think your disk heads are going be able to seek fast enough to service all the read requests and hit wire speed SMB. If your production load will be significantly less than this artificial test load, you may be fine. Will try the ramdisk test you are suggesting and post back the results. Thanks for the suggestion! The results should be informative, one way or the other. I have jumbo frames enabled in the switches but windows drivers for the Intel network cards don't have the option to enable jumbo frames. I also tried raising the MTU in the linux server but performance was even worse (I thought this was related to the windows NIC driver not supporting MTUs larger than 1500). Lack of jumbo frames is probably hurting your wire performance due to increased interrupt processing and other factors. I'm surprised some Intel NICs don't support jumbo frames. Must be desktop adapters. Can you post the model# of the NICs in the Win7 PCs and those in the server so I can do some research? I also modified windows registry to manually enable smb2 protocol because it was not negotiating smb2. Do you think of any other optimization that can be done on the windows terminals? I have no experience yet with SMB2 or Win7 so I can't really say. You should be able to tune that server and the clients to hit near wire speed with regular SMB. I suggest solving that problem first, then worry about SMB2. -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba vs Linux file permissions
Quoting John Maher (j...@chem.umass.edu): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I cannot find anything in the documentation or mailing list that addresses this oddity. I've installed Samba Version 3.4.7 on Ubuntu Server 10.04, and I'm utterly confused by samba's behavior regarding permissions. Users on the server have home directories in /home/chemgroup/username. (chemgroup is actually a symlink to another volume mounted at /labs/chemgroup.) Permissions on /lab/chemgroup are: How about looking in logfiles (first with log level to 3)? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 43ab5aa lib/tdb/python/tests/simple.py: don't assume TDB ordering. via 2f67fae samba3sam.py: don't assume order of ldb results. from e98fb2f Remove another PATH_MAX. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 43ab5aa390769ee9b57918cf5b57aa4a22586805 Author: Rusty Russell ru...@rustcorp.com.au Date: Thu Jun 2 14:19:38 2011 +0930 lib/tdb/python/tests/simple.py: don't assume TDB ordering. TDB2 can break this assumption. Signed-off-by: Rusty Russell ru...@rustcorp.com.au Autobuild-User: Rusty Russell ru...@rustcorp.com.au Autobuild-Date: Thu Jun 2 12:07:40 CEST 2011 on sn-devel-104 commit 2f67fae18be13f4bfce009e8639bab74383844cb Author: Rusty Russell ru...@rustcorp.com.au Date: Thu Jun 2 10:22:06 2011 +0930 samba3sam.py: don't assume order of ldb results. Switching to tdb2 breaks this test horribly, because it relied on the order of TDB1 traversal. Fix it to sort te results (by db), then check them. Signed-off-by: Rusty Russell ru...@rustcorp.com.au --- Summary of changes: lib/tdb/python/tests/simple.py|4 +- source4/scripting/python/samba/tests/samba3sam.py | 306 +++-- 2 files changed, 167 insertions(+), 143 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/python/tests/simple.py b/lib/tdb/python/tests/simple.py index f5484a0..99f31d2 100644 --- a/lib/tdb/python/tests/simple.py +++ b/lib/tdb/python/tests/simple.py @@ -105,7 +105,9 @@ class SimpleTdbTests(TestCase): def test_iterator(self): self.tdb[bla] = 1 self.tdb[brainslug] = 2 -self.assertEquals([bla, brainslug], list(self.tdb)) +l = list(self.tdb) +l.sort() +self.assertEquals([bla, brainslug], l) def test_transaction_cancel(self): self.tdb[bloe] = 2 diff --git a/source4/scripting/python/samba/tests/samba3sam.py b/source4/scripting/python/samba/tests/samba3sam.py index a34f0f6..99b9c06 100644 --- a/source4/scripting/python/samba/tests/samba3sam.py +++ b/source4/scripting/python/samba/tests/samba3sam.py @@ -30,6 +30,7 @@ from samba.tests import TestCaseInTempDir, env_loadparm import samba.dcerpc.security import samba.ndr from samba.auth import system_session +from operator import attrgetter def read_datafile(filename): @@ -439,34 +440,37 @@ objectSid: S-1-5-21-4231626423-2410014848-2360679739-552 res = self.ldb.search(expression=(revision=x), scope=SCOPE_DEFAULT, attrs=[dnsHostName, lastLogon]) self.assertEquals(len(res), 2) -self.assertEquals(str(res[0].dn), self.samba4.dn(cn=Y)) -self.assertEquals(str(res[0][dnsHostName]), y) -self.assertEquals(str(res[0][lastLogon]), y) -self.assertEquals(str(res[1].dn), self.samba4.dn(cn=X)) -self.assertEquals(str(res[1][dnsHostName]), x) -self.assertEquals(str(res[1][lastLogon]), x) +res = sorted(res, key=attrgetter('dn')) +self.assertEquals(str(res[0].dn), self.samba4.dn(cn=X)) +self.assertEquals(str(res[0][dnsHostName]), x) +self.assertEquals(str(res[0][lastLogon]), x) +self.assertEquals(str(res[1].dn), self.samba4.dn(cn=Y)) +self.assertEquals(str(res[1][dnsHostName]), y) +self.assertEquals(str(res[1][lastLogon]), y) # Search by kept attribute res = self.ldb.search(expression=(description=y), scope=SCOPE_DEFAULT, attrs=[dnsHostName, lastLogon]) self.assertEquals(len(res), 2) -self.assertEquals(str(res[0].dn), self.samba4.dn(cn=Z)) -self.assertEquals(str(res[0][dnsHostName]), z) +res = sorted(res, key=attrgetter('dn')) +self.assertEquals(str(res[0].dn), self.samba4.dn(cn=C)) +self.assertTrue(not dnsHostName in res[0]) self.assertEquals(str(res[0][lastLogon]), z) -self.assertEquals(str(res[1].dn), self.samba4.dn(cn=C)) -self.assertTrue(not dnsHostName in res[1]) +self.assertEquals(str(res[1].dn), self.samba4.dn(cn=Z)) +self.assertEquals(str(res[1][dnsHostName]), z) self.assertEquals(str(res[1][lastLogon]), z) # Search by renamed attribute res = self.ldb.search(expression=(badPwdCount=x), scope=SCOPE_DEFAULT, attrs=[dnsHostName, lastLogon]) self.assertEquals(len(res), 2) -self.assertEquals(str(res[0].dn), self.samba4.dn(cn=B)) +res = sorted(res, key=attrgetter('dn')) +self.assertEquals(str(res[0].dn), self.samba4.dn(cn=A)) self.assertTrue(not dnsHostName in res[0]) -self.assertEquals(str(res[0][lastLogon]), y) -self.assertEquals(str(res[1].dn), self.samba4.dn(cn=A)) +
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via d6b991a s3-docs: Fix version. from c5b7912 s3-winbind: BUG 8166 - Don't lockout users when offline. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit d6b991a6dc4ea572d6c1d7678a4649e932cec772 Author: Karolin Seeger ksee...@samba.org Date: Thu Jun 2 20:31:22 2011 +0200 s3-docs: Fix version. s/4.0/3.6/g Karolin --- Summary of changes: docs-xml/manpages-3/ldbadd.1.xml|2 +- docs-xml/manpages-3/ldbdel.1.xml|2 +- docs-xml/manpages-3/ldbedit.1.xml |2 +- docs-xml/manpages-3/ldbmodify.1.xml |2 +- docs-xml/manpages-3/ldbrename.1.xml |2 +- docs-xml/manpages-3/ldbsearch.1.xml |2 +- 6 files changed, 6 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages-3/ldbadd.1.xml b/docs-xml/manpages-3/ldbadd.1.xml index 9d682b1..44f79c9 100644 --- a/docs-xml/manpages-3/ldbadd.1.xml +++ b/docs-xml/manpages-3/ldbadd.1.xml @@ -78,7 +78,7 @@ refsect1 titleVERSION/title - paraThis man page is correct for version 4.0 of the Samba suite./para + paraThis man page is correct for version 3.6 of the Samba suite./para /refsect1 refsect1 diff --git a/docs-xml/manpages-3/ldbdel.1.xml b/docs-xml/manpages-3/ldbdel.1.xml index 00b8551..4af6b06 100644 --- a/docs-xml/manpages-3/ldbdel.1.xml +++ b/docs-xml/manpages-3/ldbdel.1.xml @@ -76,7 +76,7 @@ refsect1 titleVERSION/title - paraThis man page is correct for version 4.0 of the Samba suite./para + paraThis man page is correct for version 3.6 of the Samba suite./para /refsect1 refsect1 diff --git a/docs-xml/manpages-3/ldbedit.1.xml b/docs-xml/manpages-3/ldbedit.1.xml index bbca0d2..9679c17 100644 --- a/docs-xml/manpages-3/ldbedit.1.xml +++ b/docs-xml/manpages-3/ldbedit.1.xml @@ -169,7 +169,7 @@ refsect1 titleVERSION/title - paraThis man page is correct for version 4.0 of the Samba suite./para + paraThis man page is correct for version 3.6 of the Samba suite./para /refsect1 refsect1 diff --git a/docs-xml/manpages-3/ldbmodify.1.xml b/docs-xml/manpages-3/ldbmodify.1.xml index 65caa80..ddf6988 100644 --- a/docs-xml/manpages-3/ldbmodify.1.xml +++ b/docs-xml/manpages-3/ldbmodify.1.xml @@ -66,7 +66,7 @@ refsect1 titleVERSION/title - paraThis man page is correct for version 4.0 of the Samba suite./para + paraThis man page is correct for version 3.6 of the Samba suite./para /refsect1 refsect1 diff --git a/docs-xml/manpages-3/ldbrename.1.xml b/docs-xml/manpages-3/ldbrename.1.xml index 6a134f4..9de8492 100644 --- a/docs-xml/manpages-3/ldbrename.1.xml +++ b/docs-xml/manpages-3/ldbrename.1.xml @@ -80,7 +80,7 @@ refsect1 titleVERSION/title - paraThis man page is correct for version 4.0 of the Samba suite./para + paraThis man page is correct for version 3.6 of the Samba suite./para /refsect1 refsect1 diff --git a/docs-xml/manpages-3/ldbsearch.1.xml b/docs-xml/manpages-3/ldbsearch.1.xml index a6eedee..1a5a7bf 100644 --- a/docs-xml/manpages-3/ldbsearch.1.xml +++ b/docs-xml/manpages-3/ldbsearch.1.xml @@ -92,7 +92,7 @@ refsect1 titleVERSION/title - paraThis man page is correct for version 4.0 of the Samba suite./para + paraThis man page is correct for version 3.6 of the Samba suite./para /refsect1 refsect1 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 06a02e2 Split the ACE flag mapping between nfs4 and Windows into two separate functions rather than trying to do it inline. Allows us to carefully control what flags are mapped to what in one place. Modification to bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE via 009ceea nfs4_acls: pass ACE_FLAG_INHERITED_ACE down from the client via ab1fd07 nfs4_acls: pass ACE_FLAG_INHERITED_ACE up to the client from d6b991a s3-docs: Fix version. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 06a02e2f698076bcb8164efa15cc7b79ac19c927 Author: Jeremy Allison j...@samba.org Date: Tue May 31 15:37:30 2011 -0700 Split the ACE flag mapping between nfs4 and Windows into two separate functions rather than trying to do it inline. Allows us to carefully control what flags are mapped to what in one place. Modification to bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE commit 009ceeaad12d5b799c0a4249ce473da97a0e3fec Author: Gregor Beck gb...@sernet.de Date: Mon May 23 14:45:57 2011 +0200 nfs4_acls: pass ACE_FLAG_INHERITED_ACE down from the client Signed-off-by: Michael Adam ob...@samba.org (cherry picked from commit 817c64f5de65c6ba7cc535446279f769d6552618) Fix bug #8191 commit ab1fd07266075acb78276ed0e6347c6db11759c2 Author: Gregor Beck gb...@sernet.de Date: Mon May 23 14:27:11 2011 +0200 nfs4_acls: pass ACE_FLAG_INHERITED_ACE up to the client Signed-off-by: Michael Adam ob...@samba.org (cherry picked from commit b0471303ba50caab7da5f50e6f7d8c4b1c664238) Fix bug #8191 --- Summary of changes: source3/modules/nfs4_acls.c | 67 +- source3/modules/nfs4_acls.h |3 +- 2 files changed, 61 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 91e98f6..be8a505 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -52,6 +52,57 @@ typedef struct _SMB_ACL4_INT_T SMB_ACE4_INT_T *last; } SMB_ACL4_INT_T; +/ + Split the ACE flag mapping between nfs4 and Windows + into two separate functions rather than trying to do + it inline. Allows us to carefully control what flags + are mapped to what in one place. +/ + +static uint32_t map_nfs4_ace_flags_to_windows_ace_flags(uint32_t nfs4_ace_flags) +{ + uint32_t win_ace_flags = 0; + + /* The nfs4 flags = 0xf map perfectly. */ + win_ace_flags = nfs4_ace_flags (SEC_ACE_FLAG_OBJECT_INHERIT| + SEC_ACE_FLAG_CONTAINER_INHERIT| + SEC_ACE_FLAG_NO_PROPAGATE_INHERIT| + SEC_ACE_FLAG_INHERIT_ONLY); + + /* flags greater than 0xf have diverged :-(. */ + /* See the nfs4 ace flag definitions here: + http://www.ietf.org/rfc/rfc3530.txt. + And the Windows ace flag definitions here: + librpc/idl/security.idl. */ + if (nfs4_ace_flags SMB_ACE4_INHERITED_ACE) { + win_ace_flags |= SEC_ACE_FLAG_INHERITED_ACE; + } + + return win_ace_flags; +} + +static uint32_t map_windows_ace_flags_to_nfs4_ace_flags(uint32_t win_ace_flags) +{ + uint32_t nfs4_ace_flags = 0; + + /* The windows flags = 0xf map perfectly. */ + nfs4_ace_flags = win_ace_flags (SMB_ACE4_FILE_INHERIT_ACE| + SMB_ACE4_DIRECTORY_INHERIT_ACE| + SMB_ACE4_NO_PROPAGATE_INHERIT_ACE| + SMB_ACE4_INHERIT_ONLY_ACE); + + /* flags greater than 0xf have diverged :-(. */ + /* See the nfs4 ace flag definitions here: + http://www.ietf.org/rfc/rfc3530.txt. + And the Windows ace flag definitions here: + librpc/idl/security.idl. */ + if (win_ace_flags SEC_ACE_FLAG_INHERITED_ACE) { + nfs4_ace_flags |= SMB_ACE4_INHERITED_ACE; + } + + return nfs4_ace_flags; +} + static SMB_ACL4_INT_T *get_validated_aclint(SMB4ACL_T *theacl) { SMB_ACL4_INT_T *aclint = (SMB_ACL4_INT_T *)theacl; @@ -234,7 +285,7 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, SMB4ACL_T *theacl, /* in */ uint32_t mask; struct dom_sid sid; SMB_ACE4PROP_T *ace = aceint-prop; - uint32_t mapped_ace_flags; + uint32_t win_ace_flags; DEBUG(10, (magic: 0x%x, type: %d, iflags: %x, flags: %x, mask: %x, who: %d\n, aceint-magic, ace-aceType, ace-flags, @@ -271,25 +322,25 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx,
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 6aeb139 struct make struct shadow_copy_data its own talloc context (cherry picked from commit d77854fbb22bc9237cea14aae1179bbfe3bd0998) via 0b78d42 s3: Remove SHADOW_COPY_DATA typedef (cherry picked from commit 0ec9a90c29b86435f32c1d47d89df85fa51742f2) via 82187ec s3: Support shadow copy display over SMB2 from 06a02e2 Split the ACE flag mapping between nfs4 and Windows into two separate functions rather than trying to do it inline. Allows us to carefully control what flags are mapped to what in one place. Modification to bug #8191 - vfs_gpfs dosn't honor ACE_FLAG_INHERITED_ACE http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 6aeb13996b2a7c1529a9083ad1a41c724ae1a35c Author: Volker Lendecke v...@samba.org Date: Mon May 30 12:11:53 2011 +0200 struct make struct shadow_copy_data its own talloc context (cherry picked from commit d77854fbb22bc9237cea14aae1179bbfe3bd0998) The last 3 patches address bug #8189 (Snapshot display not supported over SMB2). commit 0b78d42187ea7da6c14e26dc56b02447aa42eb49 Author: Volker Lendecke v...@samba.org Date: Mon May 30 12:06:31 2011 +0200 s3: Remove SHADOW_COPY_DATA typedef (cherry picked from commit 0ec9a90c29b86435f32c1d47d89df85fa51742f2) commit 82187ece14c7162baec43a31970ef4ba2561f67b Author: Volker Lendecke v...@samba.org Date: Mon May 30 17:14:56 2011 +0200 s3: Support shadow copy display over SMB2 Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Tue May 31 12:53:10 CEST 2011 on sn-devel-104 (cherry picked from commit 0fcafbf69b345b703dc759518afc8620a7d6f2e8) --- Summary of changes: source3/include/ntioctl.h |5 +- source3/modules/vfs_default.c |5 +- source3/modules/vfs_full_audit.c |3 +- source3/modules/vfs_shadow_copy.c |7 ++- source3/modules/vfs_shadow_copy2.c |6 +- source3/modules/vfs_time_audit.c |2 +- source3/smbd/nttrans.c | 24 ++- source3/smbd/smb2_ioctl.c | 121 source3/smbd/vfs.c |2 +- 9 files changed, 146 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/ntioctl.h b/source3/include/ntioctl.h index 41b1dce..18707c5 100644 --- a/source3/include/ntioctl.h +++ b/source3/include/ntioctl.h @@ -77,13 +77,12 @@ /* For FSCTL_GET_SHADOW_COPY_DATA ...*/ typedef char SHADOW_COPY_LABEL[25]; -typedef struct shadow_copy_data { - TALLOC_CTX *mem_ctx; +struct shadow_copy_data { /* Total number of shadow volumes currently mounted */ uint32 num_volumes; /* Concatenated list of labels */ SHADOW_COPY_LABEL *labels; -} SHADOW_COPY_DATA; +}; #endif /* _NTIOCTL_H */ diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 5d6b512..4d06a10 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -84,7 +84,10 @@ static int vfswrap_set_quota(struct vfs_handle_struct *handle, enum SMB_QUOTA_T #endif } -static int vfswrap_get_shadow_copy_data(struct vfs_handle_struct *handle, struct files_struct *fsp, SHADOW_COPY_DATA *shadow_copy_data, bool labels) +static int vfswrap_get_shadow_copy_data(struct vfs_handle_struct *handle, + struct files_struct *fsp, + struct shadow_copy_data *shadow_copy_data, + bool labels) { errno = ENOSYS; return -1; /* Not implemented. */ diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index a723a0c..17713f0 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -695,7 +695,8 @@ static int smb_full_audit_set_quota(struct vfs_handle_struct *handle, static int smb_full_audit_get_shadow_copy_data(struct vfs_handle_struct *handle, struct files_struct *fsp, - SHADOW_COPY_DATA *shadow_copy_data, bool labels) + struct shadow_copy_data *shadow_copy_data, + bool labels) { int result; diff --git a/source3/modules/vfs_shadow_copy.c b/source3/modules/vfs_shadow_copy.c index b93f98d..1db47d2 100644 --- a/source3/modules/vfs_shadow_copy.c +++ b/source3/modules/vfs_shadow_copy.c @@ -216,7 +216,10 @@ static int shadow_copy_closedir(vfs_handle_struct *handle, SMB_STRUCT_DIR *_dirp return 0; } -static int shadow_copy_get_shadow_copy_data(vfs_handle_struct *handle, files_struct *fsp, SHADOW_COPY_DATA *shadow_copy_data, bool labels) +static int shadow_copy_get_shadow_copy_data(vfs_handle_struct *handle, +