Re: [Samba] On Samba4
On 08/06/2011 05:03, titantopp...@gmail.com wrote: Hi, Matthieu: So offloading DHCP on another server is not a problem at all, when it comes to DNS it's more problematic although you can cope with it. Why not creating a sub domain for your AD realm ? (ie. ad.mycompany.com). What is this setup you're referring to? Do you mean that the main DNS server delegates authority for the ad.mycompany.com subdomain to the DC, and the domain for the Samba network be on ad.mycompany.com? Yeah. -- Matthieu Patou Samba Teamhttp://samba.org Private repo http://git.samba.org/?p=mat/samba.git;a=summary -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Join W2008 R2 64bit to samba 3.5.8
For true I set this in my registry and nothing else: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Restarted w2008 R2 X64 and the same error on and on Joining a windows 7 X64 without any trouble. The only difference I mentioned further is :HyperV is running on the w2008 machine along with several nics. To go further I configured bind on the Samba-PDC to serve the dns-records: host -t SRV _ldap._tcp.tuepdc.local. _ldap._tcp.tuepdc.local has SRV record 0 0 389 tuepdc.tuepdc.local. host -t A tuepdc.tuepdc.local. tuepdc.tuepdc.local has address 192.168.135.143 Now the w2008 give errors about an A or AAA record. Just stupid! --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: TAKAHASHI Motonobu [mailto:mo...@monyo.com] Gesendet: Sonntag, 5. Juni 2011 20:23 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] Join W2008 R2 64bit to samba 3.5.8 From: Daniel_Müller muel...@tropenklinik.de Date: Wed, 1 Jun 2011 09:31:46 +0200 Sorry, but I did, (snip) And restarted several times and still the same when trying to join my W2008 to domain: The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain DNS name does not exist. ... I examined that Windows Server 2008 R2 can join Samba 3.5.6 domain. Only to need to change is: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 as described at https://wiki.samba.org/index.php/Windows7 According to your error message, DNSNameResolutionRequired is not yet enabled... --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disk free space, quotas and GPFS
Jeremy wrote on 06/07/2011 07:11:03 PM: I am guessing that standard quota calls don't work on GPFS file systems. Probably true. If you know how GPFS reports quotas we can add the code for a later release. We have quota hooks in the Samba VFS, so we could add this to the gpfs vfs module. Correct, standard linux quota syscalls do not work with GPFS. GPFS has a special function for quotas in its library. I already have this on my list of further improvements for vfs_gpfs to exploit this call and make quota support work. Regards, Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disk free space, quotas and GPFS
Jonathan wrote on 06/07/2011 05:10:43 PM: In order to get robust and frankly usable quotas we are making extensive use of filesets (think directory quotas and you won't go far wrong). Basically every share is in a fileset of it's own including all the users home directories. All the filesets have a quota attached to them. What I would like is to have the disk size and usage reported by windows to be quota limit and usage for the fileset, rather than for the entire file system as at over 100TB it is somewhat misleading. You can use mmchfs filesystem --filesetdf to get what you are looking for. Diskfree lookups will then see the remaining quota in the fileset instead of the free space in the whole filesystem. You'll need GPFS 3.3 or later for this flag to be available. Regards, Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disk free space, quotas and GPFS
On Tue, 2011-06-07 at 10:11 -0700, Jeremy Allison wrote: [SNIP] I thought I would be able to use the dfree command option of smb.conf to report the correct information gathered through a script of some description. Unfortunately even with a simple shell script that echos a couple of numbers is owned by root and has permissions 700 does nothing (I still see numbers for the entire file system not the specific share) and I can see nothing in the samba logs even at log level 5. dfree should work fine. I'd persue this avenue. I did some experimentation and I have discovered the problem. The manual page for smb.conf says Note: Your script should NOT be setuid or setgid and should be owned by (and writeable only by) root! Which gives the impression that it should have permissions 700. Changing that to 755 and it works. Am I doing something wrong or is this bust? I tried making it work with a plain CentOS 5.6 with straight samba packages on ext3 with similar results. Alternatively would it be possible to add some quota support to vfs_gpfs to make this work? There are plenty of errors of the form [2011/06/07 15:53:15.672182, 3] lib/sysquotas.c:453(sys_get_quota) sys_get_vfs_quota() failed for mntpath[/lifesci] bdev[/dev/lifesci] qtype[2] id[9651]: No such device I am guessing that standard quota calls don't work on GPFS file systems. Probably true. If you know how GPFS reports quotas we can add the code for a later release. We have quota hooks in the Samba VFS, so we could add this to the gpfs vfs module. Well I have not tried anything but the GPFS Administration and Programming Reference documents the function gpfs_quotactl and the associated gpfs_quotaInfo_t structure which looks like they would do the trick. Is there any documentation on the Samba VFS layer so I can look into extending the gpfs vfs module? That said I would probably start with a dfree command written in C and linked to the GPFS libraries. JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Compiling Samba with FAM support on Irix
Some weeks ago I asked for help because I got relocation truncated to fit: R_MIPS_GPREL16 against `.srdata' error messages when trying to compile Samba 3.5.8 including FAM support on SGI Irix 6.5.28 using gcc 3.4.6 . A hint was found on this page: http://sourceware.org/ml/ecos-discuss/2000-04/msg00214.html, which explains the cause of the message and suggests to try the flag -Gn . Well, I did. I tried all values from 0 to 9 for -G (setenv LDFLAGS -lfam -Gn). It didn't change anything. But since this all is about optimization, I tried to tackle it with the compiler optimization flags directly. And in fact, with the values 3 and 2 for optimization (setenv CFLAGS -On) the build was successful!!! Further note, concerning the next problem on Irix: Later, during installation, lots of msgfmt: not found messages from the script installmo.sh appear. As I have learned in IRC, the missing msgfmt program belongs to the Gettext runtime and is part of the GNU Translation Project. It is for translating the error messages from English into other languages. If one is happy with English message texts, one can simply ignore those messages during installation... Hope this helps someone (and that I'm not the only remaining Irix user...), Fank Morawietz -- __ Frank Morawietz This message and any attachment are confidential and may be privileged or otherwise protected from disclosure. If you are not the intended recipient, you must not copy this message or attachment or disclose the contents to any other person. If you have received this transmission in error, please notify the sender immediately and delete the message and any attachment from your system. Merck KGaA, Darmstadt, Germany and any of its subsidiaries do not accept liability for any omissions or errors in this message which may arise as a result of E-Mail-transmission or for damages resulting from any unauthorized changes of the content of this message and any attachment thereto. Merck KGaA, Darmstadt, Germany and any of its subsidiaries do not guarantee that this message is free of viruses and does not accept liability for any damages caused by any virus transmitted therewith. Click http://disclaimer.merck.de to access the German, French, Spanish and Portuguese versions of this disclaimer. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Folder redirection and guest user (from session setup) not permitted to access this share in logs
Hello, sambadmins. First some background. Server is (soon to be dist-upgraded) Debian Lenny 64-bit and samba version is 3.5.6~dfsg-3~bpo50+1. Samba as PDC, LDAP as passdb backend, pam/nss uses same ldap on Linux side, so all ID-s are in sync. Locks settings are default. Windows XP SP3 as clients. Few weeks ago I started to see following in logs: [2011/06/08 15:17:51.766871, 2] smbd/service.c:587(create_connection_server_info) guest user (from session setup) not permitted to access this share (some.user) [2011/06/08 15:17:51.766898, 1] smbd/service.c:678(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED [2011/06/08 15:17:51.774699, 2] smbd/service.c:587(create_connection_server_info) guest user (from session setup) not permitted to access this share ( some.user) [2011/06/08 15:17:51.774728, 1] smbd/service.c:678(make_connection_snum) create_connection_server_info failed: NT_STATUS_ACCESS_DENIED [2011/06/08 15:17:57.268946, 2] smbd/service.c:587(create_connection_server_info) guest user (from session setup) not permitted to access this share ( some.user) I didn't turn much attention to it since I didn't hear anyone complaining. But today I got few worring letters and started to investigate. Found out following: When user tries to write to network drive (map network drive in windows) or \\server\some.user share, everything is okay. But! We have Desktop and My Documents redirected to network drive and making new files/folders to desktop and my documents fails and logs will be filled with lines mentioned before. No error message from Windows side, not even event logs - just files doesn't show up. Editing existing files seems to okay. Testing with smbclient is ok. Some PC-s can write new files after 1-2 second lag, but with same error in logs. Any ideas? -- Sent from my PC. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS and browse list on multiple subnet architecture
Now, the idea is to make computer on each subnet must see computer on the other one with the help of WINS and master roles. I don't make this works. Simply to set below and try: WINSGW Global section : workgroup = WORKGROUP wins support = yes #remote browse sync = 192.168.53.253 local master = yes domain master = yes domain logons = no preferred master = yes os level = 65 WINSGW2 Global section : workgroup = WORKGROUP wins server = 193.168.52.253 #remote browse sync = 192.168.52.253 #remote announce = 192.168.52.253/WORKGROUP local master = yes domain master = no domain logons = no preferred master = yes os level = 65 You do not need to set remote browse sync nor remote announce. Several years ago I examined this setting against Samba 3.0.x (perlaps 3.0.7) and worked well, although I have not yet examined with Samba 3.5.6. Hello, Thank you for your reply. I have made a mistake in wins server on WINSGW2 configuration file (193. in place of 192. ), so it could not reach the WINSGW server. Now it works with your suggested configuration. When I boot up both XP station the browser list is complete ( 4 computer ) and I can access all the share. But I have got an other question, when I shutdown first XP ( on subnet 1 where is the Domain Local Master ) WINSGW know that is is offline and update is browse.dat file. Here logs : [2011/06/08 14:25:38.530063, 3] nmbd/nmbd_serverlistdb.c:195(expire_servers) expire_old_servers: Removing timed out server YTYT [2011/06/08 14:25:38.530220, 3] nmbd/nmbd_serverlistdb.c:423(write_browse_list) write_browse_list: Wrote browse list into file /var/cache/samba/browse.dat and browse.dat file : cat /var/cache/samba/browse.dat WORKGROUPc0001000WINSGW WORKGROUP WINSGW 408d9a03winsgw server WORKGROUP WINSGW200859a03winsgw2 server WORKGROUP RTRT 00011003 WORKGROUP After many sync between the two samba, WINSGW2 still get XP server in his browse list. Here logs : [2011/06/08 15:32:52.007120, 2] nmbd/nmbd_browsesync.c:151(sync_with_dmb) sync_with_dmb: Initiating sync with domain master browser WINSGW20 at IP 192.168.52.253 for workgroup WORKGROUP [2011/06/08 15:32:52.007914, 2] nmbd/nmbd_synclists.c:184(sync_browse_lists) Initiating browse sync for WORKGROUP to WINSGW(192.168.52.253) [2011/06/08 15:32:52.008646, 3] lib/util_sock.c:979(open_socket_out_send) Connecting to 192.168.52.253 at port 139 [2011/06/08 15:32:52.016846, 2] nmbd/nmbd_synclists.c:302(complete_sync) sync with WINSGW(192.168.52.253) for workgroup WORKGROUP completed (4 records) [2011/06/08 15:32:58.023880, 3] nmbd/nmbd_serverlistdb.c:423(write_browse_list) write_browse_list: Wrote browse list into file /var/cache/samba/browse.dat and browse.dat file : cat /var/cache/samba/browse.dat WORKGROUPc0001000 WINSGW2 WORKGROUP WINSGW2 40859a03 winsgw2 server WORKGROUP RTRT40011003 WORKGROUP WINSGW 008d9a03 winsgw server WORKGROUP YTYT 00011001 WORKGROUP Is this behavior is expected or the computer must be removed on the other samba local master browser ? Thank you. Best Regard, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] need recipe for samba to do user authentication against a centos 5.5 openldap server (NO IDMAPS! NO PDC!)
In most cases, your users will have separate unix and windows passwords. Assuming you have password sync working (various ways to do this) this will still appear to be a single password to the users. Use something like Apache Directory Studio to verify that you can login to LDAP with the credentials specified to samba. My smb.conf includes --- workgroup = MYDOMAIN server string = myserver netbios name = MYSERVER passdb backend = ldapsam:ldap://myldapserver.mydomain.com domain logons = yes preferred master = yes domain master = yes local master = yes dns proxy = No wins support = yes ldap suffix=o=mydomain.com ldap user suffix=ou=people ldap machine suffix=ou=people ldap admin dn=cn=Directory Manager ldap ssl = no ldap passwd sync = no passwd program = /etc/samba/smbldappasswd.sh %u passwd chat =*New* %n\n *changed* unix password sync = yes [netlogon] comment = Network Logon Service path = /export/samba/netlogon read only = no guest ok = Yes share modes = No write list = @Administrators --- the ldap admin is the built in default ldap admin on my server. You may need to explicitly create unix groups and group mappings for well know windows groups net groupmap add ntgroup=Domain Admins unixgroup=100512 rid=512 type=domain net groupmap add ntgroup=Domain Users unixgroup=100513 rid=513 net groupmap add ntgroup=Domain Guests unixgroup=100514 rid=514 net groupmap add ntgroup=Domain Computers unixgroup=100515 rid=515 net groupmap add ntgroup=Domain Controllers unixgroup=100516 rid=516 You also need to create a unix account for the Administrator. will need unix and samba accts for each machine, include the PDC # smbpasswd -a -m MACHINENAME And I think you need to join the domain net rpc join -S MYSERVER -W MYDOMAIN -U Administrator My PDC is a solaris server. I think on linux machines you may NOT want to include the quotes in the ldap admin acct name. I couldn't get ldap password sync to work- so I use standard unix pw sync which calls an external script to handle setting the ldap pw's. On 06/03/2011 10:46 PM, Clayton Hill wrote: Hi all, Please help Ive been wasting days at this... I am not trying to create a PDC, I am not joining an active directory, I am not needing samba schema in my openldap (or do I?), I am not trying to use winbind and idmaps for translations from SID to UID/GID, I just want my samba server which shares linux home directories to authenticate user+password against my existing linux based openldap server. These are already POSIX accounts on the openldap server, so the UID and GID need no translation AFAIK All I want to do is have users log into the samba share with their openldap Linux accounts. unfortunately this is not working... at all. Samba ver: samba3x-3.3.8-0.52.el5_5.2 openldap ver: 2.3 (shouldnt matter) my smb.conf : --- [global] server string = %h server passdb backend = ldapsam:ldap://ldap.domain.com *# looks like this syntax is deprecated. Whats the correct syntax? *smb.conf manpage is not making sense to me security = user ldap passwd sync = yes # is this needed? ldap ssl = no ldap admin dn = cn=superadmin,dc=domain,dc=com ldap suffix = dc=domain,dc=com ldap user suffix = ou=People ldap group suffix = ou=Group [Shared] comment = Shared Directories path = /shared read only = No create mask = 0600 directory mask = 0700 -- I then did smbpasswd -w myadmindnpasswd Im super confused as to why the above syntax isnt sufficient, and the howtos out there are all not very helpful and use depricated syntax log level 2 snippet: --- [2011/06/03 19:25:00, 2] lib/smbldap_util.c:smbldap_search_domain_info(277) smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=SV3))] [2011/06/03 19:25:00, 2] lib/smbldap.c:smbldap_open_connection(796) smbldap_open_connection: connection opened [2011/06/03 19:25:00, 1] lib/smbldap_util.c:add_new_domain_info(233) add_new_domain_info: failed to add domain dn= sambaDomainName=SV3,dc=domain,dc=com with: Invalid DN syntax invalid DN [2011/06/03 19:25:00, 0]
Re: [Samba] Join W2008 R2 64bit to samba 3.5.8
Did you try the nslookup command on the windows server itself? Does the windows VM appear to have multiple nic's (doesn't matter about the hyper-visor.) Can the windows server see shares from the samba server? Did you disable Netbios-over-TCP on Windows- this would definitely break stuff. It still seems to be expecting an AD domain. Win 2008 has ip v6 enabled by default. Maybe that is creating issues. If you disable ip v6 in the network settings that doesn't really disable it and just makes things worse. Did you change the port settings on samba- you may want to stick with defaults (139 445 ) On 06/08/2011 04:34 AM, Daniel Müller wrote: For true I set this in my registry and nothing else: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Restarted w2008 R2 X64 and the same error on and on Joining a windows 7 X64 without any trouble. The only difference I mentioned further is :HyperV is running on the w2008 machine along with several nics. To go further I configured bind on the Samba-PDC to serve the dns-records: host -t SRV _ldap._tcp.tuepdc.local. _ldap._tcp.tuepdc.local has SRV record 0 0 389 tuepdc.tuepdc.local. host -t A tuepdc.tuepdc.local. tuepdc.tuepdc.local has address 192.168.135.143 Now the w2008 give errors about an A or AAA record. Just stupid! --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: TAKAHASHI Motonobu [mailto:mo...@monyo.com] Gesendet: Sonntag, 5. Juni 2011 20:23 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] Join W2008 R2 64bit to samba 3.5.8 From: Daniel_Müllermuel...@tropenklinik.de Date: Wed, 1 Jun 2011 09:31:46 +0200 Sorry, but I did, (snip) And restarted several times and still the same when trying to join my W2008 to domain: The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain DNS name does not exist. ... I examined that Windows Server 2008 R2 can join Samba 3.5.6 domain. Only to need to change is: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 as described at https://wiki.samba.org/index.php/Windows7 According to your error message, DNSNameResolutionRequired is not yet enabled... --- TAKAHASHI Motonobumo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Reshare of a Samba mount
Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? Would anyone have a sample configuration for what i would like to do or could suggest one? Thanks Will On Jun 7, 2011, at 9:39 PM, Chris Weiss wrote: On Tue, Jun 7, 2011 at 3:27 PM, will ryder wjry...@me.com wrote: Hi, I am running a samba server that has two shares: i) Local directory ii) samba mount on NetApp Filer. The samba server is running on RHEL 5. There is a large transfer speed difference between the local directory and samba mount. I have run some tests and determined this is due to RHEL5 reshare of the samba. Does anyone have suggestions so that I can make this faster ? use a DFS link so that clients access the netapp cifs directly. re-sharing is always going to cause some sort of problems, performance is usually the least of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Join W2008 R2 64bit to samba 3.5.8
Did you try the nslookup command on the windows server itself? C:\Users\Administratornslookup tuepdc 192.168.135.143 Server: tuepdc.local Address: 192.168.135.143 Name:tuepdc.local Address: 192.168.135.143 C:\Users\Administratornslookup tuepdc.tuepdc Server: linux.local Address: 192.168.135.252 Name:tuepdc.local Address: 192.168.135.143 Aliases: tuepdc.tuepdc.local Did you change the port settings on samba- you may want to stick with defaults (139 445 ) [root@tuepdc ~]# testparm|grep ports smb ports = 139 445 Did you disable Netbios-over-TCP on Windows C:\Users\Administratornbtstat -A 192.168.135.132 LAN-Verbindung 2: Knoten-IP-Adresse: [0.0.0.0] Bereichskennung: [] Host nicht gefunden. LAN-Verbindung 4: Knoten-IP-Adresse: [192.168.135.132] Bereichskennung: [] NetBIOS-Namentabelle des Remotecomputers Name Typ Status - EUSSERVER 00 EINDEUTIG Registriert TUEPDC.LOCAL 00 GRUPPE Registriert EUSSERVER 20 EINDEUTIG Registriert TUEPDC.LOCAL 1E GRUPPE Registriert TUEPDC.LOCAL 1D EINDEUTIG Registriert ..__MSBROWSE__.01 GRUPPE Registriert MAC Adresse = 00-25-90-01-EC-D4 C:\Users\Administratornbtstat -A 192.168.135.252 LAN-Verbindung 2: Knoten-IP-Adresse: [0.0.0.0] Bereichskennung: [] Host nicht gefunden. LAN-Verbindung 4: Knoten-IP-Adresse: [192.168.135.132] Bereichskennung: [] Host nicht gefunden. C:\Users\Administratornbtstat -c LAN-Verbindung 2: Knoten-IP-Adresse: [0.0.0.0] Bereichskennung: [] Keine Namen im Cache LAN-Verbindung 4: Knoten-IP-Adresse: [192.168.135.132] Bereichskennung: [] NetBIOS-Remotecache-Namentabelle Name TypHostadresse Dauer [Sek.] - EUSSERVER 20 EINDEUTIG 192.168.135.132 427 So the server gives me with his IP 192.168.135.251 nothing with nbtstat. With his IP 192.168.135.132 everything is fine for the local address. Remote addresses do not work. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Gaiseric Vandal Gesendet: Mittwoch, 8. Juni 2011 16:04 An: samba@lists.samba.org Betreff: Re: [Samba] Join W2008 R2 64bit to samba 3.5.8 Did you try the nslookup command on the windows server itself? Does the windows VM appear to have multiple nic's (doesn't matter about the hyper-visor.) Can the windows server see shares from the samba server? Did you disable Netbios-over-TCP on Windows- this would definitely break stuff. It still seems to be expecting an AD domain. Win 2008 has ip v6 enabled by default. Maybe that is creating issues. If you disable ip v6 in the network settings that doesn't really disable it and just makes things worse. Did you change the port settings on samba- you may want to stick with defaults (139 445 ) On 06/08/2011 04:34 AM, Daniel Müller wrote: For true I set this in my registry and nothing else: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Restarted w2008 R2 X64 and the same error on and on Joining a windows 7 X64 without any trouble. The only difference I mentioned further is :HyperV is running on the w2008 machine along with several nics. To go further I configured bind on the Samba-PDC to serve the dns-records: host -t SRV _ldap._tcp.tuepdc.local. _ldap._tcp.tuepdc.local has SRV record 0 0 389 tuepdc.tuepdc.local. host -t A tuepdc.tuepdc.local. tuepdc.tuepdc.local has address 192.168.135.143 Now the w2008 give errors about an A or AAA record. Just stupid! --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: TAKAHASHI Motonobu [mailto:mo...@monyo.com] Gesendet: Sonntag, 5. Juni 2011 20:23 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] Join W2008 R2 64bit to samba 3.5.8 From: Daniel_Müllermuel...@tropenklinik.de Date: Wed, 1 Jun 2011 09:31:46 +0200 Sorry, but I did, (snip) And restarted several times and still the same when trying to join my W2008 to domain: The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain
Re: [Samba] Reshare of a Samba mount
On Wed, Jun 8, 2011 at 10:48 AM, will ryder wjry...@me.com wrote: Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? That is what I would do. Would anyone have a sample configuration for what i would like to do or could suggest one? Here is what I have for my dfs root in samba ( I am not sure how much of this is needed): [net-dfs-root] comment = Network DFS Root msdfs root = yes path = /exports/network_dfs_root read only = no writable = yes public = yes force directory mode = 2775 inherit permissions = yes inherit acls = yes Then on /exports/network_dfs_root I have a tree of folders and links to msdfs nodes. fileserv ~ # ls -al /exports/network_dfs_root/ total 24 drwxr-xr-x 6 Administrator Domain Users 4096 Feb 2 2010 . drwxr-xr-x 5 Administrator root 4096 Apr 30 2008 .. lrwxrwxrwx 1 Administrator root 31 Oct 21 2009 DataAnalysis - msdfs:192.168.1.33\DataAnalysis drwxr-xr-x 2 Administrator Domain Users 4096 Aug 20 2009 SystemLinks lrwxrwxrwx 1 Administrator root 26 Oct 27 2009 Testing - msdfs:192.168.1.32\Testing drwxr-xr-x 4 Administrator root 4096 Apr 30 2008 Users drwxr-xr-x 4 Administrator Domain Users 4096 Apr 30 2008 images drwxr-xr-x 3 Administrator Domain Users 4096 Feb 2 2010 other fileserv ~ # ls -al /exports/network_dfs_root/images/clean/ total 20 drwxr-xr-x 5 Administrator Domain Users 4096 Sep 18 2009 . drwxr-xr-x 4 Administrator Domain Users 4096 Apr 30 2008 .. drwxr-xr-x 4 Administrator Domain Users 4096 Apr 12 16:30 Breast drwxr-xr-x 3 Administrator Domain Users 4096 May 3 18:21 Lung lrwxrwxrwx 1 Administrator root 27 Sep 18 2009 PHANTOMS - msdfs:192.168.1.33\PHANTOMS lrwxrwxrwx 1 Administrator root 29 Sep 18 2009 Temp - msdfs:192.168.1.33\image_temp drwxr-xr-x 2 Administrator Domain Users 4096 Apr 30 2008 images John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem with IDMAP+LDAP+WINBIND
Hello, I have problem with idmap configuration. I would like to use LDAP as backend for idmap in Samba+ADS environment, but i have following errors in log.winbindd-idmap: [2011/06/08 16:57:54.805575, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2011/06/08 16:57:54.805618, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2011/06/08 16:57:54.805645, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered! [2011/06/08 16:57:54.805671, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module nss already registered! [2011/06/08 16:57:54.806552, 1] winbindd/idmap_ldap.c:193(verify_idpool) Unable to verify the idpool, cannot continue initialization! [2011/06/08 16:57:54.806642, 0] winbindd/idmap.c:589(idmap_alloc_init) ERROR: Initialization failed for alloc backend, deferred! [2011/06/08 16:57:54.844163, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2011/06/08 16:57:54.844226, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2011/06/08 16:57:54.844254, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered! [2011/06/08 16:57:54.844280, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module nss already registered! [2011/06/08 16:57:54.845341, 1] winbindd/idmap_ldap.c:193(verify_idpool) Unable to verify the idpool, cannot continue initialization! [2011/06/08 16:57:54.845380, 0] winbindd/idmap.c:589(idmap_alloc_init) ERROR: Initialization failed for alloc backend, deferred! [2011/06/08 16:57:54.846287, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module ldap already registered! [2011/06/08 16:57:54.846326, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) idmap_alloc module tdb already registered! [2011/06/08 16:57:54.846353, 0] winbindd/idmap.c:149(smb_register_idmap) Idmap module passdb already registered!
Re: [Samba] Reshare of a Samba mount
I don't think you have to define a DFS root. On the unix level you can create a symbolic link e.g. server1# cd /export/data1 server1# ln -s msdfs:server2\sata2 data2 Assuming that server:/export/data1 is shared in samba as \\server1\data1 the link is meaningless for unix user but if a widnowsyou connect to \\server1\data1, and click on data2, you will be actually be redirected to \\server2\data2 share- server1 does not actually reshare anything. On 06/08/2011 10:48 AM, will ryder wrote: Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? Would anyone have a sample configuration for what i would like to do or could suggest one? Thanks Will On Jun 7, 2011, at 9:39 PM, Chris Weiss wrote: On Tue, Jun 7, 2011 at 3:27 PM, will ryderwjry...@me.com wrote: Hi, I am running a samba server that has two shares: i) Local directory ii) samba mount on NetApp Filer. The samba server is running on RHEL 5. There is a large transfer speed difference between the local directory and samba mount. I have run some tests and determined this is due to RHEL5 reshare of the samba. Does anyone have suggestions so that I can make this faster ? use a DFS link so that clients access the netapp cifs directly. re-sharing is always going to cause some sort of problems, performance is usually the least of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disk free space, quotas and GPFS
On Wed, Jun 08, 2011 at 10:02:23AM +0100, Jonathan Buzzard wrote: On Tue, 2011-06-07 at 10:11 -0700, Jeremy Allison wrote: [SNIP] I thought I would be able to use the dfree command option of smb.conf to report the correct information gathered through a script of some description. Unfortunately even with a simple shell script that echos a couple of numbers is owned by root and has permissions 700 does nothing (I still see numbers for the entire file system not the specific share) and I can see nothing in the samba logs even at log level 5. dfree should work fine. I'd persue this avenue. I did some experimentation and I have discovered the problem. The manual page for smb.conf says Note: Your script should NOT be setuid or setgid and should be owned by (and writeable only by) root! Which gives the impression that it should have permissions 700. Changing that to 755 and it works. Oh that's interesting. It's because it is being run as the connected user. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Join W2008 R2 64bit to samba 3.5.8
From: Daniel_Müller muel...@tropenklinik.de Date: Wed, 8 Jun 2011 10:34:40 +0200 For true I set this in my registry and nothing else: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 OK The only difference I mentioned further is :HyperV is running on the w2008 machine along with several nics. Can this server resolve DOMAINNAME#1B and DOMAINNAME#1C? How do you configure NetBIOS name resolution? To join Samba domain, you have to resolve these NetBIOS name. Multiple NICs often makes trouble around NetBIOS name resolution. Use WINS server correctly or set LMHOSTS file correctly and try again. --- TAKAHASHI Motonobu mo...@samba.gr.jp -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disk free space, quotas and GPFS
On Tue, 2011-06-07 at 10:11 -0700, Jeremy Allison wrote: [SNIP] I am guessing that standard quota calls don't work on GPFS file systems. Probably true. If you know how GPFS reports quotas we can add the code for a later release. We have quota hooks in the Samba VFS, so we could add this to the gpfs vfs module. A couple of hours hacking around and I have a small C program for the dfree command option that makes various GPFS calls to provide the information to Samba and it works great with one caveat. That is it does not appear to be working for home directory shares. Anyway pretty simple really, as I suspected gpfs_quotactl gets the information required, though with fileset quotas you need to call gpfs_fcntl to get the fileset name for the path and then gpfs_getfilesetid to turn that name into a numerical ID for gpfs_quotactl. I would prefer to role this into the GPFS VFS module, but it would be helpful if there where some pointers somewhere on how the quota hooks in the Samba VFS layer work. Some example code would be sufficient. JAB. -- Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk Fife, United Kingdom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Disk free space, quotas and GPFS
On Wed, Jun 08, 2011 at 05:15:04PM +0100, Jonathan Buzzard wrote: On Tue, 2011-06-07 at 10:11 -0700, Jeremy Allison wrote: [SNIP] I am guessing that standard quota calls don't work on GPFS file systems. Probably true. If you know how GPFS reports quotas we can add the code for a later release. We have quota hooks in the Samba VFS, so we could add this to the gpfs vfs module. A couple of hours hacking around and I have a small C program for the dfree command option that makes various GPFS calls to provide the information to Samba and it works great with one caveat. That is it does not appear to be working for home directory shares. Anyway pretty simple really, as I suspected gpfs_quotactl gets the information required, though with fileset quotas you need to call gpfs_fcntl to get the fileset name for the path and then gpfs_getfilesetid to turn that name into a numerical ID for gpfs_quotactl. I would prefer to role this into the GPFS VFS module, but it would be helpful if there where some pointers somewhere on how the quota hooks in the Samba VFS layer work. Some example code would be sufficient. Look at the code in source3/modules/vfs_default.c - specifically vfswrap_get_quota(), vfswrap_set_quota() (which are for manipulating quotas on behalf of users) and also vfswrap_disk_free(). vfswrap_disk_free() is the most important one for reporting space, it calls into sys_disk_free() which then branches into ugly #ifdef-ed code to get system specific quotas. You might just be able to replace vfswrap_disk_free() for gpfs to make the correct gpfs calls and return the normalized uint64_t *bsize, uint64_t *dfree, uint64_t *dsize values. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS and browse list on multiple subnet architecture
Le 08/06/2011 15:43, samba tmpmbox a écrit : Now, the idea is to make computer on each subnet must see computer on the other one with the help of WINS and master roles. I don't make this works. Simply to set below and try: WINSGW Global section : workgroup = WORKGROUP wins support = yes #remote browse sync = 192.168.53.253 local master = yes domain master = yes domain logons = no preferred master = yes os level = 65 WINSGW2 Global section : workgroup = WORKGROUP wins server = 193.168.52.253 #remote browse sync = 192.168.52.253 #remote announce = 192.168.52.253/WORKGROUP local master = yes domain master = no domain logons = no preferred master = yes os level = 65 You do not need to set remote browse sync nor remote announce. Several years ago I examined this setting against Samba 3.0.x (perlaps 3.0.7) and worked well, although I have not yet examined with Samba 3.5.6. Hello, Thank you for your reply. I have made a mistake in wins server on WINSGW2 configuration file (193. in place of 192. ), so it could not reach the WINSGW server. Now it works with your suggested configuration. When I boot up both XP station the browser list is complete ( 4 computer ) and I can access all the share. But I have got an other question, when I shutdown first XP ( on subnet 1 where is the Domain Local Master ) WINSGW know that is is offline and update is browse.dat file. Here logs : [2011/06/08 14:25:38.530063, 3] nmbd/nmbd_serverlistdb.c:195(expire_servers) expire_old_servers: Removing timed out server YTYT [2011/06/08 14:25:38.530220, 3] nmbd/nmbd_serverlistdb.c:423(write_browse_list) write_browse_list: Wrote browse list into file /var/cache/samba/browse.dat and browse.dat file : cat /var/cache/samba/browse.dat WORKGROUPc0001000WINSGW WORKGROUP WINSGW 408d9a03winsgw server WORKGROUP WINSGW200859a03winsgw2 server WORKGROUP RTRT 00011003 WORKGROUP After many sync between the two samba, WINSGW2 still get XP server in his browse list. Here logs : [2011/06/08 15:32:52.007120, 2] nmbd/nmbd_browsesync.c:151(sync_with_dmb) sync_with_dmb: Initiating sync with domain master browser WINSGW20 at IP 192.168.52.253 for workgroup WORKGROUP [2011/06/08 15:32:52.007914, 2] nmbd/nmbd_synclists.c:184(sync_browse_lists) Initiating browse sync for WORKGROUP to WINSGW(192.168.52.253) [2011/06/08 15:32:52.008646, 3] lib/util_sock.c:979(open_socket_out_send) Connecting to 192.168.52.253 at port 139 [2011/06/08 15:32:52.016846, 2] nmbd/nmbd_synclists.c:302(complete_sync) sync with WINSGW(192.168.52.253) for workgroup WORKGROUP completed (4 records) [2011/06/08 15:32:58.023880, 3] nmbd/nmbd_serverlistdb.c:423(write_browse_list) write_browse_list: Wrote browse list into file /var/cache/samba/browse.dat and browse.dat file : cat /var/cache/samba/browse.dat WORKGROUPc0001000 WINSGW2 WORKGROUP WINSGW2 40859a03 winsgw2 server WORKGROUP RTRT40011003 WORKGROUP WINSGW 008d9a03 winsgw server WORKGROUP YTYT 00011001 WORKGROUP Is this behavior is expected or the computer must be removed on the other samba local master browser ? Thank you. Best Regard, Hello, The attachment piece is the wireshark capture on the subnet 2 network interface of the gateway. We could find at packet number 46 server list, in response to the winsgw2 request, contain only 3 entries but it reports 4 records in nmbd logs (see above). If I shut down server RTRT, on subnet 2, it will never be removed from browse list on the two samba server even it's down state is detected by winsgw2. [2011/06/08 18:14:05.803665, 3] nmbd/nmbd_serverlistdb.c:195(expire_servers) expire_old_servers: Removing timed out server RTRT [2011/06/08 18:14:05.803938, 3] nmbd/nmbd_serverlistdb.c:423(write_browse_list) write_browse_list: Wrote browse list into file /var/cache/samba/browse.dat Attachment winsgw2_sync_rowse_RTRT.pcap is showing sync after the timeout message in nmbd log file. At packet number 29 winsgw2 say that it has only him in his subnet but browse.dat is still containing all the 5 lines (as above). At packet number 54 winsgw say it has 3 server himself, winsgw2 and RTRT. The browse.dat file is as above for winsgw. I don' t know where to search now, any one could give me any advice ? Thank you. Best regard, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.6.0rc2 in Debian experimental
Less than 12 hours after its release, I have the pleasure to announce that the Debian experimental archive now carries packages for samba 3.6.0rc2 (please leave some time to autobuilders for packages for all architectures to be built, though). Instead of re-explaining how the Debian experimental archive is working, please allow me to point to a quite complete Wiki page about it: http://wiki.debian.org/DebianExperimental 3.6.* packages will remain in Debian experimental until the release of the final version of 3.6.0. Then, packages will be uploaded to Debian unstable, thus targeting the next Debian version (and indirectly flowing to Ubuntu, of course). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba Digest, Vol 102, Issue 8
I am currently on annual leave. I will be back in the office on Friday 10th June 2011. If you have an urgent matter needing attention, it may be prudent to contact the ITSC main number 01236 757600. Thanks. -- Andrew McNaughton ICT Network Support Officer Learning Leisure Services North Lanarkshire Council ** ICT TECHNICAL SERVICES CENTRE (ITSC) Towers Road, Airdrie, North Lanarkshire ML6 8PG email: and...@nleducation.org.uk ** --- This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error, please notify the System Manager and thereafter delete the e-mail from your system. The System Manager may be contacted at postmas...@nleducation.org.uk E-mail transmission is not secure and information can be intercepted, corrupted, lost, destroyed, delayed or incomplete. The sender does not accept any liability for errors or omissions arising as a result of e-mail transmission or interception. Please note that incoming e-mails are routinely scanned for the purpose of detecting offensive or inappropriate materials. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Reshare of a Samba mount
No- in my solution- A connects to B, and B tells A to go to C. In your case, you would need to keep having B resharing C to A and accept there will be a performance hit. You would, however, want to make sure that any other bottlenecks between B and C are minimized- make sure you are using gigabit switched ethernet connections. Does the NetFiler have the option to share the files via NFS? I wonder if that would improve the throughput between B and C. On 06/08/2011 02:55 PM, will ryder wrote: Here is my network diagram: [A]- [B]---[C] A is Window's machine B is RHEL C is NetApp B can be thought of sitting in a DMZ, so it can see A and C. A and C can not talk to each other. Would the solution below work ? Thanks Will On Jun 8, 2011, at 4:24 PM, Gaiseric Vandal wrote: I don't think you have to define a DFS root. On the unix level you can create a symbolic link e.g. server1# cd /export/data1 server1# ln -s msdfs:server2\sata2 data2 Assuming that server:/export/data1 is shared in samba as \\server1\data1 the link is meaningless for unix user but if a widnowsyou connect to \\server1\data1, and click on data2, you will be actually be redirected to \\server2\data2 share- server1 does not actually reshare anything. On 06/08/2011 10:48 AM, will ryder wrote: Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? Would anyone have a sample configuration for what i would like to do or could suggest one? Thanks Will On Jun 7, 2011, at 9:39 PM, Chris Weiss wrote: On Tue, Jun 7, 2011 at 3:27 PM, will ryderwjry...@me.com wrote: Hi, I am running a samba server that has two shares: i) Local directory ii) samba mount on NetApp Filer. The samba server is running on RHEL 5. There is a large transfer speed difference between the local directory and samba mount. I have run some tests and determined this is due to RHEL5 reshare of the samba. Does anyone have suggestions so that I can make this faster ? use a DFS link so that clients access the netapp cifs directly. re-sharing is always going to cause some sort of problems, performance is usually the least of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Reshare of a Samba mount
Here is my network diagram: [A] - [B]---[C] A is Window's machine B is RHEL C is NetApp B can be thought of sitting in a DMZ, so it can see A and C. A and C can not talk to each other. Would the solution below work ? Thanks Will On Jun 8, 2011, at 4:24 PM, Gaiseric Vandal wrote: I don't think you have to define a DFS root. On the unix level you can create a symbolic link e.g. server1# cd /export/data1 server1# ln -s msdfs:server2\sata2 data2 Assuming that server:/export/data1 is shared in samba as \\server1\data1 the link is meaningless for unix user but if a widnowsyou connect to \\server1\data1, and click on data2, you will be actually be redirected to \\server2\data2 share- server1 does not actually reshare anything. On 06/08/2011 10:48 AM, will ryder wrote: Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? Would anyone have a sample configuration for what i would like to do or could suggest one? Thanks Will On Jun 7, 2011, at 9:39 PM, Chris Weiss wrote: On Tue, Jun 7, 2011 at 3:27 PM, will ryderwjry...@me.com wrote: Hi, I am running a samba server that has two shares: i) Local directory ii) samba mount on NetApp Filer. The samba server is running on RHEL 5. There is a large transfer speed difference between the local directory and samba mount. I have run some tests and determined this is due to RHEL5 reshare of the samba. Does anyone have suggestions so that I can make this faster ? use a DFS link so that clients access the netapp cifs directly. re-sharing is always going to cause some sort of problems, performance is usually the least of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Reshare of a Samba mount
I can use NFS, but then i come to the issue of file locking... The performance hit at the moment is quite a big deal... On Jun 8, 2011, at 8:21 PM, Gaiseric Vandal wrote: No- in my solution- A connects to B, and B tells A to go to C. In your case, you would need to keep having B resharing C to A and accept there will be a performance hit. You would, however, want to make sure that any other bottlenecks between B and C are minimized- make sure you are using gigabit switched ethernet connections. Does the NetFiler have the option to share the files via NFS? I wonder if that would improve the throughput between B and C. On 06/08/2011 02:55 PM, will ryder wrote: Here is my network diagram: [A]- [B]---[C] A is Window's machine B is RHEL C is NetApp B can be thought of sitting in a DMZ, so it can see A and C. A and C can not talk to each other. Would the solution below work ? Thanks Will On Jun 8, 2011, at 4:24 PM, Gaiseric Vandal wrote: I don't think you have to define a DFS root. On the unix level you can create a symbolic link e.g. server1# cd /export/data1 server1# ln -s msdfs:server2\sata2 data2 Assuming that server:/export/data1 is shared in samba as \\server1\data1 the link is meaningless for unix user but if a widnowsyou connect to \\server1\data1, and click on data2, you will be actually be redirected to \\server2\data2 share- server1 does not actually reshare anything. On 06/08/2011 10:48 AM, will ryder wrote: Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? Would anyone have a sample configuration for what i would like to do or could suggest one? Thanks Will On Jun 7, 2011, at 9:39 PM, Chris Weiss wrote: On Tue, Jun 7, 2011 at 3:27 PM, will ryderwjry...@me.com wrote: Hi, I am running a samba server that has two shares: i) Local directory ii) samba mount on NetApp Filer. The samba server is running on RHEL 5. There is a large transfer speed difference between the local directory and samba mount. I have run some tests and determined this is due to RHEL5 reshare of the samba. Does anyone have suggestions so that I can make this faster ? use a DFS link so that clients access the netapp cifs directly. re-sharing is always going to cause some sort of problems, performance is usually the least of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba vs Linux file permissions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/03/2011 03:55 PM, Robert W. Smith wrote: ... Unfortunately I do not see this as a simple mis-configuration of your server at this point. The error is being emitted after the smbd/open.c call to try and open the file. It errors out on trying to open the file for renaming. The problem no longer exists. I cannot actually say that I solved it, but the best I can say is that it no longer presents itself. Here is what happened: One thing I did not mention (I didn't want to introduce oddities that I didn't think were related) is that when I initially installed the OS and install samba (but had not yet configured samba authentication), my account was able to access the one share I had configured. So I was not using LDAP and I had not established a password using smbpasswd, but I could access the share. (Could PAM have been involved?) I was mystified by this, but I do not understand samba very well, so I ignored it. Between that initial mystifying success and my final resolution I, of course, have been using LDAP for authentication and struggling with these Samba vs Linux permissions issues. Not knowing if the directive encrypt passwords was only used for smbpasswd or tdbsam, I changed encrypt passwords = true to false. Restarted smbd and nscd and tried to connect to the share using my account. Wouldn't let me in (and I'm guessing this would be expected by people who know more). So I changed encrypt passwords back from false to true. Restart smbd and nscd. AND I CAN CONNECT TO THE SHARE! Needless to say, I don't know why that did anything. In the event that someone knows what that might have done, I am definitely interested. Thanks to those who tried to help. John ... -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3v1b4ACgkQG+X1pClwoURFhwCg0c69KZ6xA+zYFODlP6N2NkSj ShUAoM0UYVIs7ACLOQv1NhQ9p6sso5IK =mEsL -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] refreshing/cleaning the default idmap backend
Greetings, I have just moved my samba server membership from one AD realm to another one. I may also have changed the idmap uig/gid ranges. The problem is that when I log in now (vi ssh) using my AD credentials, I get the following:- groups: cannot find name for group ID 10667 groups: cannot find name for group ID 10668 groups: cannot find name for group ID 10670 groups: cannot find name for group ID 10671 groups: cannot find name for group ID 10672 groups: cannot find name for group ID 10679 groups: cannot find name for group ID 10680 groups: cannot find name for group ID 10681 groups: cannot find name for group ID 10682 I'm really not sure what the problem is. Perhaps someone here knows. My theory is that I have certain local unix groups mapped (by winbind) to SIDs that are no longer available in the new realm. If this is so then it would seem that cleaning out the invalid mappings should help. Can this cleaning out be done? If so, how?? Something else that occurred to me was to simply blow away all my domain users and let them log in again to recreate their accounts. The idea would be to get winbind to start building the idmap db again from scratch. Is this feasible and sensible? If so, how might it be done? I really am without much of a clue here and i would greatly appreciate any advice on how to eliminate the groups: cannot find name for group ID messages that appear for AD authenticated logins. Thanks, Archi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Reshare of a Samba mount
Why is the netfiler isolated from the end users? I am not very familiar with it but presumably you could configure the netfiler to require user access control in conjunction with either Windows domain membership or an LDAP backend? -Original Message- From: will ryder [mailto:wjry...@me.com] Sent: Wednesday, June 08, 2011 4:00 PM To: gaiseric.van...@gmail.com Cc: Samba Subject: Re: [Samba] Reshare of a Samba mount I can use NFS, but then i come to the issue of file locking... The performance hit at the moment is quite a big deal... On Jun 8, 2011, at 8:21 PM, Gaiseric Vandal wrote: No- in my solution- A connects to B, and B tells A to go to C. In your case, you would need to keep having B resharing C to A and accept there will be a performance hit. You would, however, want to make sure that any other bottlenecks between B and C are minimized- make sure you are using gigabit switched ethernet connections. Does the NetFiler have the option to share the files via NFS? I wonder if that would improve the throughput between B and C. On 06/08/2011 02:55 PM, will ryder wrote: Here is my network diagram: [A]- [B]---[C] A is Window's machine B is RHEL C is NetApp B can be thought of sitting in a DMZ, so it can see A and C. A and C can not talk to each other. Would the solution below work ? Thanks Will On Jun 8, 2011, at 4:24 PM, Gaiseric Vandal wrote: I don't think you have to define a DFS root. On the unix level you can create a symbolic link e.g. server1# cd /export/data1 server1# ln -s msdfs:server2\sata2 data2 Assuming that server:/export/data1 is shared in samba as \\server1\data1 the link is meaningless for unix user but if a widnowsyou connect to \\server1\data1, and click on data2, you will be actually be redirected to \\server2\data2 share- server1 does not actually reshare anything. On 06/08/2011 10:48 AM, will ryder wrote: Having a little bit of trouble understanding how my configuration might work. Having seen this : http://communities.netapp.com/thread/3616 Does this mean that the DFS root is on the RHEL and NetApp is a leaf node ? Would anyone have a sample configuration for what i would like to do or could suggest one? Thanks Will On Jun 7, 2011, at 9:39 PM, Chris Weiss wrote: On Tue, Jun 7, 2011 at 3:27 PM, will ryderwjry...@me.com wrote: Hi, I am running a samba server that has two shares: i) Local directory ii) samba mount on NetApp Filer. The samba server is running on RHEL 5. There is a large transfer speed difference between the local directory and samba mount. I have run some tests and determined this is due to RHEL5 reshare of the samba. Does anyone have suggestions so that I can make this faster ? use a DFS link so that clients access the netapp cifs directly. re-sharing is always going to cause some sort of problems, performance is usually the least of them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] refreshing/cleaning the default idmap backend
hi, groups: cannot find name for group ID 10682 I'm really not sure what the problem is. not sure how this works with AD, but you can try something like: net sam mapunixgroup -- Bob Miller 334-7117/660-5315 http://computerisms.ca b...@computerisms.ca Network, Internet, Server, and Open Source Solutions -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4fa5125 tdb: enable VALGRIND to remove valgrind noise. from 4afe426 s4-ipv6: fill in pdc_ip in DsRGetDCNameEx2 http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4fa51257b283c2e8bb415cc7f9c001d64c8a2669 Author: Rusty Russell ru...@rustcorp.com.au Date: Wed Jun 8 17:20:48 2011 +0930 tdb: enable VALGRIND to remove valgrind noise. Andrew Bartlett complained that valgrind needs --partial-loads-ok=yes otherwise the Jenkins hash makes it complain. My benchmarking here revealed that at least with modern gcc (4.5) and CPU (Intel i5 32 bit) there's no measurable performance penalty for the correct code, so rip out the optimized one. Signed-off-by: Rusty Russell ru...@rustcorp.com.au Autobuild-User: Rusty Russell ru...@rustcorp.com.au Autobuild-Date: Wed Jun 8 11:05:47 CEST 2011 on sn-devel-104 --- Summary of changes: lib/tdb/common/hash.c | 35 --- 1 files changed, 0 insertions(+), 35 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/hash.c b/lib/tdb/common/hash.c index 2472ed1..1eed722 100644 --- a/lib/tdb/common/hash.c +++ b/lib/tdb/common/hash.c @@ -214,9 +214,7 @@ static uint32_t hashlittle( const void *key, size_t length ) u.ptr = key; if (HASH_LITTLE_ENDIAN ((u.i 0x3) == 0)) { const uint32_t *k = (const uint32_t *)key; /* read 32-bit chunks */ -#ifdef VALGRIND const uint8_t *k8; -#endif /*-- all but last block: aligned reads and affect 32 bits of (a,b,c) */ while (length 12) @@ -230,36 +228,6 @@ static uint32_t hashlittle( const void *key, size_t length ) } /*- handle the last (probably partial) block */ -/* - * k[2]0xff actually reads beyond the end of the string, but - * then masks off the part it's not allowed to read. Because the - * string is aligned, the masked-off tail is in the same word as the - * rest of the string. Every machine with memory protection I've seen - * does it on word boundaries, so is OK with this. But VALGRIND will - * still catch it and complain. The masking trick does make the hash - * noticably faster for short strings (like English words). - */ -#ifndef VALGRIND - -switch(length) -{ -case 12: c+=k[2]; b+=k[1]; a+=k[0]; break; -case 11: c+=k[2]0xff; b+=k[1]; a+=k[0]; break; -case 10: c+=k[2]0x; b+=k[1]; a+=k[0]; break; -case 9 : c+=k[2]0xff; b+=k[1]; a+=k[0]; break; -case 8 : b+=k[1]; a+=k[0]; break; -case 7 : b+=k[1]0xff; a+=k[0]; break; -case 6 : b+=k[1]0x; a+=k[0]; break; -case 5 : b+=k[1]0xff; a+=k[0]; break; -case 4 : a+=k[0]; break; -case 3 : a+=k[0]0xff; break; -case 2 : a+=k[0]0x; break; -case 1 : a+=k[0]0xff; break; -case 0 : return c; /* zero length strings require no mixing */ -} - -#else /* make valgrind happy */ - k8 = (const uint8_t *)k; switch(length) { @@ -277,9 +245,6 @@ static uint32_t hashlittle( const void *key, size_t length ) case 1 : a+=k8[0]; break; case 0 : return c; } - -#endif /* !valgrind */ - } else if (HASH_LITTLE_ENDIAN ((u.i 0x1) == 0)) { const uint16_t *k = (const uint16_t *)key; /* read 16-bit chunks */ const uint8_t *k8; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ae6a779 s3-winbindd: make sure we obey the -n switch also for samlogon cache access. via 47ea009 s3-spoolss: fix -Wunused-but-set-variable build warning in _spoolss_EnumPrintProcDataTypes(). from 4fa5125 tdb: enable VALGRIND to remove valgrind noise. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ae6a779bf9f816680e724ede37324b7f5355996b Author: Günther Deschner g...@samba.org Date: Wed Jun 8 12:56:10 2011 +0200 s3-winbindd: make sure we obey the -n switch also for samlogon cache access. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Jun 8 14:44:31 CEST 2011 on sn-devel-104 commit 47ea009e86a2a4499e216d97e5b64cc9e52a27ad Author: Günther Deschner g...@samba.org Date: Wed Jun 8 12:00:46 2011 +0200 s3-spoolss: fix -Wunused-but-set-variable build warning in _spoolss_EnumPrintProcDataTypes(). We were in fact ignoring the error code here. Guenther --- Summary of changes: source3/rpc_server/spoolss/srv_spoolss_nt.c |4 source3/winbindd/winbindd_ads.c |2 +- source3/winbindd/winbindd_cache.c |4 source3/winbindd/winbindd_creds.c |4 source3/winbindd/winbindd_msrpc.c |6 -- source3/winbindd/winbindd_util.c|4 6 files changed, 21 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 52e4ab0..a946bc9 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -8831,6 +8831,10 @@ WERROR _spoolss_EnumPrintProcDataTypes(struct pipes_struct *p, return WERR_UNKNOWN_LEVEL; } + if (!W_ERROR_IS_OK(result)) { + return result; + } + *r-out.needed = SPOOLSS_BUFFER_UNION_ARRAY(p-mem_ctx, spoolss_EnumPrintProcDataTypes, *r-out.info, r-in.level, diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index dde8e3f..770ed43 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -489,7 +489,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, /* try netsamlogon cache first */ - if ( (user = netsamlogon_cache_get( mem_ctx, sid )) != NULL ) + if (winbindd_use_cache() (user = netsamlogon_cache_get( mem_ctx, sid )) != NULL ) { DEBUG(5,(query_user: Cache lookup succeeded for %s\n, sid_string_dbg(sid))); diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index d733be0..50da98f 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -1296,6 +1296,10 @@ NTSTATUS wcache_get_creds(struct winbindd_domain *domain, uint32 rid; fstring tmp; + if (!winbindd_use_cache()) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + if (!cache-tdb) { return NT_STATUS_INTERNAL_DB_ERROR; } diff --git a/source3/winbindd/winbindd_creds.c b/source3/winbindd/winbindd_creds.c index 6bbd0ff..a160f7a 100644 --- a/source3/winbindd/winbindd_creds.c +++ b/source3/winbindd/winbindd_creds.c @@ -38,6 +38,10 @@ NTSTATUS winbindd_get_creds(struct winbindd_domain *domain, struct netr_SamInfo3 *info; NTSTATUS status; + if (!winbindd_use_cache()) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + status = wcache_get_creds(domain, mem_ctx, sid, cached_nt_pass, cred_salt); if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c index 42879f2..b17cafe 100644 --- a/source3/winbindd/winbindd_msrpc.c +++ b/source3/winbindd/winbindd_msrpc.c @@ -400,7 +400,7 @@ static NTSTATUS msrpc_query_user(struct winbindd_domain *domain, { struct rpc_pipe_client *samr_pipe; struct policy_handle dom_pol; - struct netr_SamInfo3 *user; + struct netr_SamInfo3 *user = NULL; TALLOC_CTX *tmp_ctx; NTSTATUS status; @@ -418,7 +418,9 @@ static NTSTATUS msrpc_query_user(struct winbindd_domain *domain, } /* try netsamlogon cache first */ - user = netsamlogon_cache_get(tmp_ctx, user_sid); + if (winbindd_use_cache()) { + user = netsamlogon_cache_get(tmp_ctx, user_sid); + } if (user != NULL) { DEBUG(5,(msrpc_query_user: Cache lookup succeeded for %s\n, sid_string_dbg(user_sid))); diff --git
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0a3fadc s3-winbind: always use samlogon cache for wbinfo -r, even when caching is disabled. from ae6a779 s3-winbindd: make sure we obey the -n switch also for samlogon cache access. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0a3fadc707ba2826915c01dbd8745675594ef603 Author: Günther Deschner g...@samba.org Date: Wed Jun 8 15:48:12 2011 +0200 s3-winbind: always use samlogon cache for wbinfo -r, even when caching is disabled. Guenther Autobuild-User: Günther Deschner g...@samba.org Autobuild-Date: Wed Jun 8 17:45:56 CEST 2011 on sn-devel-104 --- Summary of changes: source3/winbindd/winbindd_util.c |4 1 files changed, 0 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 7fede49..63cb2d2 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -1022,10 +1022,6 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain, *user_sids = NULL; *p_num_groups = 0; - if (!winbindd_use_cache()) { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } - info3 = netsamlogon_cache_get(mem_ctx, user_sid); if (info3 == NULL) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0931147 s3:selftest: add a few more raw.* tests via 957cfd2 s3:libsmb/cli_np_tstream: s/TSTREAM_CLI_NP_BUF_SIZE/TSTREAM_CLI_NP_MAX_BUF_SIZE via ad1cf18 s3:libsmb:cli_np_tstream: use dynamic talloc buffers from 0a3fadc s3-winbind: always use samlogon cache for wbinfo -r, even when caching is disabled. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0931147cbca6cd2f438b2fa49d222606246e364d Author: Stefan Metzmacher me...@samba.org Date: Mon Mar 28 08:23:27 2011 +0200 s3:selftest: add a few more raw.* tests metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Wed Jun 8 18:57:01 CEST 2011 on sn-devel-104 commit 957cfd23e1781e342edde07fc01dbec279088afa Author: Stefan Metzmacher me...@samba.org Date: Tue Jun 7 18:49:55 2011 +0200 s3:libsmb/cli_np_tstream: s/TSTREAM_CLI_NP_BUF_SIZE/TSTREAM_CLI_NP_MAX_BUF_SIZE This isn't the fixed buffer size anymore, as we use dynamic beffer it's just the maximum size. metze commit ad1cf187fdbcd726c6c74085308784fe4ecca883 Author: Stefan Metzmacher me...@samba.org Date: Tue Jun 7 18:45:54 2011 +0200 s3:libsmb:cli_np_tstream: use dynamic talloc buffers Having 8192 bytes on an idle connection is a bit to much, so we better use dynamic buffers using talloc, which also avoids a memcpy in the common SMBtrans readv codepath. metze --- Summary of changes: source3/libsmb/cli_np_tstream.c | 49 +++--- source3/selftest/tests.py |4 ++- 2 files changed, 38 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cli_np_tstream.c b/source3/libsmb/cli_np_tstream.c index 5e11a92..7521181 100644 --- a/source3/libsmb/cli_np_tstream.c +++ b/source3/libsmb/cli_np_tstream.c @@ -45,7 +45,7 @@ static const struct tstream_context_ops tstream_cli_np_ops; * otherwise we may get NT_STATUS_PIPE_BUSY on the SMBtrans request * from NT4 servers. (See bug #8195) */ -#define TSTREAM_CLI_NP_BUF_SIZE 4280 +#define TSTREAM_CLI_NP_MAX_BUF_SIZE 4280 struct tstream_cli_np { struct cli_state *cli; @@ -63,7 +63,7 @@ struct tstream_cli_np { struct { off_t ofs; size_t left; - uint8_t buf[TSTREAM_CLI_NP_BUF_SIZE]; + uint8_t *buf; } read, write; }; @@ -363,9 +363,26 @@ static void tstream_cli_np_writev_write_next(struct tevent_req *req) tstream_context_data(state-stream, struct tstream_cli_np); struct tevent_req *subreq; + size_t i; + size_t left = 0; + + for (i=0; i state-count; i++) { + left += state-vector[i].iov_len; + } + + if (left == 0) { + TALLOC_FREE(cli_nps-write.buf); + tevent_req_done(req); + return; + } cli_nps-write.ofs = 0; - cli_nps-write.left = TSTREAM_CLI_NP_BUF_SIZE; + cli_nps-write.left = MIN(left, TSTREAM_CLI_NP_MAX_BUF_SIZE); + cli_nps-write.buf = talloc_realloc(cli_nps, cli_nps-write.buf, + uint8_t, cli_nps-write.left); + if (tevent_req_nomem(cli_nps-write.buf, req)) { + return; + } /* * copy the pending buffer first @@ -391,11 +408,6 @@ static void tstream_cli_np_writev_write_next(struct tevent_req *req) state-ret += len; } - if (cli_nps-write.ofs == 0) { - tevent_req_done(req); - return; - } - if (cli_nps-trans.active state-count == 0) { cli_nps-trans.active = false; cli_nps-trans.write_req = req; @@ -634,6 +646,10 @@ static void tstream_cli_np_readv_read_next(struct tevent_req *req) state-ret += len; } + if (cli_nps-read.left == 0) { + TALLOC_FREE(cli_nps-read.buf); + } + if (state-count == 0) { tevent_req_done(req); return; @@ -652,7 +668,7 @@ static void tstream_cli_np_readv_read_next(struct tevent_req *req) } subreq = cli_read_andx_send(state, state-ev, cli_nps-cli, - cli_nps-fnum, 0, TSTREAM_CLI_NP_BUF_SIZE); + cli_nps-fnum, 0, TSTREAM_CLI_NP_MAX_BUF_SIZE); if (tevent_req_nomem(subreq, req)) { return; } @@ -688,7 +704,7 @@ static void tstream_cli_np_readv_trans_start(struct tevent_req *req) NULL, 0, 0, cli_nps-write.buf, cli_nps-write.ofs, - TSTREAM_CLI_NP_BUF_SIZE); +
[SCM] Samba GTK+ frontends branch, master, updated. 24754212686ec29c642935141c808f01a8585707
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project Samba GTK+ frontends. The branch, master has been updated via 24754212686ec29c642935141c808f01a8585707 (commit) from 6562872939757f79ee961ff0ce4a8514d90cbd54 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - commit 24754212686ec29c642935141c808f01a8585707 Author: Jelmer Vernooij jel...@samba.org Date: Wed Jun 8 18:07:33 2011 +0100 Fix imports. --- Summary of changes: sambagtk/atsvc.py |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) hooks/post-receive -- Samba GTK+ frontends
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 19213b8 Ensure when creating a directory, if we make any changes due to inheritance parameters, we update the stat returned. via c6bc1ee Part 4 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs from 0931147 s3:selftest: add a few more raw.* tests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 19213b83d6cd5a7deeb6fab8d9fde304290a447c Author: Jeremy Allison j...@samba.org Date: Wed Jun 8 14:36:12 2011 -0700 Ensure when creating a directory, if we make any changes due to inheritance parameters, we update the stat returned. Autobuild-User: Jeremy Allison j...@samba.org Autobuild-Date: Thu Jun 9 00:46:39 CEST 2011 on sn-devel-104 commit c6bc1eeb7b93fde84dae5d81eedd0610aef1726e Author: Jeremy Allison j...@samba.org Date: Wed Jun 8 14:26:02 2011 -0700 Part 4 of bugfix for #8211 - inherit owner = yes doesn't interact correctly with inherit permissions = yes and POSIX ACLs We don't need to check mode bits as well as dev/ino to ensure we're in the same place. --- Summary of changes: source3/smbd/open.c | 17 ++--- 1 files changed, 14 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 3603a81..06de8ab 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -318,10 +318,9 @@ NTSTATUS change_dir_owner_to_parent(connection_struct *conn, /* Ensure we're pointing at the same place. */ if (smb_fname_cwd-st.st_ex_dev != psbuf-st_ex_dev || - smb_fname_cwd-st.st_ex_ino != psbuf-st_ex_ino || - smb_fname_cwd-st.st_ex_mode != psbuf-st_ex_mode ) { + smb_fname_cwd-st.st_ex_ino != psbuf-st_ex_ino) { DEBUG(0,(change_dir_owner_to_parent: -device/inode/mode on directory %s changed. +device/inode on directory %s changed. Refusing to chown !\n, fname )); status = NT_STATUS_ACCESS_DENIED; goto chdir; @@ -2569,6 +2568,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn, char *parent_dir; NTSTATUS status; bool posix_open = false; + bool need_re_stat = false; if(!CAN_WRITE(conn)) { DEBUG(5,(mkdir_internal: failing create on read-only share @@ -2623,6 +2623,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn, if (lp_inherit_perms(SNUM(conn))) { inherit_access_posix_acl(conn, parent_dir, smb_dname-base_name, mode); + need_re_stat = true; } if (!posix_open) { @@ -2637,6 +2638,7 @@ static NTSTATUS mkdir_internal(connection_struct *conn, SMB_VFS_CHMOD(conn, smb_dname-base_name, (smb_dname-st.st_ex_mode | (mode ~smb_dname-st.st_ex_mode))); + need_re_stat = true; } } @@ -2645,6 +2647,15 @@ static NTSTATUS mkdir_internal(connection_struct *conn, change_dir_owner_to_parent(conn, parent_dir, smb_dname-base_name, smb_dname-st); + need_re_stat = true; + } + + if (need_re_stat) { + if (SMB_VFS_LSTAT(conn, smb_dname) == -1) { + DEBUG(2, (Could not stat directory '%s' just created: %s\n, + smb_fname_str_dbg(smb_dname), strerror(errno))); + return map_nt_error_from_unix(errno); + } } notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME, -- Samba Shared Repository