[Samba] CTDB -- manually setting winbind uid with wbinfo
Hi We have a ctdb cluster setup as follows ctdb version -- surprisingly difficult to determine. I think it is 1.0.99 (dragged from a include file somewhere, I forget where exactly ). If anyone can tell me how to determine this proberly then I would be pleased to know. samba version 3.5.8 I was hoping to be able to set the UID to SID mapping manually using the following procedure. get the SID: wbinfo -n domain\\username S-1-5-21-1117850145--XXX-220398 SID_USER (1) Then set the SID to map to a desired UID rather than the random one chosen [root@filer01-ph ctdb]# wbinfo --set-uid-mapping=198000,S-1-5-21-1117850145--XXX-220398 Could not create or modify uid to sid mapping [root@filer01-ph ctdb] I have tried deleting the old mapping beforehand and clearing the cache [root@filer01-ph ctdb]# wbinfo -i domain\\username username:*:10:12::/home/domain/username:/bin/false [root@filer01-ph ctdb] [root@filer01-ph ctdb]# net cache flush [root@filer01-ph ctdb]# net cache list [root@filer01-ph ctdb]# [root@filer01-ph ctdb]# wbinfo --remove-uid-mapping=10,S-1-5-21-1117850145--XXX-220398 Could not remove uid to sid mapping [root@filer01-ph ctdb]# [root@filer01-ph ctdb]# wbinfo --set-uid-mapping=198000,S-1-5-21-1117850145--XXX-220398 Could not create or modify uid to sid mapping [root@filer01-ph ctdb] Is this a bug or am I misunderstanding how the SID to UID mapping works. Relevant bits of the smb.conf are below Thanks Bob usershare allow guests = No idmap uid = 10-20 idmap gid = 10-20 winbind rpc only = yes winbind enum users = yes winbind enum groups = yes client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes winbind refresh tickets = yes restrict anonymous = 2 template homedir = /home/%D/%U template shell = /bin/false -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ACLs passwd file and winbind.
command = queueresume command = printer name = use client driver = No default devmode = Yes force printername = No printjob username = %U default case = lower case sensitive = Auto preserve case = Yes short preserve case = Yes mangling char = ~ hide dot files = Yes hide special files = No hide unreadable = No hide unwriteable files = No delete veto files = No veto files = hide files = veto oplock files = map archive = Yes map hidden = No map system = No map readonly = yes mangled names = Yes store dos attributes = No dmapi support = No browseable = Yes access based share enum = No blocking locks = Yes csc policy = manual fake oplocks = No locking = Yes oplocks = Yes level2 oplocks = Yes oplock contention limit = 2 posix locking = Yes strict locking = Auto share modes = Yes dfree cache time = 0 dfree command = copy = preexec = preexec close = No postexec = root preexec = root preexec close = No root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = No follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filemode = No dos filetimes = Yes dos filetime resolution = No fake directory create times = No vfs objects = gpfs, fileid msdfs root = No msdfs proxy = [ACRC] comment = ACRC Space for use and testing path = * valid users = *** read only = No inherit acls = Yes hosts allow = nfs4: acedup = merge nfs4: chown = yes nfs4: mode = special gpfs:winattr = No -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] kernel oplocks in ctdb environment
Hi Can anyone advise me on kernel oplocks in a ctdb cluster. I have a ctdb (GPFS is the parallel file system) setup that uses samba (3.5.8) for cifs and IBM CNFS for NFS. Reading the documentation on kernel oplocks it seems to me that I can export the same area via samba and NFS with kernel oplocks = Yes . My logic is that IBM CNFS has shared NFS locking information held on the shared filesystem, and therefore the kernel on each member of the ctdb cluster will be aware of any NFS locks. Samba with kernel oplocks = Yes should then not provide opportunistic locking to a CIFS client that want to access a file that has an NFS lock (giving an I/O error to that client??). Is this in fact what will happen? The ability to dual export area of the filesystem would be very useful, but I don't want to risk data corruption. Thanks for any advice. Bob -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] vfs_gpfs module errors
Hi Christian Thanks very much for your reply. The bug looks like an exact replica of my problem, including the use of robocopy. 3.5.8 seems to incorporate the fix. Having some problems upgrading in a ctdb setting at the moment, but will keep you posted. Bob Hi Bob, Bob Cregan bob.cre...@bristol.ac.uk wrote on 03/14/2011 02:48:25 PM: [2011/03/14 12:31:16.549084, 1] modules/vfs_gpfs.c:1099(vfs_gpfs_ntimes) vfs_gpfs_ntimes: set GPFS ntimes failed -1 The copy continues but is slow. All the timestamps seem reasonable for the data copied. This might be fixed with 3.5.7 with the fix for https://bugzilla.samba.org/show_bug.cgi?id=7498. You can try the patch that is attached to the defect and see if it helps. Regards, Christian -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] vfs_gpfs module errors
Christian Thanks. An upgrade to 3.5.8 indeed fixed the problem. Bob Hi Bob, Bob Cregan bob.cre...@bristol.ac.uk wrote on 03/14/2011 02:48:25 PM: [2011/03/14 12:31:16.549084, 1] modules/vfs_gpfs.c:1099(vfs_gpfs_ntimes) vfs_gpfs_ntimes: set GPFS ntimes failed -1 The copy continues but is slow. All the timestamps seem reasonable for the data copied. This might be fixed with 3.5.7 with the fix for https://bugzilla.samba.org/show_bug.cgi?id=7498. You can try the patch that is attached to the defect and see if it helps. Regards, Christian -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] vfs_gpfs module errors
Hi Volker Thanks for your reply. I've set this in both the share and the global section (I'm not sure about vfs directives in this respect) and the error remains. Thanks Bob On Mon, Mar 14, 2011 at 01:48:25PM +, Bob Cregan wrote: Hi I'm encountering an error with some of my Windows clients when using CTDB and samba to access a GPFS hosted share. We see the following error all the time. [2011/03/14 12:31:16.549084, 1] modules/vfs_gpfs.c:1099(vfs_gpfs_ntimes) vfs_gpfs_ntimes: set GPFS ntimes failed -1 Can you try the parameter gpfs:winattr=no? Volker -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] vfs_gpfs module errors
Hi I'm encountering an error with some of my Windows clients when using CTDB and samba to access a GPFS hosted share. We see the following error all the time. [2011/03/14 12:31:16.549084, 1] modules/vfs_gpfs.c:1099(vfs_gpfs_ntimes) vfs_gpfs_ntimes: set GPFS ntimes failed -1 The copy continues but is slow. All the timestamps seem reasonable for the data copied. The GPFS version is 3.3.0-9 and samba is 3.5.6 compiled from source with config line. $ ./configure --with-ctdb=/usr/local/src/ctdb --with-cluster-support --enable-pie=no --with-quotas --with-ads --with-static-modules=pdb_ldap,pdb_smbpasswd,pdb_tdbsam,rpc_lsarpc,rpc_winreg,rpc_initshutdown,rpc_dssetup,rpc_wkssvc,rpc_svcctl2,rpc_ntsvcs2,rc_netlogon,rpc_netdfs,rpc_srvsvc,rpc_spoolss,rpc_eventlog2,rpc_samr,idmap_tdb,idmap_passdb,idmap_nss,idmap_tdb2,nss_info_template,auth_sam,auth_unix,auth_winbind,auth_server,auth_domain,auth_builtin,vfs_default --prefix=/usr/local/samba-3.5.6 The gpfs module exists: ls -l /usr/local/samba-3.5.6/lib/vfs/gpfs.so -rwxr-xr-x 1 root root 58312 Jan 31 17:22 /usr/local/samba-3.5.6/lib/vfs/gpfs.so The global section has private dir = /RDSF_REPL/gpfs_admin/cifs_state/ clustering = yes idmap backend = tdb2 fileid:mapping = fsname vfs objects = gpfs fileid gpfs:sharemodes = No force unknown acl user = yes nfs4: mode = special nfs4: chown = yes nfs4: acedup = merge I have tried the setup with the following in the shares, and also with it absent. It seems to make no difference. vfs objects = gpfs fileid Has anyone come across this. I only see it for some clients. I have no direct control or access to the clients and so debug infor from them is a little difficult. Does anyone have any ideas? Thanks Bob -- Bob Cregan Senior Storage Systems Administrator ACRC Bristol University Tel: +44 (0) 117 331 4421 Mobile: +44 (0) 7712388129 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba