[Samba] chown: changing ownership of 'test': Invalid argument
L.P.H. van Belle
belle at bazuin.nl
Wed Apr 10 07:37:51 UTC 2019
Hai Ian,
Can you run my setup debugger..
https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh
Anonimize where needed and post output.
Because when i run this, it works fine.
chown -v username test-own.txt
changed ownership of 'test-own.txt' from root to username
And yes, this user only exist in AD.
Check if attr and acl are installed also.
And if the smb.conf below is complete then your missing:
# For ACL support on member servers with shares
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
The difference between you and me, in smb.conf as far i can tell now.
Me backend AD. You RID.
Me
kerberos method = secrets and keytab
dedicated keytab file = /etc/krb5.keytab
winbind refresh tickets = yes
You ( only secrets )
I've just tested these versions because today my vpn needed the upgrades of samba also.
I've tested and upgraded from 4.8.9 upto 4.8.11, 4.9.6 and 4.10.2
It still might be a bug, but i need more info.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ian
> Coetzee via samba
> Verzonden: woensdag 10 april 2019 9:04
> Aan: Samba List
> Onderwerp: [Samba] chown: changing ownership of 'test':
> Invalid argument
>
> Hi All,
>
> I have a very weird issue on one of my servers. I think I
> might just be
> missing something quite obviously... I will post the config
> files at the
> bottom
>
> I have a brand new Debian server running as an LXC container
>
> > root at ho-vpn-ctx-ac01:~# lsb_release -a
> > No LSB modules are available.
> > Distributor ID: Debian
> > Description: Debian GNU/Linux 9.8 (stretch)
> > Release: 9.8
> > Codename: stretch
> > root at ho-vpn-ctx-ac01:~# uname -a
> > Linux ho-vpn-ctx-ac01 4.15.18-12-pve #1 SMP PVE 4.15.18-35
> (Wed, 13 Mar
> > 2019 08:24:42 +0100) x86_64 GNU/Linux
> > root at ho-vpn-ctx-ac01:~#
> >
>
> I am running said server as a domain member using the latest
> packages in
> Louis' 4.9 branch
>
> > root at ho-vpn-ctx-ac01:~# net -V
> > Version 4.9.6-Debian
> > root at ho-vpn-ctx-ac01:~# net ads testjoin
> > Join is OK
> >
>
> The join seems to be good, nsswitch is working
>
> > root at ho-vpn-ctx-ac01:~# wbinfo -i ianc
> > ianc:*:3201407:3200513::/home/JEOFFICE/ianc:/bin/bash
> > root at ho-vpn-ctx-ac01:~# getent passwd ianc
> > ianc:*:3201407:3200513::/home/JEOFFICE/ianc:/bin/bash
> >
>
> Yet when I try to change the ownership of a file to a domain user, it
> fails with "Invalid argument"
>
> > root at ho-vpn-ctx-ac01:~# chown -v ianc test
> > chown: changing ownership of 'test': Invalid argument
> > failed to change ownership of 'test' from root to ianc
> > root at ho-vpn-ctx-ac01:~# chown -v jeadmin test
> > changed ownership of 'test' from root to jeadmin
> > root at ho-vpn-ctx-ac01:~# getent passwd jeadmin
> > jeadmin:x:1000:27::/home/jeadmin:/bin/bash
> >
>
> It works however when changing to a local user. So it looks
> like the issue
> might be in samba. This is the first time I have had this
> problem after
> quite a few other servers (a mix between CentOS, Debian and
> Ubuntu) has
> already been joined to the domain using the exact same smb.conf.
>
> On a side note, I am also unable to log into the server using domain
> credentials, which I am currently attributing to the same cause.
>
> Can you guys maybe point me in the right direction where I
> might start to
> troubleshoot further?
>
> Kind regards
> Ian
>
> Configs:
>
> root at ho-vpn-ctx-ac01:~# cat /etc/samba/smb.conf
> [global]
> workgroup = JEOFFICE
> realm = JEOFFICE.JACKLIN.CO.ZA
> security = ADS
> template homedir = /home/%D/%U
> template shell = /bin/bash
> kerberos method = secrets only
> winbind use default domain = true
> # winbind offline logon = true
> winbind enum groups = true
>
> netbios name = ho-vpn-ctx-ac01
>
> log file = /var/log/samba/%m.log
> log level = 1
>
> # Default ID mapping configuration for local BUILTIN accounts
> # and groups on a domain member. The default (*) domain:
> # - must not overlap with any domain ID mapping configuration!
> # - must use an read-write-enabled back end, such as tdb.
> idmap config * : backend = tdb
> idmap config * : range = 70001-80000
> idmap config JEOFFICE : backend = rid
> idmap config JEOFFICE : range = 3200000-3300000
>
> winbind nss info = template
> root at ho-vpn-ctx-ac01:~# cat /etc/nsswitch.conf
> # /etc/nsswitch.conf
> #
> # Example configuration of GNU Name Service Switch functionality.
> # If you have the `glibc-doc-reference' and `info' packages
> installed, try:
> # `info libc "Name Service Switch"' for information about this file.
>
> passwd: compat winbind
> group: compat winbind
> shadow: compat
> gshadow: files
>
> hosts: files dns
> networks: files
>
> protocols: db files
> services: db files
> ethers: db files
> rpc: db files
>
> netgroup: nis
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list