[Samba-it] Problema dopo un aggiornamento di versione

Giorgio Volpe giorgio at movi.fvg.it
Wed Apr 22 02:58:57 MDT 2009


Ciao a tutti

dopo aver aggiornato samba, aggiornando il mio file server (dalla 
versione del pacchetto debian 2:3.2.5-4 alla  2:3.3.2-1), non riesco più 
ad accedere ad una delle due share dai client windows XP.
La cosa strana è che le definizioni sono identiche, solo una dovrebbe 
essere accessibile ad un gruppo e l'altra d un'altro.

Ho provato anche a definire valid user con la nuova sintassi 
+"DOMAIN\group" ma non cambia nulla!

Qualche idea?

Grazie mille
                                    Giorgio



Definizione in smb.conf:

[documenti_movi]
        path = /home/documenti_movi
        valid users = @staffmovi
        read only = No
        create mask = 0770
        directory mask = 0770
        case sensitive = No

[documenti_csv]
        path = /home/csv/documenti
        valid users = @csv
        read only = No
        create mask = 0770
        directory mask = 0770
        case sensitive = No

Le due directory sono rwx per i rispettivi gruppi.

I gruppi sono definiti in /etc/group

    staffmovi:x:113:giorgio,boris,alberto,annamaria,simona.celotti,martina,franco,giovanna
    csv:x:1005:giorgio,franco,simona.celotti


Per esempio, eseguendo 'id giorgio':

    uid=1000(giorgio) gid=1000(giorgio)
    gruppi=24(cdrom),113(staffmovi),1005(csv),1000(giorgio)


Ed ecco cosa trovo nel log quando provo ad accedere alle due share

Accesso a documenti_movi:

[2009/04/20 11:06:59,  3] smbd/process.c:switch_message(1378)
  switch message SMBtconX (pid 27040) conn 0x0
[2009/04/20 11:06:59,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/04/20 11:06:59,  5] auth/token_util.c:debug_nt_user_token(522)
  NT user token: (NULL)
[2009/04/20 11:06:59,  5] auth/token_util.c:debug_unix_user_token(548)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2009/04/20 11:06:59,  5] smbd/uid.c:change_to_root_user(318)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2009/04/20 11:06:59,  4] smbd/reply.c:reply_tcon_and_X(715)
  Client requested device type [?????] for share [DOCUMENTI_MOVI]
[2009/04/20 11:06:59,  5] smbd/service.c:make_connection(1298)
  making a connection to 'normal' service documenti_movi
[2009/04/20 11:06:59,  3] lib/util_sid.c:string_to_sid(228)
  string_to_sid: Sid @staffmovi does not start with 'S-'.
[2009/04/20 11:06:59,  5] smbd/password.c:user_in_netgroup(425)
  Unable to get default yp domain, let's try without specifying it
[2009/04/20 11:06:59,  5] smbd/password.c:user_in_netgroup(429)
  looking for user giorgio of domain (ANY) in netgroup staffmovi
[2009/04/20 11:06:59,  5] smbd/password.c:user_in_netgroup(445)
  looking for user giorgio of domain (ANY) in netgroup staffmovi
[2009/04/20 11:06:59, 10] passdb/lookup_sid.c:lookup_name(69)
  lookup_name: MOVI\staffmovi => MOVI (domain), staffmovi (name)
[2009/04/20 11:06:59, 10] passdb/lookup_sid.c:lookup_name(70)
  lookup_name: flags = 0x077
[2009/04/20 11:06:59,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/04/20 11:06:59,  3] smbd/uid.c:push_conn_ctx(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/04/20 11:06:59,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/04/20 11:06:59,  5] auth/token_util.c:debug_nt_user_token(522)
  NT user token: (NULL)
[2009/04/20 11:06:59,  5] auth/token_util.c:debug_unix_user_token(548)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2009/04/20 11:06:59,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/04/20 11:06:59, 10] passdb/lookup_sid.c:lookup_name(69)
  lookup_name: Unix Group\staffmovi => Unix Group (domain), staffmovi (name)
[2009/04/20 11:06:59, 10] passdb/lookup_sid.c:lookup_name(70)
  lookup_name: flags = 0x077
[2009/04/20 11:06:59, 10] smbd/share_access.c:user_ok_token(212)
  User giorgio not in 'valid users'
[2009/04/20 11:06:59,  2] smbd/service.c:create_connection_server_info(659)
  user 'giorgio' (from session setup) not permitted to access this share 
(documenti_movi)

	Accesso a docuemnti_csv:

[2009/04/20 11:13:15,  3] smbd/process.c:switch_message(1378)
  switch message SMBtconX (pid 27200) conn 0x0
[2009/04/20 11:13:15,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/04/20 11:13:15,  5] auth/token_util.c:debug_nt_user_token(522)
  NT user token: (NULL)
[2009/04/20 11:13:15,  5] auth/token_util.c:debug_unix_user_token(548)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2009/04/20 11:13:15,  5] smbd/uid.c:change_to_root_user(318)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2009/04/20 11:13:15,  4] smbd/reply.c:reply_tcon_and_X(715)
  Client requested device type [?????] for share [DOCUMENTI_CSV]
[2009/04/20 11:13:15,  5] smbd/service.c:make_connection(1298)
  making a connection to 'normal' service documenti_csv
[2009/04/20 11:13:15,  3] lib/util_sid.c:string_to_sid(228)
  string_to_sid: Sid @csv does not start with 'S-'.
[2009/04/20 11:13:15,  5] smbd/password.c:user_in_netgroup(425)
  Unable to get default yp domain, let's try without specifying it
[2009/04/20 11:13:15,  5] smbd/password.c:user_in_netgroup(429)
  looking for user giorgio of domain (ANY) in netgroup csv
[2009/04/20 11:13:15,  5] smbd/password.c:user_in_netgroup(445)
  looking for user giorgio of domain (ANY) in netgroup csv
[2009/04/20 11:13:15, 10] passdb/lookup_sid.c:lookup_name(69)
  lookup_name: MOVI\csv => MOVI (domain), csv (name)
[2009/04/20 11:13:15, 10] passdb/lookup_sid.c:lookup_name(70)
  lookup_name: flags = 0x077
[2009/04/20 11:13:15,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/04/20 11:13:15,  3] smbd/uid.c:push_conn_ctx(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/04/20 11:13:15,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/04/20 11:13:15,  5] auth/token_util.c:debug_nt_user_token(522)
  NT user token: (NULL)
[2009/04/20 11:13:15,  5] auth/token_util.c:debug_unix_user_token(548)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2009/04/20 11:13:15,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/04/20 11:13:15, 10] passdb/lookup_sid.c:lookup_name(69)
  lookup_name: Unix Group\csv => Unix Group (domain), csv (name)
[2009/04/20 11:13:15, 10] passdb/lookup_sid.c:lookup_name(70)
  lookup_name: flags = 0x077
[2009/04/20 11:13:15, 10] smbd/share_access.c:user_ok_token(234)
  user_ok_token: share documenti_csv is ok for unix user giorgio




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/samba-it/attachments/20090422/9250caa9/attachment.html>


More information about the samba-it mailing list