classicupgrade and sysvol acls

Sergey Urushkin urushkin at telros.ru
Fri Aug 24 03:38:51 MDT 2012


24.08.2012 13:16, Andrew Bartlett пишет:
> On Fri, 2012-08-24 at 11:46 +0400, Sergey Urushkin wrote:
>> Hi.
>> Just tried classicupgrade with latest master and got this:
>>
>> ...
>> Setting up sam.ldb data
>> Setting up well known security principals
>> Setting up sam.ldb users and groups
>> Setting up self join
>> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER.
>> ERROR(runtime): uncaught exception - (-1073741734,
>> 'NT_STATUS_INVALID_OWNER')
> We need to work out what the invalid owner is, and why it is invalid.
> I'm guessing is may be to do with a imported ID being fixed as a group
> when we need it to be IDMAP_BOTH, but that's just a first guess.
>
> I'll start by pushing more information into that error message. 
Please, let me know when I could test it.
>> Clean provision works fine. Sysvol acls after this error seem to be the
>> same as after a clean provision:
>>
>> # getfacl /usr/local/samba/var/locks/sysvol
>> getfacl: Removing leading '/' from absolute path names
>> # file: usr/local/samba/var/locks/sysvol
>> # owner: 500
>> # group: 544
>> user::rwx
>> user:500:rwx
>> group::rwx
>> group:544:rwx
>> group:549:r-x
>> group:3000006:r-x
>> group:3000008:rwx
>> mask::rwx
>> other::---
> As the ACLs are not removed by anything (only overwritten - if anybody
> can give me the C code to remove a posix ACL I would be most grateful)
> this isn't a good guide.
>
If saw you right - I want to say that private and sysvol directories
were removed before classicupgrade, so these dirs and ACLs are actually new.

-- 
Best regards,
Sergey Urushkin



More information about the samba-technical mailing list