Help needed: failure to set posix ACL in s3fs

Andrew Bartlett abartlet at samba.org
Tue May 8 16:00:07 MDT 2012


Using my master-devel branch, I've been testing creating a new group
policy object (from Windows 7 RSAT)

Attached is the log I get at level 10, with the failure to set the
default directory ACL (after successfully setting the file ACL, with
what appears to be the same values).

If someone who understands this code better than I could have a look, I
would most appreciate it, as this is the primary blocker before we can
think about enabling s3fs.

Thanks,

/data/samba-2/bin/smbd: pop_sec_ctx (0, 100) - sec_ctx_stack_ndx = 0
/data/samba-2/bin/smbd: lookup_name: Unix User\3000007 => domain=[Unix User], name=[3000007]
/data/samba-2/bin/smbd: lookup_name: flags = 0x073
/data/samba-2/bin/smbd: Finding user 3000007
/data/samba-2/bin/smbd: Trying _Get_Pwnam(), username as lowercase is 3000007
/data/samba-2/bin/smbd: Checking combinations of 0 uppercase letters in 3000007
/data/samba-2/bin/smbd: Get_Pwnam_internals didn't find user [3000007]!
/data/samba-2/bin/smbd: lookup_name_smbconf for 3000007 failed
/data/samba-2/bin/smbd: could not create token for 3000007
/data/samba-2/bin/smbd: print_canon_ace_list: dir ace - before valid
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: print_canon_ace_list: file ace - return
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 uid 3000007 (3000007) SMB_ACL_USER ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 6. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 7. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x0 perms r-x
/data/samba-2/bin/smbd: canon_ace index 8. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x0 perms r-x
/data/samba-2/bin/smbd: print_canon_ace_list: dir ace - return
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 6. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx
/data/samba-2/bin/smbd: canon_ace index 7. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 8. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: canon_ace index 9. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: push_sec_ctx(0, 100) : sec_ctx_stack_ndx = 1
/data/samba-2/bin/smbd: push_conn_ctx(22411) : conn_ctx_stack_ndx = 0
/data/samba-2/bin/smbd: setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
/data/samba-2/bin/smbd: Security token: (NULL)
/data/samba-2/bin/smbd: UNIX token of user 0
/data/samba-2/bin/smbd: Primary group is 0 and contains 0 supplementary groups
/data/samba-2/bin/smbd: set_canon_ace_list: setting ACL:
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 uid 3000007 (3000007) SMB_ACL_USER ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 6. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 7. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x0 perms r-x
/data/samba-2/bin/smbd: canon_ace index 8. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x0 perms r-x
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 uid 3000007 (3000007) SMB_ACL_USER ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 6. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 7. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x0 perms r-x
/data/samba-2/bin/smbd: canon_ace index 8. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x0 perms r-x
/data/samba-2/bin/smbd: Calling acl_set_file: s4.obed.abartlet.net/Policies/{7D8C9D69-93CB-40AB-900E-F2AF57170730}, 0
/data/samba-2/bin/smbd: push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
/data/samba-2/bin/smbd: push_conn_ctx(22411) : conn_ctx_stack_ndx = 1
/data/samba-2/bin/smbd: setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
/data/samba-2/bin/smbd: Security token: (NULL)
/data/samba-2/bin/smbd: UNIX token of user 0
/data/samba-2/bin/smbd: Primary group is 0 and contains 0 supplementary groups
/data/samba-2/bin/smbd: pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
/data/samba-2/bin/smbd: pop_sec_ctx (0, 100) - sec_ctx_stack_ndx = 0
/data/samba-2/bin/smbd: push_sec_ctx(0, 100) : sec_ctx_stack_ndx = 1
/data/samba-2/bin/smbd: push_conn_ctx(22411) : conn_ctx_stack_ndx = 0
/data/samba-2/bin/smbd: setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
/data/samba-2/bin/smbd: Security token: (NULL)
/data/samba-2/bin/smbd: UNIX token of user 0
/data/samba-2/bin/smbd: Primary group is 0 and contains 0 supplementary groups
/data/samba-2/bin/smbd: set_canon_ace_list: setting ACL:
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 6. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx
/data/samba-2/bin/smbd: canon_ace index 7. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 8. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: canon_ace index 9. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: canon_ace index 0. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 1. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER ace_flags = 0x0 perms rwx
/data/samba-2/bin/smbd: canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 3. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms ---
/data/samba-2/bin/smbd: canon_ace index 4. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-512 gid 3000007 (3000007) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 5. Type = allow SID = S-1-5-21-4177067393-1453636373-93818737-519 gid 3000005 (3000005) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 6. Type = allow SID = S-1-3-0 uid 3000007 (3000007) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx
/data/samba-2/bin/smbd: canon_ace index 7. Type = allow SID = S-1-5-18 gid 3000066 (3000066) SMB_ACL_GROUP ace_flags = 0x3 perms rwx
/data/samba-2/bin/smbd: canon_ace index 8. Type = allow SID = S-1-5-11 gid 3000002 (3000002) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: canon_ace index 9. Type = allow SID = S-1-5-9 gid 3000067 (3000067) SMB_ACL_GROUP ace_flags = 0x3 perms r-x
/data/samba-2/bin/smbd: Calling acl_set_file: s4.obed.abartlet.net/Policies/{7D8C9D69-93CB-40AB-900E-F2AF57170730}, 1

/data/samba-2/bin/smbd: smb_acl_to_posix: ACL group:3000007:---
/data/samba-2/bin/smbd: user:3000007:rwx
/data/samba-2/bin/smbd: other::---
/data/samba-2/bin/smbd: group::---
/data/samba-2/bin/smbd: group:3000007:rwx
/data/samba-2/bin/smbd: group:3000005:rwx
/data/samba-2/bin/smbd: user::rwx
/data/samba-2/bin/smbd: group:3000066:rwx
/data/samba-2/bin/smbd: group:3000002:r-x
/data/samba-2/bin/smbd: group:3000067:r-x
/data/samba-2/bin/smbd: mask::rwx
/data/samba-2/bin/smbd:  is invalid for set (Invalid argument)
/data/samba-2/bin/smbd: set_canon_ace_list: sys_acl_set_file type directory default failed for file s4.obed.abartlet.net/Policies/{7D8C9D69-93CB-40AB-900E-F2AF57170730} (Invalid argument).
/data/samba-2/bin/smbd: pop_sec_ctx (0, 100) - sec_ctx_stack_ndx = 0
/data/samba-2/bin/smbd: set_nt_acl: failed to set default acl on directory s4.obed.abartlet.net/Policies/{7D8C9D69-93CB-40AB-900E-F2AF57170730} (Invalid argument).
/data/samba-2/bin/smbd: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_INVALID_PARAMETER] || at ../source3/smbd/smb2_setinfo.c:127
/data/samba-2/bin/smbd: smbd_smb2_request_done_ex: idx[1] status[NT_STATUS_INVALID_PARAMETER] body[8] dyn[yes:1] at ../source3/smbd/smb2_server.c:2180


-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org



More information about the samba-technical mailing list