Samba package 4.9.x samba smbd not playing with winbind.

Andreas Hasenack andreas at canonical.com
Sun Dec 2 12:41:14 UTC 2018


> I have no winbindd at all on the system:
>
> [root at fserver ~]# rpm -qa|grep winbind
> <empty output>

Thanks for replying.

I think there has been a misunderstanding in this whole thread. Let me
restate the issue.

In 4.9.x (at least .2 and .3), when winbind is running, smbd will fail
to start in standalone mode ("security = user").

I think when people read that, and saw "winbind is running", they
assumed domain security. This is not the case. It just so happens that
winbind was installed and running.

And it fails in fedora29 too, I just tried:

andreas at nsnx:~$ lxc launch images:fedora/29 fedora29
Creating fedora29
Starting fedora29
andreas at nsnx:~$ lxc exec fedora29 bash
[root at fedora29 ~]# dnf update -y && dnf install -y samba-winbind
samba-client samba
...
[root at fedora29 ~]# service winbind start
Redirecting to /bin/systemctl start winbind.service

[root at fedora29 ~]# systemctl start smb
Job for smb.service failed because the control process exited with error code.
See "systemctl status smb.service" and "journalctl -xe" for details.
[root at fedora29 ~]# journalctl -u smb
-- Logs begin at Sun 2018-12-02 12:30:19 UTC, end at Sun 2018-12-02
12:33:06 UTC. --
Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Failed to reset
devices.list: Operation not permitted
Dec 02 12:33:06 fedora29 systemd[1]: Starting Samba SMB Daemon...
Dec 02 12:33:06 fedora29 smbd[247]: [2018/12/02 12:33:06.278094,  0]
../source3/auth/auth_util.c:1382(make_new_session_info_guest)
Dec 02 12:33:06 fedora29 smbd[247]:   create_local_token failed:
NT_STATUS_ACCESS_DENIED
Dec 02 12:33:06 fedora29 smbd[247]: [2018/12/02 12:33:06.278480,  0]
../source3/smbd/server.c:2000(main)
Dec 02 12:33:06 fedora29 smbd[247]:   ERROR: failed to setup guest info.
Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Main process exited,
code=exited, status=255/n/a
Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Killing process 249
(smbd-notifyd) with signal SIGKILL.
Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Killing process 250
(cleanupd) with signal SIGKILL.
Dec 02 12:33:06 fedora29 systemd[1]: smb.service: Failed with result
'exit-code'.
Dec 02 12:33:06 fedora29 systemd[1]: Failed to start Samba SMB Daemon.

[root at fedora29 ~]# rpm -qa|grep samba
samba-client-libs-4.9.3-0.fc29.x86_64
samba-common-tools-4.9.3-0.fc29.x86_64
samba-winbind-4.9.3-0.fc29.x86_64
samba-common-libs-4.9.3-0.fc29.x86_64
samba-libs-4.9.3-0.fc29.x86_64
samba-winbind-modules-4.9.3-0.fc29.x86_64
samba-client-4.9.3-0.fc29.x86_64
samba-4.9.3-0.fc29.x86_64
samba-common-4.9.3-0.fc29.noarch

[root at fedora29 ~]# cat /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
workgroup = SAMBA
security = user

passdb backend = tdbsam

printing = cups
printcap name = cups
load printers = yes
cups options = raw

[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes

[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775



More information about the samba-technical mailing list