FW: [Samba] Trouble with ACLs
Michael St. Laurent
mikes at hartwellcorp.com
Tue May 25 16:21:14 GMT 2004
Well, I screwed around a bit and after doing a "wbinfo -u" and a "wbinfo -g"
I stopped getting the "unable to map SID" error. Now I'm getting a
different error. ;-D
[2004/05/25 09:09:34, 3] smbd/dosmode.c:unix_mode(111)
unix_mode(FC2-i386-disc1.iso) returning 0744
[2004/05/25 09:09:34, 3]
smbd/posix_acls.c:convert_canon_ace_to_posix_perms(2500)
convert_canon_ace_to_posix_perms: Too many ACE entries for file
FC2-i386-disc1.iso to convert to posix perms.
[2004/05/25 09:09:34, 3] smbd/posix_acls.c:set_nt_acl(3141) set_nt_acl:
failed to convert file acl to posix permissions for file FC2-i386-disc1.iso.
[2004/05/25 09:09:34, 3] smbd/error.c:error_packet(94) error string =
Function not implemented
[2004/05/25 09:09:34, 3] smbd/error.c:error_packet(118) error packet at
smbd/nttrans.c(1827) cmd=160 (SMBnttrans) NT_STATUS_ACCESS_DENIED
Here's the getfacl for the file in question:
[root at hart-nas redhat]# getfacl FC2-i386-disc1.iso
# file: FC2-i386-disc1.iso
# owner: root
# group: mis
user::rw-
group::rw-
other::rw-
As you can see it's a pretty basic situation. I'm just trying to add one
user to the ACL list and give them modify permissions. It occured to me
that the problem *might* be that I was not the owner of the file and so I
corrected that situation but still got exactly the same results in the log
file.
Michael St. Laurent <mailto:mikes at hartwellcorp.com> wrote:
> I've got ACLs enabled in the kernel now and I can add and/or remove
> them using the unix command line program (setfacl/getfacl). However,
> there still seems to be a problem. When I try to add an ACL type
> permission to a file (through Samba) I get the following in the log
> file:
>
> [2004/05/24 18:14:57, 0]
> smbd/posix_acls.c:create_canon_ace_lists(1381)
> create_canon_ace_lists: unable to map SID
> S-1-5-21-356471451-824197641-1237804090-1180 to uid or gid.
>
> I'm fairly certain that Samba was compiled with the --with-acl-support
> option so I think the problem is with my smb.conf file.
>
> Below is the relevant section:
>
> [global]
> workgroup = MERCURY
> server string = Hart-NAS Storage Server
> security = DOMAIN
> encrypt passwords = Yes
> password server = *
> winbind trusted domains only = Yes
> idmap gid = 30000-40000
> idmap uid = 30000-40000
> log file = /var/log/samba/log.%m
> log level = 0
> max log size = 50
> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
> SO_SNDBUF=8192
> load printers = No
> printcap name = /etc/samba/smbprinters
> add user script = /usr/local/sbin/add_smb_user %u
> os level = 0
> local master = No
> dns proxy = No
> wins server = 10.11.10.6
> write cache size = 524288
> max xmit = 65535
>
> --
> Michael St. Laurent
> Hartwell Corporation
--
Michael St. Laurent
Hartwell Corporation
More information about the samba
mailing list