[Samba] AD + winbindd(8): group permissions being ignored ? WTF ?

Doug VanLeuven roamdad at sonic.net
Wed Aug 15 00:13:10 GMT 2007


Wilkinson, Alex wrote:
>     0n Mon, Aug 13, 2007 at 01:44:19AM -0700, Doug VanLeuven wrote: 
>
>     >Have a look and see if this report is relevant in your case (it's fairly
>     >long): >https://bugzilla.samba.org/show_bug.cgi?id=3990
>
> This is my *exact* problem. I am using version 3.0.25a,1.1. And looking at
> work/samba-3.0.25a/source/smbd/sec_ctx.c it looks like Björn Jacke's patch has
> not been included. So I proceed to apply the patch myself and run into:
>
>     # patch -p0 < group_fix_patch.txt
>     Hmm...  Looks like a unified diff to me...
>     The text leading up to this was:
>     --------------------------
>     |Index: source/smbd/sec_ctx.c
>     |===================================================================
>     |--- source/smbd/sec_ctx.c      (Revision 23033)
>     |+++ source/smbd/sec_ctx.c      (Arbeitskopie)
>     --------------------------
>     Patching file source/smbd/sec_ctx.c using Plan A...
>     Hunk #1 succeeded at 248 (offset 2 lines).
>     done
>     #
>
>     #cd /usr/ports/net/samba3/
>     #make install
>     ===>  Patching for samba-3.0.25a_1,1
>     ===>  Applying FreeBSD patches for samba-3.0.25a_1,1
>     1 out of 5 hunks failed--saving rejects to smbd/sec_ctx.c.rej
>     => Patch patch-smbd_sec_ctx.c failed to apply cleanly.
>     => Patch(es) patch-Makefile.in patch-client_client.c patch-configure.in
>     patch-include_includes.h patch-lib_ico
>     nv.c patch-lib_replace_libreplace_cc.m4 patch-nsswitch_pam_winbind.c
>     patch-nsswitch_winbindd.c patch-pam_smbpa
>     ss_pam_smb_auth.c patch-pam_smbpass_pam_smb_passwd.c patch-pam_smbpass_support.c
>     patch-script_installbin.sh.in
>      patch-script_installswat.sh patch-smbd_aio.c applied cleanly.
>     *** Error code 1
>
> I *really* need this patch so that I can manage shared data via AD groups.
> Can anyone lend a helping hand in making samba compile in FreeBSD ports with the
> following patch [http://marc.info/?l=samba-technical&m=117976475614078&w=2] 
Hi,
I don't use FreeBSD, but it looks like the make first applies FreeBSD 
patches against the main samba release.  What's failing is the patch 
against the very same file that you patched with "group_fix_patch.txt".  
You need to look at "smbd/sec_ctx.c.rej" and see if what is failing is 
an attempt to apply the very same patch a second time.

You mentioned you were using 3.0.25a.  I believed this fix was applied 
to 3.0.25b and later.  But then again.

I've been having some issues with secondary groups in opensuse 10.2, 
samba 3.0.25b-1.1.72-1411-SUSE-SL10.2 , but haven't isolated what 
exactly is my issue.  On FC-5 samba 3.0.25c-SVN-build-23735 everything 
seems to be OK.

:I use:
        security = ADS
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind nss info = sfu
        idmap domains = FOREST, SAMBA
        idmap config FOREST:readonly = yes
        idmap config FOREST:schema_mode = sfu
        idmap config FOREST:backend = ad
        idmap config SAMBA:readonly = yes
        idmap config SAMBA:backend = nss

The NIS plugin ought to work as well.

Regards, Doug




More information about the samba mailing list