[Samba] Cannot rename directory - Samba acting two different ways on identical systems

Adrian Levi adrian.levi at gmail.com
Thu Jan 20 03:30:20 MST 2011 

On 20 January 2011 15:17, Ben Sigman <ben at rentageekla.com> wrote:

Hi Ben, I's been 4 hours and nobody has replied yet so I'll bite.
IMHO, most (many) Samba issues can be resolved by correcting your
Linux pernissions and groups for your users.

> Ubuntu Samba server running Version 3.4.0

[...]

> The annoying mystery here is that these little bugs are annoying users and taking up precious time... Most recently, Mac1 (OS X 10.6.5 smb Version 3.0.28a-apple) is able to change a directory's name and Mac2 isn't able to rename SAME directory:
>
> Both Mac1 and Mac2 have:
> SAME OS X 10.6.5
> SAME version of Samba = Version 3.0.28a-apple
> SAME samba user account authenticated (user1)
> SAME method of accessing server (IP - not Bonjour)
>
> I have also tested this from a PC... and I've verified that the permissions mapping to the local user account is 0770 when I stat it from the terminal on both Mac1 and Mac2. So, it doesn't appear to be a permissions issue since the permissions on both computers are:
>
> drwxrwx---   2 Mac1localuser  staff     16384 Jan 17 14:48 FOLDERR
>
> drwxrwx---   2 Mac2localuser  staff     16384 Jan 17 14:52 FOLDERR

What is the location of this test directories?
If both of these folders are trying to be changed by the same user
account why are both of these directories owned by different users?
I'm assuming that Mac1localuser and Mac2localuser both belong to the
staff group on the Samba server?


> Can anyone help me begin troubleshooting this?
>
> I'd really like for smb to be completely reliable...
>
> Here is copy of the log.smbd @ log level 3 - I have excerpted the section regarding renaming the directory:
>
> ------
> WHEN RENAME FAILS (Mac 2):
> ------
>
> [2011/01/19 19:56:32,  3] smbd/reply.c:5949(rename_internals)
>  rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = data/FOLDERR, newname = data/FOLDER, last_component_dest = FOLDER
> [2011/01/19 19:56:32,  3] smbd/vfs.c:865(check_reduced_name)
>  reduce_name [data/FOLDERR] [/mnt/store]
> [2011/01/19 19:56:32,  3] smbd/vfs.c:974(check_reduced_name)
>  reduce_name: data/FOLDERR reduced to /mnt/store/data/FOLDERR
> [2011/01/19 19:56:32,  3] smbd/vfs.c:865(check_reduced_name)
>  reduce_name [data/FOLDER] [/mnt/store]
> [2011/01/19 19:56:32,  3] smbd/vfs.c:974(check_reduced_name)
>  reduce_name: data/FOLDER reduced to /mnt/store/data/FOLDER
> [2011/01/19 19:56:32,  3] smbd/reply.c:5760(rename_internals_fsp)
>  rename_internals_fsp: Error NT_STATUS_ACCESS_DENIED rename data/FOLDERR -> data/FOLDER
> [2011/01/19 19:56:32,  3] smbd/reply.c:6009(rename_internals)
>  rename_internals: Error NT_STATUS_ACCESS_DENIED rename data/FOLDERR -> data/FOLDER
> [2011/01/19 19:56:32,  3] smbd/error.c:60(error_packet_set)
>  error packet at smbd/reply.c(6241) cmd=7 (SMBmv) NT_STATUS_ACCESS_DENIED
>
>
> ------
> WHEN RENAME WORKS (Mac 1):
> ------
>
> [2011/01/19 19:57:38,  3] smbd/reply.c:5949(rename_internals)
>  rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = data/FOLDERR, newname = data/FOLDER, last_component_dest = FOLDER
> [2011/01/19 19:57:38,  3] smbd/vfs.c:865(check_reduced_name)
>  reduce_name [data/FOLDERR] [/mnt/store]
> [2011/01/19 19:57:38,  3] smbd/vfs.c:974(check_reduced_name)
>  reduce_name: data/FOLDERR reduced to /mnt/store/data/FOLDERR
> [2011/01/19 19:57:38,  3] smbd/vfs.c:865(check_reduced_name)
>  reduce_name [data/FOLDER] [/mnt/store]
> [2011/01/19 19:57:38,  3] smbd/vfs.c:974(check_reduced_name)
>  reduce_name: data/FOLDER reduced to /mnt/store/data/FOLDER
> [2011/01/19 19:57:38,  3] smbd/reply.c:5784(rename_internals_fsp)
>  rename_internals_fsp: succeeded doing rename on data/FOLDERR -> data/FOLDER
> [2011/01/19 19:57:38,  3] smbd/reply.c:6009(rename_internals)
>  rename_internals: Error NT_STATUS_OK rename data/FOLDERR -> data/FOLDER
>
>
> Also here is my conf file (users/IPs changed to protect the innocent):
>
> [@server:~]$ cat /etc/samba/smb.conf                           (01-19 19:47)
>
> [global]
> netbios name = server
> server string = server
> workgroup = Workgroup
> security = user
> hosts allow = 127. 192.168.2.
> interfaces = 127.0.0.1/8 192.168.2.0/24
> bind interfaces only = yes
> remote announce = 192.168.2.255
> remote browse sync = 192.168.2.255
> log file = /var/log/samba/samba.log
> max log size = 1000
> log level = 3
> null passwords = no
> username level = 6
> password level = 6
> encrypt passwords = true
> unix password sync = yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> local master = no
> domain master = no
> preferred master = no
> domain logons = no
> os level = 33
> logon drive = m:
> logon home = \\%L\homes\%u
> logon path = \\%L\profiles\%u
> logon script = %G.bat
> time server = no
> name resolve order = wins lmhosts bcast
> wins support = no
> wins proxy = no
> dns proxy = no
> preserve case = yes
> short preserve case = yes
> client use spnego = no
> client signing = no
> client schannel = no
> server signing = no
> server schannel = no
> nt pipe support = yes
> nt status support = yes
> allow trusted domains = no
> obey pam restrictions = yes
> enable spoolss = yes
> client plaintext auth = no
> disable netbios = no
> follow symlinks = no
> update encrypted = yes
> pam password change = no
> passwd chat timeout = 120
> hostname lookups = no
> username map = /etc/samba/smbusers
> smb passwd file = /etc/samba/smbpasswd
> passwd program = /usr/bin/passwd '%u'
> passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n
> add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null '%u'
> add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null -g '%g' '%u'
> add group script = /usr/sbin/groupadd '%g'
> delete user script = /usr/sbin/userdel '%u'
> delete user from group script = /usr/sbin/userdel '%u' '%g'
> delete group script = /usr/sbin/groupdel '%g'
> add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c 'Samba Machine Account' -s /dev/null -M '%u'
> machine password timeout = 120
> idmap uid = 16777216-33554431
> idmap gid = 16777216-33554431
> template shell = /dev/null
> winbind use default domain = yes
> winbind separator = @
> winbind cache time = 360
> winbind trusted domains only = yes
> winbind nested groups = no
> winbind nss info = no
> winbind refresh tickets = no
> winbind offline logon = no
>
> [acct]
> path = /mnt/acct
> comment = acct Files
> valid users = user1 acct1
> write list = user1 acct1
> directory mask = 0775
> create mode = 0775
> read only = no
> available = yes
> browseable = yes
> writable = no
> guest ok = no
> public = no
> printable = no
> locking = no
>
> [store]
> path = /mnt/store
> comment = store
> valid users = user1 user2 user3 user4
> write list = user1 user2 user3 user4
> create mask = 770
> force create mode = 770
> security mask = 770
> force security mode = 644
> directory mask = 770
> force directory mode = 770
> directory security mask = 770
> force directory security mode = 770
> read only = no
> available = yes
> browseable = yes
> writable = no
> guest ok = no
> public = no
> printable = no
> locking = no

On this share you have:
writable = no
read only = no
These options are in conflict, you only need to specify one of these options.
man smb.conf shows:

# writeable (S)
#
#           Inverted synonym for read only.
#
#           Default: writeable = no

Hope that gives you some starting points.


> Ben Sigman

Adrian

-- 
24x7x365 != 24x7x52 Stupid or bad maths?
<erno> hm. I've lost a machine.. literally _lost_. it responds to
ping, it works completely, I just can't figure out where in my
apartment it is.

More information about the samba mailing list