[Samba] Debian 7.1 "net user add" etc returns exit code 255

Scott Edwards supadupa at gmail.com
Mon Jul 22 02:48:44 MDT 2013

I have a pristine Debian 7.1 system running Samba 3.6.6.

root at tv:/etc/samba# apt-cache policy samba
  Installed: 2:3.6.6-6
  Candidate: 2:3.6.6-6
  Version table:
 *** 2:3.6.6-6 0
        500 http://ftp.debian.org/debian/ wheezy/main amd64 Packages
        100 /var/lib/dpkg/status

Between strace (-s 102400 -ffO for net user, and all pid's of smbd),
log level = 5, man pages, and as much white noise as I've been able to
wade through from Google and the mailing list, I think the initial tdb
was never setup. I created a new one with tdbtool, but I suppose I do
not know what values to inject to bootstrap this. I checked
http://bugs.debian.org/samba , but did not find anything relevant.

strace may as well be Greek, as I really only see smb/445 traffic by
and large.  The logs are more verbose ... but I just cannot seem to
wrap my head around it or zero into where the issue may be. Is it safe
(security wise) to attach the verbose /var/log/samba logs? (1.2mb
right now).

I just want my home share accessible when I authenticate from other
systems (mac osx, windows 7, etc).  Additionally, I would like /
access as any non root user (authenticated).

root at tv:/etc/samba# ls -laR /etc/samba/
total 88
drwxr-xr-x   2 root root    75 Jul 21 21:18 .
drwxr-xr-x 138 root root  8192 Jul 21 20:24 ..
-rw-r--r--   1 root root     8 Nov 10  2002 gdbcommands
-rw-------   1 root root   696 Jul 21 21:18 secrets.tdb
-rw-r--r--   1 root root 12240 Jul 21 21:17 smb.conf
-rw-------   1 root root 54016 Jul 21 20:58 traceit.txt

testparam checks out.

root at tv:/etc/samba# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Press enter to see a dump of your service definitions

        server string = %h server
        map to guest = Bad User
        obey pam restrictions = Yes
        pam password change = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
        unix password sync = Yes
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        load printers = No
        dns proxy = No
        usershare allow guests = Yes
        panic action = /usr/share/samba/panic-action %d
        idmap config * : backend = tdb

        comment = Home Directories
        valid users = %S
        create mask = 0700
        directory mask = 0700
        browseable = No

        comment = All Printers
        path = /var/spool/samba
        create mask = 0700
        printable = Yes
        print ok = Yes
        browseable = No

        comment = Printer Drivers
        path = /var/lib/samba/printers
        browseable = No

I'm not sure if this is success via smbclient, I would expect to see
my home share, but maybe that needs browsable = yes ? (will this
expose it to other users?)

supaplex at tv:~$ smbclient  -L //tv/supaplex
Enter supaplex's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.6]

        Sharename       Type      Comment
        ---------       ----      -------
        IPC$            IPC       IPC Service (tv server)
        print$          Disk      Printer Drivers
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.6]

        Server               Comment
        ---------            -------
        TV                   tv server

        Workgroup            Master
        ---------            -------
        WORKGROUP            TV
supaplex at tv:~$ echo $?

Interesting enough, the man page suggests the private dir =
/etc/samba/private, though the default is /etc/samba (hence my
creation of the secrets.tdb in /etc/samba).

root at tv:/etc/samba# testparm -v | egrep '(tdb|priv)'
        private dir = /etc/samba

Thanks and regards,

Scott Edwards

More information about the samba mailing list