[Samba] sysvolreset failing on glusterfs
greno at verizon.net
Wed Mar 6 14:35:25 MST 2013
Do you have extended attributes enabled on your glusterfs filesystem?
Out of curiosity, what version of glusterfs are you seeing this problem?
On 03/06/2013 04:21 PM, Andreas Gaiser wrote:
> thanks for your answer.
> I don't think it's a permission issue, as the script is invoked as root
> and I don't think it's changing its uid.
> I've had a look into the code and what I see is, it's somewhat selective
> about the method to set ACLs depending on the filesystem AFAIR. The
> stack trace only shows the python part. The actual error results from C
> code. Setting ACLs using a windows client seems to work.
> Furthermore, if I'm mounting the glusterfs volume, in the mount list,
> the acl option is not shown.
> I think somewhere a decision about the availabilty of ACLs is going wrong.
> Very funny, at one occasion it did work, though complaining after
> minutes of activity, and ACLs were present after that (can't tell if
> they're correct). But this part is not well reproducable. In fact there
> is no reasonable way to do a sysvolreset at the moment, lengthening my
> list of issues.
> On 06.03.13 17:44, Mr J Potter wrote:
>> I had similar problems with gluster. I set up a gluster sysvol first
>> then tried provisioning and it failed with the same error. So it maybe
>> to do with permissions on the sysvol folder itself?
>> It worked if I set up dc and bdc each with local sysvols then moved them
>> onto gluster.
>> On Mar 3, 2013 5:32 PM, "Andreas Gaiser/L" <info at multifake.net
>> <mailto:info at multifake.net>> wrote:
>>> I'm trying to setup a domain with two DCs based on 4.0.3. Following some
>>> hint, I wanna use glusterfs for the sysvol. Glusterfs it runs nicely. I
>>> can set acls on both machines using setfacl and the other one lists them
>>> almost immediately with getfacl.
>>> But running "samba-tool ntacl sysvolreset is failing badly giving the
>>> following error.
>>> In a later attempt, without significant changes I remember, the script
>>> more or less seemed to work and created indeed ACEs, but still came up
>>> with this error after some minutes.
>>> root at dc1:~# samba-tool ntacl sysvolreset
>>> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_NOT_SUPPORTED.
>>> ERROR(runtime): uncaught exception - (-1073741637,
>>> "/opt/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py", line
>>> 175, in _run
>>> return self.run(*args, **kwargs)
>>> File "/opt/samba/lib/python2.6/site-packages/samba/netcmd/ntacl.py",
>>> line 214, in run
>>> lp, use_ntvfs=use_ntvfs)
>>> line 1563, in setsysvolacl
>>> setntacl(lp,sysvol, SYSVOL_ACL, str(domainsid), use_ntvfs=use_ntvfs,
>>> skip_invalid_chown=True, passdb=s4_passdb)
>>> File "/opt/samba/lib/python2.6/site-packages/samba/ntacls.py", line
>>> 154, in setntacl
>>> smbd.set_nt_acl(file, security.SECINFO_OWNER |
>>> security.SECINFO_GROUP | security.SECINFO_DACL |
>> security.SECINFO_SACL, sd)
>>> Running mount is showing the target fs without ACLs, although they do
>>> work, as said before, and although I do have mounted the fs using -o
>>> acl,rw. The underlying ext3 fs is of cause running with acls enabled,
>>> too. This is what mount looks like for the involved fs's:
>>> fusectl on /sys/fs/fuse/connections type fusectl (rw)
>>> /dev/xvda3 on /var/glusterfs/brick1 type ext3 (rw,acl,user_xattr)
>>> localhost:/dc-vol on /export/dc-vol type fuse.glusterfs
>>> Andreas Gaiser, Berlin, Germany
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba