[Samba] ntp and samba4
Michael Mol
mikemol at gmail.com
Tue May 7 13:43:07 MDT 2013
On 05/07/2013 03:25 PM, Andrew Bartlett wrote:
> On Mon, 2013-05-06 at 17:15 +0200, Michael De Groote wrote:
>> Hi all
>>
>> Recently i noticed that upon starting the samba4 'samba' daemon, that it
>> changes the group ownership of the socket for ntpd to *staff*
>>
>> $ls -l /usr/local/samba/var/lib/ntp_signd/
>> total 0
>> srwxrwxrwx 1 root *staff* 0 May 6 16:35 socket
>>
>>
>> The documentation says it needs to be *ntp*....
>>
>> (FYI: i'm running this on debian wheezy)
>>
>> I have just added ntp to group staff, but that seems like a workaround...
>
> I don't know why this is happening. I've examined the code, and it does
> not change the group ID, it only creates the directory, forcing the uid.
>
> Indeed, the same code is using for the winbind privileged pipe, which is
> likewise deliberately designed so that you can set the group to a
> specific group for use by squid et al. In this case the group is meant
> to be 'ntp' to allow only NTP access to the pipe.
Could this be a namespace overlap? Perhaps the directory has the correct
GID, but when Samba spins up the lookup for GID->name goes through it,
and something samba is attached to already has a mapping for that GID.
(I find it very odd to see asterisks around the group name in ls's
output, too...)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20130507/6ef72f46/attachment.pgp>
More information about the samba
mailing list