[Samba] ntp and samba4
abartlet at samba.org
Wed May 8 03:11:51 MDT 2013
On Tue, 2013-05-07 at 15:43 -0400, Michael Mol wrote:
> On 05/07/2013 03:25 PM, Andrew Bartlett wrote:
> > On Mon, 2013-05-06 at 17:15 +0200, Michael De Groote wrote:
> >> Hi all
> >> Recently i noticed that upon starting the samba4 'samba' daemon, that it
> >> changes the group ownership of the socket for ntpd to *staff*
> >> $ls -l /usr/local/samba/var/lib/ntp_signd/
> >> total 0
> >> srwxrwxrwx 1 root *staff* 0 May 6 16:35 socket
> >> The documentation says it needs to be *ntp*....
> >> (FYI: i'm running this on debian wheezy)
> >> I have just added ntp to group staff, but that seems like a workaround...
> > I don't know why this is happening. I've examined the code, and it does
> > not change the group ID, it only creates the directory, forcing the uid.
> > Indeed, the same code is using for the winbind privileged pipe, which is
> > likewise deliberately designed so that you can set the group to a
> > specific group for use by squid et al. In this case the group is meant
> > to be 'ntp' to allow only NTP access to the pipe.
> Could this be a namespace overlap? Perhaps the directory has the correct
> GID, but when Samba spins up the lookup for GID->name goes through it,
> and something samba is attached to already has a mapping for that GID.
> (I find it very odd to see asterisks around the group name in ls's
> output, too...)
Samba never sets the GID explicitly, but should be gid 0 at this point,
so should be creating gid 0 files.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba