[Samba] Samba4 creating share and setting permissions without windows tools
Rowland Penny
rowlandpenny at googlemail.com
Fri Aug 1 02:38:42 MDT 2014
On 01/08/14 00:00, Ryan Ashley wrote:
> Rowland, it is missing because it is not needed. The installer, at
> least on GNU systems, places the files in the correct location. Here
> is a dump from a working file-server running Debian 7.5 Wheezy 64bit.
>
> root at fs01:/usr/lib# l ./libnss*
> lrwxrwxrwx 1 root root 19 Jul 29 11:42 ./libnss_winbind.so ->
> libnss_winbind.so.2
> -rwxr-xr-x 1 root root 23879 Jul 29 11:41 ./libnss_winbind.so.2
> lrwxrwxrwx 1 root root 16 Jul 29 11:42 ./libnss_wins.so ->
> libnss_wins.so.2
> -rwxr-xr-x 1 root root 13943 Jul 29 11:42 ./libnss_wins.so.2
> root at fs01:/usr/lib#
>
> I have never made those symlinks personally. GNU systems, and others
> AFAIK, will search /usr/lib for libraries as well as /lib or /lib64.
>
> Also, 64bit GNU systems use /lib, not /lib64. The /lib64 directory is
> normally empty and all 64bit libraries are in /lib. Check that out on
> a recent Debian or Ubuntu build. There was discussion of changing this
> a year or so back, but apparently it never happened. Heck, this laptop
> is Wheezy 64bit and /lib64 is empty, minus a single symlink to
> "ld-linux-x86-64.so.2", which points to
> "/lib/x86_64-linux-gnu/ld-2.13.so".
>
> Does this mean that there should be a different install setup for each
> distro? Also, why is S4 installing to /usr/local on your end? Mine
> installs nothing from S4 to /usr/local.
>
> On 07/31/2014 03:45 PM, Rowland Penny wrote:
>> On 31/07/14 20:26, Diego Llovet wrote:
>>> ok, but I have an empty /etc/nsswitch and windbind is stopped,
>>> according to wiki there is not necessary or at least not mentioned
>>>
>>> ________ smb.conf
>>> # Global parameters
>>> [global]
>>> workgroup = DOMAIN
>>> realm = DOMAIN.COM <http://DOMAIN.COM>
>>> netbios name = PRUEBASDIEGO
>>> interfaces = lo, eth0
>>> bind interfaces only = Yes
>>> server role = active directory domain controller
>>> idmap_ldb:use rfc2307 = yes
>>>
>>> [netlogon]
>>> path = /usr/local/samba/var/locks/sysvol/domain.com/scripts
>>> <http://domain.com/scripts>
>>> read only = No
>>>
>>> [sysvol]
>>> path = /usr/local/samba/var/locks/sysvol
>>> read only = No
>>>
>>> [home]
>>> path = /home/homeUsers/
>>> read only = No
>>>
>>> [share]
>>> path = /home/share
>>> read only = no
>>> create mask = 0777
>>>
>>> [People]
>>> path = /home/people/
>>> read only = No
>>> ________
>>>
>>> Provisioned samba4
>>>
>>> samba-tool domain provision --use-rfc2307 --interactive
>>> --option="interfaces=lo eth0" --option="bind interfaces only=yes"
>>>
>>>
>>>
>>>
>>> 2014-07-31 14:56 GMT-03:00 Rowland Penny
>>> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>>:
>>>
>>> On 31/07/14 18:47, Diego Llovet wrote:
>>>
>>> Hi,
>>> wbinfo -g return the groups that I created withh samba-toll
>>> group add IT
>>> getent group IT return nothing
>>>
>>>
>>> That is where your problem lies, you need to be able to run
>>> 'getent passwd' and have it return your users and 'getent group
>>> <groupname>' needs to return info about the group.
>>>
>>> Could you post your smb.conf, /etc/nsswitch and how you
>>> provisioned the samba4 server.
>>>
>>> Rowland
>>>
>>>
>>>
>>> 2014-07-31 13:18 GMT-03:00 Rowland Penny
>>> <rowlandpenny at googlemail.com
>>> <mailto:rowlandpenny at googlemail.com>
>>> <mailto:rowlandpenny at googlemail.com
>>> <mailto:rowlandpenny at googlemail.com>>>:
>>>
>>>
>>> On 31/07/14 14:48, Diego Llovet wrote:
>>>
>>> Hello,
>>>
>>> I need a way to set permissions to share folder
>>> without to use
>>> RSAT, I've
>>> not found anything about that.
>>>
>>> The samba wiki said that
>>>
>>> ---------------------
>>> Change permissions on folders of a share
>>>
>>>
>>> Changes of permissions are done using the classic *nix
>>> tools
>>> 'chmod',
>>> 'chown' and 'chgrp'.
>>>
>>> Example:
>>>
>>> Code:
>>>
>>> # mkdir /srv/samba/Demo/Example/
>>> # chown foobar:DemoGroup /srv/samba/Demo/Example/
>>> # chmod 2770 /srv/samba/Demo/Example/
>>>
>>> -------------------
>>>
>>> I created a group DemoGroup with "samba-tool group add
>>> DemoGroup"
>>> Then, when I did
>>> Code:
>>>
>>> chown foobar:DemoGroup /srv/samba/Demo/Example/
>>>
>>> I got this error
>>> Code:
>>>
>>> chown: invalid group: "DemoGroup"
>>>
>>> What must I do to allow groups created by samba-tool
>>> works
>>> with chown??
>>>
>>> How can I do to assign permissions to a shared
>>> folder from
>>> command line
>>> using the power of samba4?
>>>
>>> Thank you in advance
>>>
>>> Hi, what does 'wbinfo -g' and 'getent group DemoGroup'
>>> return ?
>>>
>>> Rowland
>>>
>>> -- To unsubscribe from this list go to the following
>>> URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>>>
>>> -- To unsubscribe from this list go to the following URL and
>>> read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>> I some how thought that was what you were going to say, it would seem
>> that part of the samba dc howto wiki page has gone missing, or rather
>> it has migrated totally to another page!!
>>
>>
>> Make domain users/groups available locally through Winbind
>>
>> To have your domain users and groups available locally on your Member
>> Server, you need to place two links in your /lib64 folder:
>>
>> # ln -s /usr/local/samba/lib/libnss_winbind.so /lib64
>> # ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2
>> # ldconfig
>>
>> *If you are running a 32-bit system ("uname -i" will return "i686"),
>> you have to use /lib instead!*
>>
>> The final step of the configuration is to add 'winbind' to the
>> 'passwd' and 'group' entry of your /etc/nsswitch.conf:
>>
>> passwd: compat winbind
>> group: compat winbind
>>
>>
>> HINT HINT Marc ;-)
>>
>> Do the above and see if this helps.
>>
>> Rowland
>>
>
Hi Ryan, if you examine the OP's smb.conf, you will find this line:
/usr/local/samba/var/locks/sysvol/domain.com/scripts
<http://domain.com/scripts>
So from this, I think that the OP has compiled samba4 himself and if you
do this, you do not get the links installed, you have to create them
manually, the old wiki page used to tell you this. Where to put the
links may be incorrect but I am sure the OP will get the point, no
links, no winbind, no domain users known to the Unix server.
Rowland
More information about the samba
mailing list