[Samba] How to troubleshoot an ACL error?

Harry Jede walk2sun at arcor.de
Wed Mar 5 10:08:00 MST 2014


On 18:05:10 wrote Peter Clark:
> I'm running Version 4.2.0pre1-GIT-ca3998d on a Fedora 20 host. The
> output of testparm is:
> 
> [global]
>         workgroup = SOMETHING
>         realm = SOMETHING.SOMETHING.COM
>         server role = active directory domain controller
>         passdb backend = samba_dsdb
>         server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
> winbind, ntp_signd, kcc, dnsupdate, smb
>         dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
> netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
> eventlog6, backupkey, dnsserver, winreg, srvsvc
>         rpc_server:tcpip = no
>         rpc_daemon:spoolssd = embedded
>         rpc_server:spoolss = embedded
>         rpc_server:winreg = embedded
>         rpc_server:ntsvcs = embedded
>         rpc_server:eventlog = embedded
>         rpc_server:srvsvc = embedded
>         rpc_server:svcctl = embedded
>         rpc_server:default = external
>         idmap_ldb:use rfc2307 = yes
>         idmap config * : backend = tdb
>         map archive = No
>         map readonly = no
>         store dos attributes = Yes
>         vfs objects = dfs_samba4, acl_xattr
> 
> [netlogon]
>         path =
> /usr/local/samba/var/locks/sysvol/something.something.com/scripts
>         read only = No
> 
> [sysvol]
>         path = /usr/local/samba/var/locks/sysvol
>         read only = No
> 
> [homes]
>         path = /home
>         read only = No
> 
> I can run lists:
> 
>  smbclient -L localhost -U%
> Domain=[SOMETHING] OS=[Unix] Server=[Samba 4.2.0pre1-GIT-ca3998d]
> 
>         Sharename       Type      Comment
>         ---------       ----      -------
>         netlogon        Disk
>         sysvol          Disk
>         homes           Disk
>         IPC$            IPC       IPC Service
> localhost is an IPv6 address -- no workgroup available
> [pclark at c3po ~]$
> 
> However when I log in as a user and try to go into my homedir:
> 
> Domain=[SOMETHING] OS=[Unix] Server=[Samba 4.2.0pre1-GIT-ca3998d]
> smb: \> dir
>   .                                   D        0  Sun Mar  2 11:06:09
> 2014 ..                                  D        0  Mon Mar  3
> 03:44:25 2014 pclark                              D        0  Mon
> Mar  3 13:36:36 2014
> 
>                 34001 blocks of size 8388608. 13463 blocks available
> smb: \> cd pclark
> cd \pclark\: NT_STATUS_INVALID_ACL
> smb: \>
> 
> getfacl shows:
> getfacl pclark
> # file: pclark
> # owner: pclark
> # group: pclark
> user::rwx
> group::rwx
> other::r-x
put the user pclark in an other group
remove the the group pclark
try again

> 
> When I try and bring up the folder on a Windows system the security
> tab only has an X with an error message that says the "security
> information is unavailable or cannot be displayed", even when logged
> into the domain as Administrator.
> 
> My drives are mounted with user_xattr,acl options in /etc/fstab. I'm
> not sure how to troubleshoot this further, any thoughts on how to
> reset the acl to a baseline that can be later edited (or, what did I
> do wrong here?) would be appreciated.
> 
> Thanks,


-- 

regards
	Harry Jede


More information about the samba mailing list