[Samba] Can't get 'root preexec' to run

[Ole Traupe]

Hi Rowland,

thank you for your effort! However, this is entirely not what I am 
trying to achieve.

What I am trying to achieve is to get the "prexec" method to work.

The reason behind this is that I would like to have a zfs data set 
created per user in an automatic (scripted) way. The reason behind that 
is that if I do this by hand - from a domain admin account and with the 
ACL recommendations of the Samba wiki (inheritance of owner rights), a 
simple user funnily has no read or write rights on the files and folders 
in his home dir. Apparently, because he wasn't the owner at the time of 
creation of his home dir. But the above-mentioned domain admin account 
is the owner of the users files. And by making him (the user) the owner 
post-hoc I wasn't able to solve this. Samba doesn't seem to recognize 
(inherite) the owner changes properly. Or I'm just too stupid to get 
this done properly.

Now I will try to list my setup and intentions in a step-by-step way as 
you recommended:

- srvA: CentOS 6 Samba 4 DC
- srvB: CentOS 6 domain member file server sharing zfs data sets via 
Samba 4 (not via zfs' built-in module)
- srvC: CentOS 6 domain member compute and terminal server running Samba 
3.6.23
- cliA: Windows 7 domain client, where I do the management via ADUC 
console, and where I can test Windows log-ons
- I want to log on to srvC and cliA and have the same home dir for each 
users
- I want these home dirs to be zfs data sets on srvB (for various 
reasons we probably shouldn't discuss here on the list)

I know in theory, how to achieve this. My script - on the DC - works as 
such if I execute it by hand. It remotely executes commands via ssh 
(public key authentication). My domain is also working correctly 
according to all tests found on the Samba wiki. My only problem is, that 
this darn "preexec" method in the [homes] section of my DC is not 
executing on user logon on srvC or cliA. I have it create two different 
log files depending on success and failure of the first script line that 
begins an if clause containing the rest of the commands. But this log 
file is not created anyhere on the DC.

So, after all, I actually am trying to figure out, why that is.

If I seem unappreciative of your attempt to help me, let me assure you 
that it is not the case. I just figured that it would be enough to ask 
whether someone has an idea of why "preexec" isn't working in my case. 
And that probably is because I am new to this and very likely 
overlooking the obvious here.

Best regards,
Ole



Am 20.10.2015 um 17:15 schrieb Rowland Penny:
> On 15/10/15 11:05, Ole Traupe wrote:
>> Hi,
>>
>> I am trying to automatically create nested zfs data sets as home 
>> directories. I have a script that works fine if I execute it manually 
>> as root (auth via public key). It also creates a short log file in 
>> the same dir.
>>
>> However, this section in my smb.conf (on the DC) doesn't seem to 
>> execute (no data set created, no log file) on user logon (on a member 
>> server):
>>
>> [homes]
>>        comment = User Home Directories
>>        browseable = no
>>        writable = yes
>>        root preexec = /usr/local/samba/scripts/createzfshome.sh %U
>>
>> What might be the reason? Is this conflicting with rfc2307 use?
>>
>> My DC's Samba version is 4.2.2 (on CentOS 6.7), my Samba member 
>> server (where the logon happens; either via ssh or with FreeNX 
>> terminal software) is Version 3.6.23.
>>
>> Is Samba 3 a problem here?
>>
>> Best,
>> Ole
>>
>
> Hmm, struggling to understand just what you are trying to, I think you 
> are trying to do this:
>
> You have the users home directories stored on the DC
> The users log onto a samba member server (running 3.6.23)
> You then expect the users home directory to be created on the DC
>
> Is the above correct, if it isn't, can you state just what you expect 
> to happen, line by line as above.
>
> Rowland
>
>