[Samba] Can't get 'root preexec' to run

Ole Traupe ole.traupe at tu-berlin.de
Wed Oct 21 10:13:57 UTC 2015 

Maybe I finally figured it out. I found that sentence

"For example, the [test] and [homes] sections are unique disk shares; 
they contain options that map to specific directories on the Samba server."

here:

https://www.samba.org/samba/docs/using_samba/ch06.html

Does that mean that this "preexec" in the [homes] section is not invoked 
if the user is accessing his or her home dir that is _configured_ on the 
DC ("known" by the DC), but only if the home dir is actually 
_located/shared_ there under \\dc\homes?

Seems logical now. :-/

So I could put my preexec part under [netlogon], right?



Am 21.10.2015 um 11:12 schrieb Ole Traupe:
> Louis, thanks for the idea!
>
> I can execute the script as root on linux (tested this), because I do 
> folder (zfs data set) creation via remote ssh commands, so not in the 
> domain context.
>
> But the point is that the script won't even execute. Even on failure, 
> there would be a log file created by my script which can't be found 
> anywhere.
>
> Ole
>
>
> Am 20.10.2015 um 17:29 schrieb L.P.H. van Belle:
>> Looks like my nfsv4 kerberos and root access problem.
>>
>> In that case, root didnt have a kerberos ticket, and was not allowed 
>> to access the needed folder. I think this is a bit the same.
>>
>> Creating the users and profiles shares from ADUC is working fine for 
>> me but
>> not scripted from user root.
>>
>>
>> Greetz,
>>
>> Louis
>>
>>
>>> -----Oorspronkelijk bericht-----
>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ole Traupe
>>> Verzonden: dinsdag 20 oktober 2015 16:50
>>> Aan: samba at lists.samba.org
>>> Onderwerp: Re: [Samba] Can't get 'root preexec' to run
>>>
>>>
>>>
>>> Am 20.10.2015 um 11:01 schrieb L.P.H. van Belle:
>>>> You tried the pam module mkhomedir ?
>>>>
>>>> And have your tried :
>>>> root preexec = "/usr/local/samba/scripts/createzfshome.sh %U"
>>>> or
>>>> root preexec = /usr/local/samba/scripts/createzfshome.sh "%U"
>>> The latter, with and without quotes around the %U.
>>>
>>>> Is the homedir on a NFS mounted dir? Exports correctly set?
>>> The base dir for the homes is a zfs data set shared via Samba 4 and
>>> mounted as cifs to /home on the domain member server (CentOS 6.7). I
>>> also tried the log-on on a Windows 7 client, so the user home was
>>> addressed as \\server\homebase\userhome in the "Profile" tab of the 
>>> user
>>> properties in the MS ADUC console.
>>>
>>> As I initially wanted to create a (nested) zfs data set via a
>>> "preexec"-invoked script, I haven't tried the mkhomedir pam module.
>>>
>>> The thing is, that my preexec parameter is not working at all, and that
>>> primarily I want to find out, why that is - under what circumstances it
>>> should work and what interferes with it.
>>>
>>> Plus: if I can't get it to work, I can't use nested data sets in a
>>> proper manner, and thus will revert to simple subfolders of the home
>>> base dir \\server\homebase (which Samba creates just fine).
>>>
>>> Anyways, thanks for you help, Louis!
>>>
>>>
>>>
>>>>
>>>>
>>>> Greetz,
>>>>
>>>> Louis
>>>>
>>>>
>>>>> -----Oorspronkelijk bericht-----
>>>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Ole Traupe
>>>>> Verzonden: dinsdag 20 oktober 2015 10:36
>>>>> Aan: samba at lists.samba.org
>>>>> Onderwerp: Re: [Samba] Can't get 'root preexec' to run
>>>>>
>>>>> Meanwhile I managed to search the thread titles of the last 5 years
>>>>> manually for "preexec". Is there a better solution for accessing the
>>>>> archive of this list?
>>>>> -- 
>>>>>
>>>>> Still I can't get the DC's [homes] section's 'preexec' command to run
>>> on
>>>>> user logon (on one of the domain member PCs). Selinux on the DC is 
>>>>> off,
>>>>> of course. I also tried the log-on on a Win7 domain member instead of
>>>>> linux, but still no sign of the script running: my log file is not
>>>>> created; zfs data sets neither. I made sure that the log file is
>>> created
>>>>> even if zfs data set creation fails to some reason.
>>>>>
>>>>> What might be interfering with this? I read the explanation of the
>>>>> 'preexec' command in the manpages but there is no direct reference to
>>>>> its use in the [homes] section.
>>>>>
>>>>> Even remote ideas would be most welcome!
>>>>>
>>>>> Ole
>>>>>
>>>>>
>>>>> Am 15.10.2015 um 12:05 schrieb Ole Traupe:
>>>>>> Hi,
>>>>>>
>>>>>> I am trying to automatically create nested zfs data sets as home
>>>>>> directories. I have a script that works fine if I execute it 
>>>>>> manually
>>>>>> as root (auth via public key). It also creates a short log file 
>>>>>> in the
>>>>>> same dir.
>>>>>>
>>>>>> However, this section in my smb.conf (on the DC) doesn't seem to
>>>>>> execute (no data set created, no log file) on user logon (on a 
>>>>>> member
>>>>>> server):
>>>>>>
>>>>>> [homes]
>>>>>>          comment = User Home Directories
>>>>>>          browseable = no
>>>>>>          writable = yes
>>>>>>          root preexec = /usr/local/samba/scripts/createzfshome.sh %U
>>>>>>
>>>>>> What might be the reason? Is this conflicting with rfc2307 use?
>>>>>>
>>>>>> My DC's Samba version is 4.2.2 (on CentOS 6.7), my Samba member 
>>>>>> server
>>>>>> (where the logon happens; either via ssh or with FreeNX terminal
>>>>>> software) is Version 3.6.23.
>>>>>>
>>>>>> Is Samba 3 a problem here?
>>>>>>
>>>>>> Best,
>>>>>> Ole
>>>>>>
>>>>>> -- 
>>>>>>
>>>>>> Dr. Ole Traupe
>>>>>> Lab Manager
>>>>>>
>>>>>> Technische Universität Berlin
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> -- 
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>
>>>
>>> -- 
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>

-- 

Dr. Ole Traupe

Lab Manager

Technische Universität Berlin
Biopsychologie und Neuroergonomie
Institut für Psychologie und Arbeitswissenschaft

Biological Psychology and Neuroergonomics
Department of Psychology and Ergonomics

Postanschrift/Mail to:

TU Berlin
Sekr. MAR 3-2
Marchstr. 23
10587 Berlin
GERMANY

Zimmer/Office: MAR 3.052
Telefon/Phone: (+49) 030 314 22721
Fax: (+49) 030 314 25274

E-Mail: ole.traupe at tu-berlin.de
www.bpn.tu-berlin.de

More information about the samba mailing list