[Samba] Can't get 'root preexec' to run

Ole Traupe ole.traupe at tu-berlin.de
Wed Oct 21 11:13:07 UTC 2015 

Rowland, I apologize: I have overlooked this answer of yours before my 
last post.

 >> I think you may still be missing the obvious,

I was suspecting that.

 >> '[homes]' *does not work* on a DC.

You mean in general or in my assumed use case?



Am 21.10.2015 um 11:27 schrieb Rowland Penny:
> On 21/10/15 10:07, Ole Traupe wrote:
>> Hi Rowland,
>>
>> thank you for your effort! However, this is entirely not what I am 
>> trying to achieve.
>>
>> What I am trying to achieve is to get the "prexec" method to work.
>>
>> The reason behind this is that I would like to have a zfs data set 
>> created per user in an automatic (scripted) way. The reason behind 
>> that is that if I do this by hand - from a domain admin account and 
>> with the ACL recommendations of the Samba wiki (inheritance of owner 
>> rights), a simple user funnily has no read or write rights on the 
>> files and folders in his home dir. Apparently, because he wasn't the 
>> owner at the time of creation of his home dir. But the 
>> above-mentioned domain admin account is the owner of the users files. 
>> And by making him (the user) the owner post-hoc I wasn't able to 
>> solve this. Samba doesn't seem to recognize (inherite) the owner 
>> changes properly. Or I'm just too stupid to get this done properly.
>>
>> Now I will try to list my setup and intentions in a step-by-step way 
>> as you recommended:
>>
>> - srvA: CentOS 6 Samba 4 DC
>> - srvB: CentOS 6 domain member file server sharing zfs data sets via 
>> Samba 4 (not via zfs' built-in module)
>> - srvC: CentOS 6 domain member compute and terminal server running 
>> Samba 3.6.23
>> - cliA: Windows 7 domain client, where I do the management via ADUC 
>> console, and where I can test Windows log-ons
>> - I want to log on to srvC and cliA and have the same home dir for 
>> each users
>> - I want these home dirs to be zfs data sets on srvB (for various 
>> reasons we probably shouldn't discuss here on the list)
>>
>> I know in theory, how to achieve this. My script - on the DC - works 
>> as such if I execute it by hand. It remotely executes commands via 
>> ssh (public key authentication). My domain is also working correctly 
>> according to all tests found on the Samba wiki. My only problem is, 
>> that this darn "preexec" method in the [homes] section of my DC is 
>> not executing on user logon on srvC or cliA. I have it create two 
>> different log files depending on success and failure of the first 
>> script line that begins an if clause containing the rest of the 
>> commands. But this log file is not created anyhere on the DC.
>>
>> So, after all, I actually am trying to figure out, why that is.
>>
>> If I seem unappreciative of your attempt to help me, let me assure 
>> you that it is not the case. I just figured that it would be enough 
>> to ask whether someone has an idea of why "preexec" isn't working in 
>> my case. And that probably is because I am new to this and very 
>> likely overlooking the obvious here.
>>
>> Best regards,
>> Ole
>>
>>
>>
>> Am 20.10.2015 um 17:15 schrieb Rowland Penny:
>>> On 15/10/15 11:05, Ole Traupe wrote:
>>>> Hi,
>>>>
>>>> I am trying to automatically create nested zfs data sets as home 
>>>> directories. I have a script that works fine if I execute it 
>>>> manually as root (auth via public key). It also creates a short log 
>>>> file in the same dir.
>>>>
>>>> However, this section in my smb.conf (on the DC) doesn't seem to 
>>>> execute (no data set created, no log file) on user logon (on a 
>>>> member server):
>>>>
>>>> [homes]
>>>>        comment = User Home Directories
>>>>        browseable = no
>>>>        writable = yes
>>>>        root preexec = /usr/local/samba/scripts/createzfshome.sh %U
>>>>
>>>> What might be the reason? Is this conflicting with rfc2307 use?
>>>>
>>>> My DC's Samba version is 4.2.2 (on CentOS 6.7), my Samba member 
>>>> server (where the logon happens; either via ssh or with FreeNX 
>>>> terminal software) is Version 3.6.23.
>>>>
>>>> Is Samba 3 a problem here?
>>>>
>>>> Best,
>>>> Ole
>>>>
>>>
>>> Hmm, struggling to understand just what you are trying to, I think 
>>> you are trying to do this:
>>>
>>> You have the users home directories stored on the DC
>>> The users log onto a samba member server (running 3.6.23)
>>> You then expect the users home directory to be created on the DC
>>>
>>> Is the above correct, if it isn't, can you state just what you 
>>> expect to happen, line by line as above.
>>>
>>> Rowland
>>>
>>>
>>
>>
>
> I think you may still be missing the obvious, '[homes]' *does not 
> work* on a DC.
>
> Thinking about this, is it possible that your 'root preexec' command 
> is being run, but just not when you think it should ?
> What I mean is, you think is should be run when a user tries to 
> connect to the share, but the share has already been mounted on the 
> client and the user connects to that. Try changing the command to 
> something that just echo's something to a text file in /tmp on the DC, 
> restart the DC and the member server and then see if there is anything 
> in /tmp on the DC, if there isn't anything, connect a client and check 
> again, if still nothing, then 'root preexec' has problems.
>
> Rowland
>
>

More information about the samba mailing list