[Samba] Can't get 'root preexec' to run

Rowland Penny rowlandpenny241155 at gmail.com
Thu Oct 22 13:18:21 UTC 2015


On 22/10/15 14:02, Ole Traupe wrote:
> The next interesting question for me is:
>
> If I put '\\server\%username%' into ADUC Windows part (or 
> \\server\username explicitly, for that matter), Samba on 'Ok/Apply' 
> registers the attempt to access a non-existing share and applies the 
> [homes] section (executes 'root preexec'). I tested that. However, the 
> user doing this is the domain admin. So Samba would look that user up 
> and create a new share named like the *domain admin* user - and link 
> it to the local home of the domain admin user (if not specified 
> otherwise). That is not what we want.
>
> If I put '/home/user' into the ADUC Unix Attributes, and the user then 
> logs on to a domain member server, nothing will happen. Because the 
> share 'home' ([home] without s) already exists. Because it already has 
> to be mounted on the member server. Otherwise, the the user logging on 
> wouldn't be able to access it. And even if it did not exist: the user 
> always accesses locally mounted stuff, so never actually access the 
> Samba file server hosting the (intended) home shares
>
> So how do you actually use this option?
>
> The only solution I could come up with is a logon script mounting the 
> user's home on demand (on logon). But that would fail, because the 
> user has no root permissions. Right? Or am I missing something?
>
>
>
> Am 22.10.2015 um 14:28 schrieb Rowland Penny:
>> On 22/10/15 13:07, mourik jan heupink wrote:
>>>
>>>
>>> On 10/22/2015 11:37 AM, Rowland Penny wrote:
>>>>> However, I wouldn't want to use \\server\%username% as home dir
>>>>> location, was well.
>>>>>
>>>>>
>>>>
>>>> I wouldn't either, mostly because it wouldn't work.
>>>>
>>>> Rowland
>>
>> Perhaps I should have been a bit more explicit, having a 
>> 'unixHomeDirectory' attribute containing '\\server\%username%' will 
>> not work, it is expected to contain something like '/home/rowland' 
>> i.e. the path to the home directory belonging to Rowland. Unix would 
>> not identify backslashes, it expects forward slashes , it wouldn't be 
>> able to understand '%username%' either
>>
>> Rowland
>>
>>>
>>> Well it has been working here for *many* years, pretty much already 
>>> since samba 2.2.8 days. The only problem is that nowadays (when 
>>> using AD/aduc) ADUC insists to create the folder for us, and that 
>>> doesn't work with \\server\%username%
>>>
>>> (and yes, I know about the other ways to create users, it's just 
>>> that the persons creating our users like the regular windows tools 
>>> to do their job)
>>>
>>> MJ
>>>
>>
>>
>
>

        root preexec (S)

            This is the same as the preexec parameter except that the 
command
            is run as root. This is useful for mounting filesystems (such as
            CDROMs) when a connection is opened.

        preexec (S)

            This option specifies a command to be run whenever the 
service is
            connected to. It takes the usual substitutions.




More information about the samba mailing list