[Samba] chown: changing ownership of 'test': Invalid argument

Rowland Penny rpenny at samba.org
Wed Apr 10 07:58:57 UTC 2019 

On Wed, 10 Apr 2019 09:04:06 +0200
Ian Coetzee via samba <samba at lists.samba.org> wrote:

> Hi All,
> 
> I have a very weird issue on one of my servers. I think I might just
> be missing something quite obviously... I will post the config files
> at the bottom
> 
> I have a brand new Debian server running as an LXC container
> I am running said server as a domain member using the latest packages
> in Louis' 4.9 branch
> 
> The join seems to be good, nsswitch is working
> 
> > root at ho-vpn-ctx-ac01:~# wbinfo -i ianc
> > ianc:*:3201407:3200513::/home/JEOFFICE/ianc:/bin/bash
> > root at ho-vpn-ctx-ac01:~# getent passwd ianc
> > ianc:*:3201407:3200513::/home/JEOFFICE/ianc:/bin/bash
> >  
> 
>  Yet when I try to change the ownership of a file to a domain user, it
> fails with "Invalid argument"
> 
> > root at ho-vpn-ctx-ac01:~# chown -v ianc test
> > chown: changing ownership of 'test': Invalid argument
> > failed to change ownership of 'test' from root to ianc

This is very strange, the 'getent' command above shows that the OS
knows who 'ianc' is, so why can file ownership not be changed ?

> > root at ho-vpn-ctx-ac01:~# chown -v jeadmin test
> > changed ownership of 'test' from root to jeadmin
> > root at ho-vpn-ctx-ac01:~# getent passwd jeadmin
> > jeadmin:x:1000:27::/home/jeadmin:/bin/bash
> >  
> 
> It works however when changing to a local user. So it looks like the
> issue might be in samba. This is the first time I have had this
> problem after quite a few other servers (a mix between CentOS, Debian
> and Ubuntu) has already been joined to the domain using the exact
> same smb.conf.
> 
> On a side note, I am also unable to log into the server using domain
> credentials, which I am currently attributing to the same cause.

Possibly, but it could just be down to you not having this line
in /etc/pam.d/common-session

session    required   pam_mkhomedir.so skel=/etc/skel/ umask=0022

Without that line, the users homedir will not get created and the login
will fail.

> 
> root at ho-vpn-ctx-ac01:~# cat /etc/samba/smb.conf
> [global]
>    workgroup = JEOFFICE
>    realm = JEOFFICE.JACKLIN.CO.ZA
>    security = ADS
>    template shell = /bin/bash
>    winbind use default domain = true
>    log file = /var/log/samba/%m.log
>    log level = 1 
>    idmap config * : backend = tdb
>    idmap config * : range = 70001-80000
>    idmap config JEOFFICE : backend = rid
>    idmap config JEOFFICE : range = 3200000-3300000
> 

If you notice, I have shorted your smb.conf, it is effectively the same
as what you have now, I have just removed the default lines.

There are numerous lines I would add, but they do not really have
anything to do with your problem.

A last thought, do you have any users in AD that also occur
in /etc/passwd ?

Rowland

More information about the samba mailing list