[Samba] Samba-4.10.4 strange behaviour

Strahil Nikolov hunter86_bg at yahoo.com
Wed Jul 1 17:47:55 UTC 2020


Hi Felix,

thanks for the share.
Sadly it doesn't work and I don't know how to start debugging this one.

I tried your config (had to switch from domain member to standalone) but it's the same:

[global]
        netbios name = yourName
        workgroup = yourWorkgroup
        realm = YourRealm
        log file = /var/log/samba/log.%m
        max log size = 50
        security = ads

        clustering = yes

        max protocol = SMB3
         kernel share modes = no
         kernel change notify = no

        kernel oplocks = no
        posix locking = no

        map archive = no
        map hidden = no
        map read only = no
        map system = no
        store dos attributes = yes


        idmap config * : backend = autorid
        idmap config * : range = 1000000-19999999
        idmap config * : rangesize = 1000000
        include = /etc/samba/ctdb.conf
        fruit:aapl = yes
        ea support = yes

    # it turns out that using SMB1 via linux/rsync
    # is leading to wrong permissions in our case
    min protocol = SMB2

[gluster-replicated]
    comment =
    vfs objects = fruit streams_xattr glusterfs
    glusterfs:volume = yourGlusterVolume
    glusterfs:logfile = /var/log/samba/yourLog.log
    glusterfs:loglevel = 1
    inherit acls = yes
    path = /
    read only = no
    guest ok = no

Best Regards,
Strahil Nikolov




В сряда, 1 юли 2020 г., 19:33:12 ч. Гринуич+3, Felix Kölzow via samba <samba at lists.samba.org> написа: 





Dear Strahil,

please find my current settings below:


[global]
        netbios name = yourName
        workgroup = yourWorkgroup
        realm = YourRealm
        log file = /var/log/samba/log.%m
        max log size = 50
        security = ads

        clustering = yes

        max protocol = SMB3
         kernel share modes = no
         kernel change notify = no

        kernel oplocks = no
        posix locking = no

        map archive = no
        map hidden = no
        map read only = no
        map system = no
        store dos attributes = yes


        idmap config * : backend = autorid
        idmap config * : range = 1000000-19999999
        idmap config * : rangesize = 1000000
        include = /etc/samba/ctdb.conf
        fruit:aapl = yes
        ea support = yes

    # it turns out that using SMB1 via linux/rsync
    # is leading to wrong permissions in our case
    min protocol = SMB2

[gluster-replicated]
    comment =
    vfs objects = fruit streams_xattr glusterfs
    glusterfs:volume = yourGlusterVolume
    glusterfs:logfile = /var/log/samba/yourLog.log
    glusterfs:loglevel = 1
    inherit acls = yes
    path = /
    read only = no
    guest ok = no


Please let me know if this works for you.


Regards,

Felix

On 01/07/2020 18:08, Strahil Nikolov via samba wrote:
> Hello All,
>
> I'm new to the list and I don't have much of experience with samba.
>
> I have a test setup on CentOS 7.8 with samba-4.10.4 and samba-vfs-glusterfs .
> When my client mounts the samba share via vers=1.0 , the user sees the share properly (uid,gid,mode are just like on gluster). When the share is mounted with vers=2.0 or not specified (anything higher) the files are owned by root/root and can't be changed (even by root).
>
> Here is a short summary:
>
> Packages:
> samba-4.10.4-11.el7_8.x86_64
> samba-client-libs-4.10.4-11.el7_8.x86_64
> samba-common-4.10.4-11.el7_8.noarch
> samba-common-libs-4.10.4-11.el7_8.x86_64
> samba-common-tools-4.10.4-11.el7_8.x86_64
> samba-libs-4.10.4-11.el7_8.x86_64
> samba-vfs-glusterfs-4.10.4-11.el7_8.x86_64
>
>
> TESTPARM:
>
> # Global parameters
> [global]
>          printcap name = cups
>          security = USER
>          workgroup = SAMBA
>          idmap config * : backend = tdb
>          cups options = raw
>
>
> [homes]
>          browseable = No
>          comment = Home Directories
>          inherit acls = Yes
>          read only = No
>          valid users = %S %D%w%S
>
>
> [printers]
>          browseable = No
>          comment = All Printers
>          create mask = 0600
>          path = /var/tmp
>          printable = Yes
>
>
> [print$]
>          comment = Printer Drivers
>          create mask = 0664
>          directory mask = 0775
>          force group = @printadmin
>          path = /var/lib/samba/drivers
>          write list = @printadmin root
>
>
> [gluster-replicate]
>          comment = For samba share of volume replicate
>          guest ok = Yes
>          inherit acls = Yes
>          kernel share modes = No
>          path = /
>          read only = No
>          vfs objects = glusterfs
>          glusterfs:loglevel = 7
>          glusterfs:logfile = /var/log/samba/glusterfs-replicate.%M.log
>          glusterfs:volume = replicate
>
> Shares ownership:
> [root at servera ~]# mount -t cifs //servera/gluster-replicate /mnt -o user=smbuser
> Password for smbuser@//servera/gluster-replicate:  ***
> [root at servera ~]# ls -l /mnt
> общо 9
> drwxr-xr-x. 2 root root 0  1 юли 18,42 test
> -rwxr-xr-x. 1 root root 4  1 юли 18,49 test12
> -rwxr-xr-x. 1 root root 9  1 юли 18,51 test12345
> drwxr-xr-x. 2 root root 0  1 юли 18,49 test35
> [root at servera ~]# umount /mnt
> [root at servera ~]# mount -t cifs //servera/gluster-replicate /mnt -o user=smbuser,vers=1.0
> Password for smbuser@//servera/gluster-replicate:  ***
> [root at servera ~]# ls -l /mnt
> общо 9
> drwxrwsrwx. 2 smbuser smbuser 4096  1 юли 18,42 test
> -rw-r--r--. 1 smbuser smbuser    4  1 юли 18,49 test12
> -rw-r--r--. 1 smbuser smbuser    9  1 юли 18,51 test12345
> drwxr-sr-x. 2 smbuser smbuser 4096  1 юли 18,49 test35
> [root at servera ~]# umount /mnt
> [root at servera ~]# mount -t glusterfs -o acl servera:/replicate /mnt
> [root at servera ~]# ls -l /mnt
> общо 9
> drwxrwsrwx. 2 smbuser smbuser 4096  1 юли 18,42 test
> -rw-r--r--. 1 smbuser smbuser    4  1 юли 18,49 test12
> -rw-r--r--. 1 smbuser smbuser    9  1 юли 18,51 test12345
> drwxr-sr-x. 2 smbuser smbuser 4096  1 юли 18,49 test35
> [root at servera ~]#
>
>
> I'm pretty sure I'm missing something , but I have no idea what it is. Any ideas why the share is viewable as "root" will be highly appreciated.
>
>
> Thanks in advance.
>
> Best Regards,
> Strahil NIkolov

>
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba




More information about the samba mailing list