[Samba] rsync replication acl error

James B. Byrne byrnejb at harte-lyne.ca
Sat May 9 13:21:31 UTC 2020 

I am trying to replicate a samba-4.3 DC [192.168.8.65] to a newly joined
samba-4.10 DC.  I am using rsync as described in the samba wiki, excepting that
I am using a remote shell (ssh) with the root user and password-less logins.

When I run the command below from the 4.10 DC I get acl errors as shown below.

rsync -XAavz --delete-after --rsh='ssh' [192.168.8.65]:/var/db/samba4/sysvol 
/var/db/samba4
receiving file list ... done
rsync: set_acl: sys_acl_set_file(sysvol, ACL_TYPE_ACCESS): Invalid argument (22)
. . . many more errors.

On DC1 I see this:
getfacl /var/db/samba4/sysvol/brockley-2016.harte-lyne.ca
# file: /var/db/samba4/sysvol/brockley-2016.harte-lyne.ca
# owner: root
# group: BUILTIN\administrators
user::rwx
user:root:rwx
user:BUILTIN\administrators:rwx
user:BUILTIN\server operators:r-x
user:3000002:rwx
user:3000003:r-x
group::rwx
group:BUILTIN\administrators:rwx
group:BUILTIN\server operators:r-x
group:3000002:rwx
group:3000003:r-x
mask::rwx
other::---

On DC2 I see this:

getfacl /var/db/samba4/sysvol/brockley-2016.harte-lyne.ca
# file: /var/db/samba4/sysvol/brockley-2016.harte-lyne.ca
# owner: root
# group: 3000000
            owner@:rwxp--aARWcCos:-------:allow
            group@:rwxp--a-R-c--s:-------:allow
         everyone@:------a-R-c--s:-------:allow

The sysvol directory tree and contents are copied however.  Just not the acls.

/var/db/samba4/sysvol/brockley-2016.harte-lyne.ca
|-- Policies
|   |-- {246C4B33-10C0-4718-8396-F4B2BF39C610}
|   |   |-- Machine
|   |   `-- User
|   |-- {31B2F340-016D-11D2-945F-00C04FB984F9}
|   |   |-- MACHINE
|   |   |   |-- Applications
|   |   |   `-- Scripts
|   |   |       |-- Shutdown
|   |   |       `-- Startup
|   |   `-- USER
|   |       |-- Documents\ &\ Settings
|   |       `-- Scripts
|   |           |-- Logoff
|   |           `-- Logon
|   `-- {6AC1786C-016F-11D2-945F-00C04FB984F9}
|       |-- MACHINE
|       `-- USER
`-- scripts


Is there some setting or option that I am missing or misusing? Is there
something that I have not configured for samba on DC2?

P.S. I am subscribed to the digest version of this list so the favour of a
direct copy of any replies to the list is appreciated.


-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

More information about the samba mailing list