[Samba] Some issues with vfs_shadow_copy2

Nicola Mingotti nmingotti at gmail.com
Sat Jan 2 11:50:59 UTC 2021


I have a wired issue with shadow_copy and I can't sort it out.
I hope you can give me an hand on this.

I am making shadow copies with 'rsync', I am pretty sure I am doing
it well because in a test machine it all works. Unfortunately
when I am trying to make it work in our production server I have issues
and I can't see the shadow copies from Windows File Explorer.

My configuration. I use Debian 10 stable. All software comes from packages.
My DC is Samba (dc1.windom.borghi.lan), my NAS is again Samba 

. I share with Samba : /mnt/sambaShared
. I would like to take shadow copies of the dir: 
. I would like to keep the shadow copies in : 

. I choose to let the snapshots directory visible to Domain Users 
because it is not
fully clear to me if that is required.

. These are a few shadow copies I see listing: 

. I can see and browse these directories from Windows File Explorer, 
they seem all fine.

PS. (*) Beware, i found all sort if issues If snapshot names start with 
"@GMT", as per default. When
I discovered the problem was the "@" I also fixed the time to be my 
local time. This
issues appeard only in the production machine. In the test machine there 
was no issue
but snapshots files were not shared to users.

. Between a snapshot and the other I am sure I made modification to a 
file "test14.txt"
but they are not reflected in the snapshot. I see no "Previous versions" 
of this file.

. for completeness I report the snapshoting script in action:
+ BASE_DIR=/mnt/sambaShared/sambaDisk/DiscoS
+ SNAP_DIR=/mnt/sambaShared/sambaDisk/DiscoS/snapshots
+ SNAP_TARGET=/mnt/sambaShared/sambaDisk/DiscoS/Borghi
+ LATEST_SNAPSHOT=/mnt/sambaShared/sambaDisk/DiscoS/snapshots/latest
+ whoami
+ test root != root
+ [ ! -d /mnt/sambaShared/sambaDisk/DiscoS/snapshots ]
+ [ ! -d /mnt/sambaShared/sambaDisk/DiscoS/snapshots/latest ]
+ rsync -av /mnt/sambaShared/sambaDisk/DiscoS/Borghi/ 
sending incremental file list

sent 85,800,421 bytes  received 228,856 bytes  1,220,273.43 bytes/sec
total size is 2,879,559,548,669  speedup is 33,471.86
+ date +ROME-%Y.%m.%d-%H.%M.%S
+ FNAME=ROME-2021.01.02-12.16.11
+ cp -a -l /mnt/sambaShared/sambaDisk/DiscoS/snapshots/latest 
+ setfacl -m g:WINDOM\domain users:rX 

My Samba configuration in 'nas' is below. Still in comments
you can see some previous attempts I made, unsuccessfully.

Thank you in advance for whatever help/suggestion you can give me.


------------- /etc/samba/smb.conf -------------------------------

    workgroup = WINDOM
    security = ADS

    # per le windows ACL
    winbind refresh tickets = Yes
    vfs objects = acl_xattr
    map acl inherit = Yes
    store dos attributes = Yes

    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab

    # rimuovere dopo il testing
    winbind enum users = yes
    winbind enum groups = yes

    # disable printing
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes

    # logs
    # log file = /var/log/samba/%m.log
    # log level = 1
    # log file = /var/log/samba/samba.log
    log file = /var/log/samba/%U.log
    # log level = 1 smb:2 smb2:3
    log level = 2 smb:2 smb2:2 vfs:9
    # max file size 10 mega
    max log size = 10000

    # ---- ID mapping backend rid -------
    # Default ID mapping configuration for local BUILTIN accounts
    # and groups on a domain member. The default (*) domain:
    # - must not overlap with any domain ID mapping configuration!
    # - must use a read-write-enabled back end, such as tdb.
    idmap config * : backend = tdb
    idmap config * : range = 3000-7999
    # - You must set a DOMAIN backend configuration
    # idmap config for the SAMDOM domain
    idmap config WINDOM : backend = rid
    idmap config WINDOM : range = 10000-999999

    # Template settings for login shell and home directory
    template shell = /bin/bash
    template homedir = /home/WINDOM-%U

    # mappare "Administrator" a "root"
    username map = /usr/local/samba/etc/user.map

# directory che funge da disco in condivisione
        path = /mnt/sambaShared
        read only = no
        # ---- carica moduli che servono
        vfs objects = full_audit shadow_copy2
        # vfs objects = shadow_copy2
        # -------------------------------
        # --- per l'audit ---------------
        # opendir: troppi output, viene lette in automatico
        # questi non capisco cosa fanno: read write pread pwrite
        full_audit:prefix = %u|%I
        full_audit:success = open
        # full_audit:failure = all
        full_audit:facility = LOCAL5
        # --------------------------------
        # ---- per le shadow copies ------
        # vfs objects = shadow_copy2
        shadow:mountpoint = /mnt/sambaShared
        shadow:snapdir = /mnt/sambaShared/sambaDisk/DiscoS/snapshots
        shadow:snapsharepath = ../Borghi
        # shadow:snapdir = sambaDisk/DiscoS/snapshots
        # shadow:basedir = sambaDisk/DiscoS/Borghi
        # shadow:snapdir = /mnt/sambaShared/sambaDisk/DiscoS/snapshots
        # shadow:basedir = /mnt/sambaShared/sambaDisk/DiscoS/Borghi
        shadow:sort = desc
        shadow:localtime = yes
        shadow:format = 'ROME-%Y.%m.%d-%H.%M.%S'

More information about the samba mailing list