[Samba] Strange issue with Samba+CTDB+SELinux+GlusterFS
Martin Schwenke
martin at meltin.net
Wed Nov 16 22:40:03 UTC 2022
On Wed, 16 Nov 2022 11:41:37 +0100, Leszek Szczepanowski via samba
<samba at lists.samba.org> wrote:
Time for a guess, so...
[+Andreas]
For Andreas' context, version is:
> samba-4.16.4-101.el9.x86_64
via CentOS Stream 9.
> [...]
> [after few 4 minutes] log.samba-dcerpcd:
> [2022/11/16 11:32:05, 0]
> ../../source3/lib/dbwrap/dbwrap_ctdb.c:1926(db_open_ctdb)
> Could not open tdb /var/lib/ctdb/persistent/registry.tdb.0: Permission
> denied
> [2022/11/16 11:32:05, 0]
> ../../source3/lib/dbwrap/dbwrap_open.c:169(db_open)
> db_open: failed to attach to ctdb registry.tdb
> [2022/11/16 11:32:05, 0]
> ../../source3/lib/dbwrap/dbwrap_ctdb.c:1926(db_open_ctdb)
> Could not open tdb /var/lib/ctdb/persistent/registry.tdb.0: Permission
> denied
> [2022/11/16 11:32:05, 0]
> ../../source3/lib/dbwrap/dbwrap_open.c:169(db_open)
> db_open: failed to attach to ctdb registry.tdb
> [2022/11/16 11:32:05, 1]
> ../../source3/registry/reg_backend_db.c:759(regdb_init)
> regdb_init: Failed to open registry /var/lib/samba/registry.tdb
> (Permission denied)
> [2022/11/16 11:32:05, 0]
> ../../source3/registry/reg_init_basic.c:35(registry_init_common)
> Failed to initialize the registry: WERR_ACCESS_DENIED
> [2022/11/16 11:32:05, 1]
> ../../source3/param/loadparm.c:2157(lp_smbconf_ctx)
> error initializing registry configuration: SBC_ERR_BADFILE
> Can't load /etc/samba/smb.conf - run testparm to debug it
> samba-dcerpcd - Failed to load config file!
> [...]
Data points:
* samba-dcerpcd was added in 4.16.0, so is quite new
* Anything that uses dbwrap when clustering/CTDB is enabled (smbd,
winbindd, ctdbd and, apparently, samba-dcerpcd) will need direct
access to the TDBs
* It appears that only access from samba-dcerpcd is failing when
SELinux is enforcing
Seems like a packaging bug, where all required access has not been
configured for samba-dcerpcd in the SELinux magic?
peace & happiness,
martin
More information about the samba
mailing list