Slava Aseev
2022-Jul-18 12:14 UTC
[Samba] Validity of "testparm --parameter-name" output on a non-zero exit code
Hello! I?have?a?question?about?testparm?(maybe?a?stupid?question). testparm?exits?with?1?if?any?errors?in?smb.conf?was?detected. Can this exit code be safely ignored if only the output of "testparm --parameter-name"?is?needed? For example, in case of "testparm --suppress-prompt --parameter-name 'usershare path'" we can check path from the output for existence, so checking the exit code doesn't seem so useful. However, I am not entirely?sure?about?this,?maybe?there?is?something?what?I?missed. The whole problem is that there is a real case where I would like to ignore?the?exit?code: ??$?testparm?--debuglevel=0?--suppress-prompt?--verbose?--parameter-name?'usershare?path' ??Load?smb?config?files?from?/etc/samba/smb.conf ??Loaded?services?file?OK. ??Weak?crypto?is?allowed ??ERROR:?Do?not?use?the?'sss'?backend?as?the?default?idmap?backend! ??/var/lib/samba/usershares ??$?echo?$? ??1 but?I'm?not?sure?if?I?really?should. -- Best regards, Slava Aseev
Rowland Penny
2022-Jul-18 12:25 UTC
[Samba] Validity of "testparm --parameter-name" output on a non-zero exit code
On Mon, 2022-07-18 at 15:14 +0300, Slava Aseev via samba wrote:> Hello! > > I have a question about testparm (maybe a stupid question). > > testparm exits with 1 if any errors in smb.conf was detected. > Can this exit code be safely ignored if only the output of "testparm > --parameter-name" is needed? > > For example, in case of "testparm --suppress-prompt --parameter-name > 'usershare path'" we can check path from the output for existence, > so > checking the exit code doesn't seem so useful. However, I am not > entirely sure about this, maybe there is something what I missed. > > The whole problem is that there is a real case where I would like to > ignore the exit code: > > $ testparm --debuglevel=0 --suppress-prompt --verbose --parameter- > name 'usershare path' > Load smb config files from /etc/samba/smb.conf > Loaded services file OK. > Weak crypto is allowed > > ERROR: Do not use the 'sss' backend as the default idmap backend! > > /var/lib/samba/usershares > > $ echo $? > 1 > > but I'm not sure if I really should.The error seems to be pretty major, you appear to be using the 'sss' backend for the default '*' idmap backend and this isn't allowed. You are also using shares and the 'sss' backend only does authentication. I think you need to post your smb.conf and tell us why you are using sssd. Rowland