Hi,
I upgraded samba to samba-3.0.23-1.fc4 and now I get authentication
errors trying to connect to any shares explicitly defined in smb.conf.
Iam using PAM for authentication.
/etc/samba/smb.conf:
[global]
encrypt passwords = no
debug level = 10
workgroup = MYGROUP
server string = Samba Server
security = user
hosts allow = 129.180.
load printers = yes
cups options = raw
log file = /usr/local/samba/var/%m.log
max log size = 500
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[mkovacs3]
path = %H
volume = %u
read only = no
force user = mkovacs3
valid users = mkovacs3 t
create mask = 0755
directory mask = 0755
samba-3.0.23-1.fc4
samba-common-3.0.23-1.fc4
system-config-samba-1.2.31-1
samba-client-3.0.23-1.fc4
Fedora Core release 4 (Stentz)
Linux isg-5 2.6.15-1.1831_FC4 #1 Tue Feb 7 13:37:42 EST 2006 i686 i686 i386
GNU/Linux
The following command fails:
>smbclient //isg-5/mkovacs3 -Ut
Password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.0.23-1.fc4]
tree connect failed: NT_STATUS_ACCESS_DENIED
Debug follows:
[2006/07/24 14:24:59, 10] lib/util.c:dump_data(2237)
[000] 00 5C 00 5C 00 49 00 53 00 47 00 2D 00 35 00 5C .\.\.I.S .G.-.5.\
[010] 00 4D 00 4B 00 4F 00 56 00 41 00 43 00 53 00 33 .M.K.O.V .A.C.S.3
[020] 00 00 00 3F 3F 3F 3F 3F 00 ...????? .
[2006/07/24 14:24:59, 3] smbd/process.c:switch_message(914)
switch message SMBtconX (pid 3146) conn 0x0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_nt_user_token(449)
NT user token: (NULL)
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_unix_user_token(475)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/07/24 14:24:59, 5] smbd/uid.c:change_to_root_user(275)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2006/07/24 14:24:59, 4] smbd/reply.c:reply_tcon_and_X(668)
Client requested device type [?????] for share [MKOVACS3]
[2006/07/24 14:24:59, 5] smbd/service.c:make_connection(1116)
making a connection to 'normal' service mkovacs3
[2006/07/24 14:24:59, 3] lib/access.c:check_access(313)
check_access: no hostnames in host allow/deny list.
[2006/07/24 14:24:59, 2] lib/access.c:check_access(324)
Allowed connection from (129.180.8.5)
[2006/07/24 14:24:59, 3] lib/util_sid.c:string_to_sid(223)
string_to_sid: Sid mkovacs3 does not start with 'S-'.
[2006/07/24 14:24:59, 10]
passdb/util_wellknown.c:lookup_wellknown_name(154)
map_name_to_wellknown_sid: looking up mkovacs3
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_nt_user_token(449)
NT user token: (NULL)
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_unix_user_token(475)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/07/24 14:24:59, 10]
passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1313)
getsampwnam (smbpasswd): search by name: mkovacs3
[2006/07/24 14:24:59, 10] passdb/pdb_smbpasswd.c:startsmbfilepwent(184)
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
[2006/07/24 14:24:59, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(539)
getsmbfilepwent: end of file reached.
[2006/07/24 14:24:59, 7] passdb/pdb_smbpasswd.c:endsmbfilepwent(301)
endsmbfilepwent_internal: closed password file.
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_nt_user_token(449)
NT user token: (NULL)
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_unix_user_token(475)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] lib/util_sid.c:string_to_sid(223)
string_to_sid: Sid t does not start with 'S-'.
[2006/07/24 14:24:59, 10]
passdb/util_wellknown.c:lookup_wellknown_name(154)
map_name_to_wellknown_sid: looking up t
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_nt_user_token(449)
NT user token: (NULL)
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_unix_user_token(475)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/07/24 14:24:59, 10]
passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1313)
getsampwnam (smbpasswd): search by name: t
[2006/07/24 14:24:59, 10] passdb/pdb_smbpasswd.c:startsmbfilepwent(184)
startsmbfilepwent_internal: opening file /etc/samba/smbpasswd
[2006/07/24 14:24:59, 5] passdb/pdb_smbpasswd.c:getsmbfilepwent(539)
getsmbfilepwent: end of file reached.
[2006/07/24 14:24:59, 7] passdb/pdb_smbpasswd.c:endsmbfilepwent(301)
endsmbfilepwent_internal: closed password file.
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 3] smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_nt_user_token(449)
NT user token: (NULL)
[2006/07/24 14:24:59, 5] auth/auth_util.c:debug_unix_user_token(475)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/07/24 14:24:59, 3] smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/24 14:24:59, 10] lib/util_pw.c:getpwnam_alloc(76)
Got t from pwnam_cache
[2006/07/24 14:24:59, 10] smbd/share_access.c:user_ok_token(208)
User t not in 'valid users'
[2006/07/24 14:24:59, 2] smbd/service.c:make_connection_snum(571)
user 't' (from session setup) not permitted to access this share
(mkovacs3)
[2006/07/24 14:24:59, 3] smbd/error.c:error_packet(146)
error packet at smbd/reply.c(676) cmd=117 (SMBtconX)
NT_STATUS_ACCESS_DENIED
[2006/07/24 14:24:59, 5] lib/util.c:show_msg(500)
[2006/07/24 14:24:59, 5] lib/util.c:show_msg(510)
size=35
smb_com=0x75
smb_rcls=34
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=3145
smb_uid=100
smb_mid=6
smt_wct=0
smb_bcc=0
[2006/07/24 14:24:59, 10] smbd/process.c:setup_select_timeout(1284)
change_notify_timeout: -1
[2006/07/24 14:25:00, 10] lib/util_sock.c:read_data(525)
read_data: read of 4 returned 0. Error = Success
[2006/07/24 14:25:00, 10] lib/util_sock.c:receive_smb_raw(672)
receive_smb_raw: length < 0!
[2006/07/24 14:25:00, 3] smbd/process.c:timeout_processing(1359)
timeout_processing: End of file from client (client has disconnected).
[2006/07/24 14:25:00, 5] lib/gencache.c:gencache_shutdown(90)
Closing cache file
[2006/07/24 14:25:00, 5] libsmb/namecache.c:namecache_shutdown(79)
namecache_shutdown: netbios namecache closed successfully.
[2006/07/24 14:25:00, 3] smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/07/24 14:25:00, 5] auth/auth_util.c:debug_nt_user_token(449)
NT user token: (NULL)
[2006/07/24 14:25:00, 5] auth/auth_util.c:debug_unix_user_token(475)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2006/07/24 14:25:00, 5] smbd/uid.c:change_to_root_user(275)
change_to_root_user: now uid=(0,0) gid=(0,0)
[2006/07/24 14:25:00, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2006/07/24 14:25:00, 3] smbd/server.c:exit_server_common(675)
Server exit (normal exit)
Thanks in advance for any input.
Michael
--
+ Michael Kovacs
+ Systems Administrator
+ School of Mathematics, Statistics & Computer Science
University of New England
Armidale, NSW 2351
Australia
+ Phone: +61 (0)2 6773 2412
+ Fax: +61 (0)2 6773 3312
+ Mobile: 042 7709 044
