Anton N. Breusov
2006-Jul-27 19:12 UTC
[Samba] Problems with access to share after upgrading to 3.0.23(a)
Hi! I'm experiencing problems with access to one of shares on server with Samba working as PDC for windows clients, after I upgraded Samba from 3.0.22 to 3.0.23 (this problem also present in 3.0.23a). There are config section for this share: ---------------------------------------------------------------- [domain] comment = Domain users exchange share path = /home/special/domain guest ok = No writeable = Yes create mask = 0664 directory mask = 0775 ---------------------------------------------------------------- Access to directory in which share resides denied to "world", so only members of group "domain" can access this share: ---------------------------------------------------------------- root#earth:~>ls -la /home/special/ ... drwxr-x--- 5 ntadm domain 512 1 Jul 18:52 domain In this group placed all users-members of domain, also me (antonz) : root#earth:~>cat /etc/group |grep domain domain:*:250:ntadm,guest,antonz,oksana,valent ..... root#earth:~>id antonz uid=1002(antonz) gid=1002(antonz) groups=1002(antonz), 0(wheel), 53(bind), 80(www), 103(sshspec), 200(staff), 201(admin), 202(automation), 250(domain) ---------------------------------------------------------------- And this group "domain" also has mapping to domain-wide group "Domain Users": ---------------------------------------------------------------- root#earth:~>net groupmap list .... Domain Users (S-1-5-21-3971777737-3877677318-3229927643-513) -> domain ---------------------------------------------------------------- Until recent upgrade everything was OK with access to this share, but now I'm receiving "Error reading drive error" from both Windows clients and smbclient: ---------------------------------------------------------------- root#earth:~>smbclient -I 10.25.1.1 -U antonz \\\\earth\\domain Password: Domain=[LIBRARY] OS=[Unix] Server=[Samba 3.0.23a] smb: \> ls NT_STATUS_NETWORK_ACCESS_DENIED listing \* 0 blocks of size 0. 61680 blocks available smb: \> ---------------------------------------------------------------- Everything other goes well: domain logins, roaming profiles storing and retrieving, accessing other shares with more simple access rights (also user's homes). Samba config files was not changed when updating. Unfortunately, I cannot downgrade to 3.0.22 to at least test thing with it, it seems that TDB format changed between versions, and previous version didn't work at all, yelling about unknown TDB format. Here is log level 2 report when I'm tried to connect. I can provide log level 3 or higher if needed. /var/log/samba/samba.10.25.1.16.log ---------------------------------------------------------------- [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[homes]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[print$]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[printers]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[profile]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[hp1100]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[netlogon]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[ftp]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[cdrom]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[public]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[domain]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[WWW]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] param/loadparm.c:do_section(3704) Processing section "[rnb]" [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/interface.c:add_interface(81) added interface ip=10.0.1.251 bcast=10.0.1.255 nmask=255.255.255.0 [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/interface.c:add_interface(81) added interface ip=10.25.1.1 bcast=10.25.1.255 nmask=255.255.255.0 [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/interface.c:add_interface(81) added interface ip=10.25.2.1 bcast=10.25.2.255 nmask=255.255.255.0 [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/interface.c:add_interface(81) added interface ip=195.245.194.78 bcast=195.245.194.79 nmask=255.255.255.252 [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/access.c:check_access(324) Allowed connection from (10.25.1.16) [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/reply.c:reply_special(496) netbios connect: name1=EARTH name2=CAPELLA [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/reply.c:reply_special(503) netbios connect: local=earth remote=capella, name type = 0 [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/sesssetup.c:setup_new_vc_session(795) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/sesssetup.c:setup_new_vc_session(795) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [antonz] -> [antonz] -> [antonz] succeeded [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/access.c:check_access(324) Allowed connection from (10.25.1.16) [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/reply.c:reply_special(496) netbios connect: name1=EARTH name2=CAPELLA [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/reply.c:reply_special(503) netbios connect: local=earth remote=capella, name type = 0 [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/sesssetup.c:setup_new_vc_session(795) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] smbd/sesssetup.c:setup_new_vc_session(795) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] auth/auth.c:check_ntlm_password(309) check_ntlm_password: authentication for user [antonz] -> [antonz] -> [antonz] succeeded [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] lib/access.c:check_access(324) Allowed connection from (10.25.1.16) [2006/07/27 21:17:46, 1, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:make_connection_snum(941) capella (10.25.1.16) connect to service domain initially as user antonz (uid=1002, gid=1002) (pid 94387) [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), real(1002, 0)] smbd/service.c:set_current_service(150) chdir (/home/special/domain) failed ---------------------------------------------------------------- It seems like additional user groups not assigned by setgroups() for me, to access this share. There are also new DFS options in Samba: "host msdfs" and "dfs root", I tried to turn them off and do not compile DFS support, but when I'm turning this off, things are worse: other shares not working at all, so I leave this at default. Here is Samba configs. I'm having three of them: one global and one per "virtual NetBIOS host" served by this server. Because other virtual host working in "share mode" and doesn't have this share, I'm providing only global config file and for PDC virtual host. I'm also cutting non important shares. /usr/local/etc/smb.conf : ---------------------------------------------------------------- [global] ### Main NetBIOS options. netbios name = EARTH netbios aliases = LIBRARY workgroup = LIBRARY ### Network and TCP/IP options. hosts allow = ALL deadtime = 60 keepalive = 60 socket options = TCP_NODELAY SO_KEEPALIVE # Hmm, default value ("445 139") disallows our 'virtual NetBIOS hosts' feature on 2K/XP, # it seems that this happens because there are no NetBIOS names on 445 port (RAW SMB). smb ports = 139 ### System options. max smbd processes = 256 ### Logging options. debug timestamp = Yes debug uid = Yes debug pid = Yes log file = /var/log/samba/samba.%I.log log level = 2 max log size = 256 ### Misc WINS/NetBIOS options. wins support = Yes time server = Yes ### Codepage/charset settings. # Now we using cp-1125 (ruscii) ukrainian OEM codepage. display charset = ASCII dos charset = CP1125 unix charset = KOI8-U ### Security and user access options. invalid users = toor daemon operator bin games news man uucp xten pop guest account = ftp passdb backend = tdbsam:/usr/local/private/passdb.tdb encrypt passwords = Yes update encrypted = No create mask = 0640 directory mask = 0750 # host msdfs = No # msdfs root = No enable privileges = no ### UTMP options (still not supported???). ; utmp = Yes ; utmp dir = /var/run ; wtmp dir = /var/log ; utmp consolidate = No ### Printing options. printing = lprng load printers = No max print jobs = 128 show add printer wizard = No lppause command = /usr/local/bin/lpc -P%p hold %p %j lpresume command = /usr/local/bin/lpc -P%p release %p %j lpq command = /usr/local/bin/lpq -P%p lprm command = /usr/local/bin/lprm -P%p %j ; print command = /usr/local/etc/samba/printwrap.sh %s %p print command = /usr/local/bin/lpr -r -P%p %s queuepause command = /usr/local/bin/lpc -P%p hold %p queueresume command = /usr/local/bin/lpc -P%p release %p ; Printer support via SPOOLSS seems to be buggy in 2.2.3a... ; disable spoolss = Yes ; use client driver = Yes ### NetBIOS Virtual Hosts support. include = /usr/local/etc/samba/smb.%L.conf ---------------------------------------------------------------- /usr/local/etc/samba/smb.earth.conf: ---------------------------------------------------------------- [global] ### Main NetBIOS options. server string = %h [%L] (Samba %v) - Library Domain security = user ### Network and TCP/IP options. hosts allow = 10.25. ### Misc WINS/NetBIOS/Domain options. local master = Yes preferred master = Yes domain master = Yes domain logons = Yes os level = 64 logon script = logon.cmd logon drive = H: logon home = \\%N\%U logon path = \\%N\profile\.profile.WinNT ### Security and user access options. map archive = No create mask = 0644 directory mask = 0755 security mask = 0774 force security mode = 0000 directory security mask = 0775 force directory security mode = 0000 unix password sync = Yes # using default "passwd chat"... passwd program = /usr/bin/passwd %u [homes] browseable = No writeable = Yes guest ok = No valid users = %S csc policy = disable ; profile acls = yes ; Special workaround. [profile] path = %H browseable = Yes writeable = Yes guest ok = No map archive = Yes ; Read README.Win2kSP2 file ... nt acl support = yes create mask = 0600 directory mask = 0700 csc policy = disable profile acls = yes ; vfs objects = fake_perms [domain] comment = Domain users exchange share path = /home/special/domain guest ok = No writeable = Yes create mask = 0664 directory mask = 0775 ; security mask = 0774 ; force security mode = 0000 ; directory security mask = 0775 ; force directory security mode = 0000 .... ---------------------------------------------------------------- And also about my system... ---------------------------------------------------------------- root#earth:~>uname -a FreeBSD earth.library.ntu-kpi.kiev.ua 6.1-STABLE FreeBSD 6.1- STABLE #19: Sat Jul 1 17:34:30 EEST 2006 root@earth.library.ntu-kpi.kiev.ua:/usr/obj/usr/src/sys/EARTH amd64 ---------------------------------------------------------------- ...and samba build. It was built from ports: ---------------------------------------------------------------- root#earth:~>smbd --build-options Build environment: Built by: root@earth.library.ntu-kpi.kiev.ua Built on: ???????, 27 ???? 2006 ?. 13:44:54 (EEST) Built using: cc Build host: FreeBSD earth.library.ntu-kpi.kiev.ua 6.1-STABLE FreeBSD 6.1-STABLE #19: Sat Jul 1 17:34:30 EEST 2006 root@earth.library.ntu-kpi.kiev.ua:/usr/obj/usr/src/sys/EARTH amd64 SRCDIR: /usr/obj/ports/usr/ports/net/samba3/work/samba- 3.0.23a/source BUILDDIR: /usr/obj/ports/usr/ports/net/samba3/work/samba- 3.0.23a/source Paths: SBINDIR: /usr/local/sbin BINDIR: /usr/local/bin SWATDIR: /usr/local/share/swat CONFIGFILE: /usr/local/etc/smb.conf LOGFILEBASE: /var/log/samba LMHOSTSFILE: /usr/local/etc/lmhosts LIBDIR: /usr/local/lib/samba SHLIBEXT: so LOCKDIR: /var/db/samba PIDDIR: /var/run SMB_PASSWD_FILE: /usr/local/private/smbpasswd PRIVATE_DIR: /usr/local/private System Headers: HAVE_SYS_ACL_H HAVE_SYS_CDEFS_H HAVE_SYS_EXTATTR_H HAVE_SYS_FCNTL_H HAVE_SYS_FILIO_H HAVE_SYS_IOCTL_H HAVE_SYS_IPC_H HAVE_SYS_MMAN_H HAVE_SYS_MOUNT_H HAVE_SYS_PARAM_H HAVE_SYS_RESOURCE_H HAVE_SYS_SELECT_H HAVE_SYS_SHM_H HAVE_SYS_SOCKET_H HAVE_SYS_SOCKIO_H HAVE_SYS_STATVFS_H HAVE_SYS_STAT_H HAVE_SYS_SYSCALL_H HAVE_SYS_SYSLOG_H HAVE_SYS_TIME_H HAVE_SYS_TYPES_H HAVE_SYS_UIO_H HAVE_SYS_UNISTD_H HAVE_SYS_UN_H HAVE_SYS_WAIT_H Headers: HAVE_AIO_H HAVE_ARPA_INET_H HAVE_COM_ERR_H HAVE_CTYPE_H HAVE_DIRENT_H HAVE_DLFCN_H HAVE_FCNTL_H HAVE_FLOAT_H HAVE_GLOB_H HAVE_GRP_H HAVE_GSSAPI_H HAVE_INTTYPES_H HAVE_KRB5_H HAVE_LANGINFO_H HAVE_LBER_H HAVE_LDAP_H HAVE_LIMITS_H HAVE_LOCALE_H HAVE_MEMORY_H HAVE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSSWITCH_H HAVE_NSS_H HAVE_POLL_H HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_NETTYPE_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_MODULES_H HAVE_STDARG_H HAVE_STDINT_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_UNISTD_H HAVE_UTIME_H UTMP Options: HAVE_UTMP_H HAVE_UT_UT_HOST HAVE_UT_UT_NAME HAVE_UT_UT_TIME WITH_UTMP HAVE_* Defines: HAVE_ACL_GET_PERM_NP HAVE_ADDR_TYPE_IN_KRB5_ADDRESS HAVE_AP_OPTS_USE_SUBKEY HAVE_ASPRINTF HAVE_ASPRINTF_DECL HAVE_ATEXIT HAVE_BER_SCANF HAVE_C99_VSNPRINTF HAVE_CHECKSUM_IN_KRB5_CHECKSUM HAVE_CHMOD HAVE_CHOWN HAVE_CHROOT HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS HAVE_CONNECT HAVE_COPY_AUTHENTICATOR HAVE_CRYPT HAVE_DEVICE_MAJOR_FN HAVE_DEVICE_MINOR_FN HAVE_DLCLOSE HAVE_DLERROR HAVE_DLOPEN HAVE_DLSYM HAVE_DUP2 HAVE_ENCTYPE_ARCFOUR_HMAC_MD5 HAVE_ENDNETGRENT HAVE_ERRNO_DECL HAVE_ETYPE_IN_ENCRYPTEDDATA HAVE_EXECL HAVE_EXPLICIT_LARGEFILE_SUPPORT HAVE_EXTATTR_DELETE_FD HAVE_EXTATTR_DELETE_FILE HAVE_EXTATTR_DELETE_LINK HAVE_EXTATTR_GET_FD HAVE_EXTATTR_GET_FILE HAVE_EXTATTR_GET_LINK HAVE_EXTATTR_LIST_FD HAVE_EXTATTR_LIST_FILE HAVE_EXTATTR_LIST_LINK HAVE_EXTATTR_SET_FD HAVE_EXTATTR_SET_FILE HAVE_EXTATTR_SET_LINK HAVE_E_DATA_POINTER_IN_KRB5_ERROR HAVE_FCHMOD HAVE_FCHOWN HAVE_FCNTL_LOCK HAVE_FREE_AP_REQ HAVE_FSTAT HAVE_FSYNC HAVE_FTRUNCATE HAVE_FTRUNCATE_EXTEND HAVE_FUNCTION_MACRO HAVE_GETCWD HAVE_GETDENTS HAVE_GETDIRENTRIES HAVE_GETGRENT HAVE_GETGRNAM HAVE_GETGROUPLIST HAVE_GETNETGRENT HAVE_GETRLIMIT HAVE_GETTIMEOFDAY_TZ HAVE_GLOB HAVE_GRANTPT HAVE_GSSAPI HAVE_GSS_DISPLAY_STATUS HAVE_ICONV HAVE_IFACE_AIX HAVE_IMMEDIATE_STRUCTURES HAVE_INITGROUPS HAVE_INNETGR HAVE_KRB5 HAVE_KRB5_ADDRESSES HAVE_KRB5_AUTH_CON_SETKEY HAVE_KRB5_CRYPTO HAVE_KRB5_CRYPTO_DESTROY HAVE_KRB5_CRYPTO_INIT HAVE_KRB5_DECODE_AP_REQ HAVE_KRB5_ENCTYPES_COMPATIBLE_KEYS HAVE_KRB5_FREE_DATA_CONTENTS HAVE_KRB5_FREE_ERROR_CONTENTS HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES HAVE_KRB5_GET_KDC_CRED HAVE_KRB5_GET_PW_SALT HAVE_KRB5_KEYBLOCK_KEYVALUE HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK HAVE_KRB5_KRBHST_GET_ADDRINFO HAVE_KRB5_KT_COMPARE HAVE_KRB5_KT_FREE_ENTRY HAVE_KRB5_KU_OTHER_CKSUM HAVE_KRB5_MK_REQ_EXTENDED HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM HAVE_KRB5_PRINCIPAL_GET_COMP_STRING HAVE_KRB5_SESSION_IN_CREDS HAVE_KRB5_SET_DEFAULT_IN_TKT_ETYPES HAVE_KRB5_STRING_TO_KEY HAVE_KRB5_STRING_TO_KEY_SALT HAVE_LDAP HAVE_LDAP_ADD_RESULT_ENTRY HAVE_LDAP_DN2AD_CANONICAL HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SET_REBIND_PROC HAVE_LIBASN1 HAVE_LIBCOM_ERR HAVE_LIBGSSAPI HAVE_LIBKRB5 HAVE_LIBLBER HAVE_LIBLDAP HAVE_LIBPAM HAVE_LIBREADLINE HAVE_LIBROKEN HAVE_LINK HAVE_LONGLONG HAVE_MAKEDEV HAVE_MEMMOVE HAVE_MEMSET HAVE_MKNOD HAVE_MKTIME HAVE_MLOCK HAVE_MLOCKALL HAVE_MMAP HAVE_MUNLOCK HAVE_MUNLOCKALL HAVE_NANOSLEEP HAVE_NATIVE_ICONV HAVE_NEW_LIBREADLINE HAVE_NL_LANGINFO HAVE_NO_AIO HAVE_PATHCONF HAVE_PIPE HAVE_POLL HAVE_POSIX_ACLS HAVE_PRCTL HAVE_PREAD HAVE_PWRITE HAVE_QUOTACTL_4B HAVE_RAND HAVE_RANDOM HAVE_READLINK HAVE_REALPATH HAVE_RENAME HAVE_ROKEN_GETADDRINFO_HOSTSPEC HAVE_ROOT HAVE_SECURE_MKSTEMP HAVE_SELECT HAVE_SENDFILE HAVE_SETBUFFER HAVE_SETENV HAVE_SETGROUPS HAVE_SETLINEBUF HAVE_SETLOCALE HAVE_SETNETGRENT HAVE_SETPGID HAVE_SETRESGID HAVE_SETRESGID_DECL HAVE_SETRESUID HAVE_SETRESUID_DECL HAVE_SETSID HAVE_SHMGET HAVE_SHM_OPEN HAVE_SIGACTION HAVE_SIGBLOCK HAVE_SIGPROCMASK HAVE_SIG_ATOMIC_T_TYPE HAVE_SNPRINTF HAVE_SNPRINTF_DECL HAVE_SOCKLEN_T_TYPE HAVE_SOCK_SIN_LEN HAVE_SRAND HAVE_SRANDOM HAVE_STAT_ST_BLKSIZE HAVE_STAT_ST_BLOCKS HAVE_STRCASECMP HAVE_STRCHR HAVE_STRDUP HAVE_STRERROR HAVE_STRFTIME HAVE_STRLCAT HAVE_STRLCPY HAVE_STRPBRK HAVE_STRSIGNAL HAVE_STRTOUL HAVE_STRUCT_SIGEVENT HAVE_STRUCT_SIGEVENT_SIGEV_VALUE_SIGVAL_PTR HAVE_STRUCT_STAT_ST_RDEV HAVE_STRUCT_TIMESPEC HAVE_ST_RDEV HAVE_SYMLINK HAVE_SYSCALL HAVE_SYSCONF HAVE_SYSLOG HAVE_TIMEGM HAVE_UNIXSOCKET HAVE_USLEEP HAVE_UTIMBUF HAVE_UTIME HAVE_UTIMES HAVE_VASPRINTF HAVE_VASPRINTF_DECL HAVE_VA_COPY HAVE_VOLATILE HAVE_VSNPRINTF HAVE_VSNPRINTF_DECL HAVE_VSYSLOG HAVE_WAITPID HAVE_WORKING_AF_LOCAL HAVE__CHDIR HAVE__CLOSE HAVE__DUP HAVE__DUP2 HAVE__ET_LIST HAVE__FCHDIR HAVE__FCNTL HAVE__FORK HAVE__FSTAT HAVE__LSTAT HAVE__OPEN HAVE__READ HAVE__SEEKDIR HAVE__STAT HAVE__WRITE HAVE___GETCWD --with Options: WITH_ADS WITH_PAM WITH_QUOTAS WITH_SENDFILE WITH_UTMP Build Options: BROKEN_GETGRNAM COMPILER_SUPPORTS_LL DEFAULT_DISPLAY_CHARSET DEFAULT_DOS_CHARSET DEFAULT_UNIX_CHARSET FREEBSD FREEBSD_SENDFILE_API KRB5_PRINC_REALM_RETURNS_REALM KRB5_VERIFY_CHECKSUM_ARGS LDAP_SET_REBIND_PROC_ARGS PACKAGE_BUGREPORT PACKAGE_NAME PACKAGE_STRING PACKAGE_TARNAME PACKAGE_VERSION REPLACE_GETPASS RETSIGTYPE SEEKDIR_RETURNS_VOID SIZEOF_INT SIZEOF_LONG SIZEOF_LONG_LONG SIZEOF_OFF_T SIZEOF_SHORT STAT_STATVFS STAT_ST_BLOCKSIZE STDC_HEADERS STRING_STATIC_MODULES SYSCONF_SC_NGROUPS_MAX SYSCONF_SC_NPROCESSORS_ONLN SYSCONF_SC_PAGESIZE TIME_WITH_SYS_TIME USE_SETRESUID WITH_ADS WITH_PAM WITH_QUOTAS WITH_SENDFILE auth_script_init charset_CP437_init charset_CP850_init loff_t offset_t static_decl_auth static_decl_charset static_decl_idmap static_decl_pdb static_decl_rpc static_decl_vfs static_init_auth static_init_charset static_init_idmap static_init_pdb static_init_rpc static_init_vfs vfs_audit_init vfs_cap_init vfs_default_quota_init vfs_expand_msdfs_init vfs_extd_audit_init vfs_fake_perms_init vfs_full_audit_init vfs_netatalk_init vfs_readonly_init vfs_recycle_init vfs_shadow_copy_init Type sizes: sizeof(char): 1 sizeof(int): 4 sizeof(long): 8 sizeof(long long): 8 sizeof(uint8): 1 sizeof(uint16): 2 sizeof(uint32): 4 sizeof(short): 2 sizeof(void*): 8 sizeof(size_t): 8 sizeof(off_t): 8 sizeof(ino_t): 4 sizeof(dev_t): 4 Builtin modules: lss rpc_eventlog rpc_samr idmap_ldap idmap_tdb auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin ---------------------------------------------------------------- -- Gentlemen, you can't fight in here, this is the War Room!
Jeremy Allison
2006-Jul-27 19:23 UTC
[Samba] Problems with access to share after upgrading to 3.0.23(a)
On Thu, Jul 27, 2006 at 09:52:40PM +0300, Anton N. Breusov wrote:> Hi! > > I'm experiencing problems with access to one of shares on server > with Samba working as PDC for windows clients, after I upgraded > Samba from 3.0.22 to 3.0.23 (this problem also present in > 3.0.23a). There are config section for this share: > > ---------------------------------------------------------------- > [domain] > comment = Domain users exchange share > path = /home/special/domain > guest ok = No > writeable = Yes > create mask = 0664 > directory mask = 0775 > ---------------------------------------------------------------- > > Access to directory in which share resides denied to "world", so > only members of group "domain" can access this share: > ---------------------------------------------------------------- > root#earth:~>ls -la /home/special/ > ... > drwxr-x--- 5 ntadm domain 512 1 Jul 18:52 domain > > In this group placed all users-members of domain, also me > (antonz) : > root#earth:~>cat /etc/group |grep domain > domain:*:250:ntadm,guest,antonz,oksana,valent ..... > > root#earth:~>id antonz > uid=1002(antonz) gid=1002(antonz) groups=1002(antonz), 0(wheel), > 53(bind), 80(www), 103(sshspec), 200(staff), 201(admin), > 202(automation), 250(domain) > ---------------------------------------------------------------- > > And this group "domain" also has mapping to domain-wide group > "Domain Users": > > ---------------------------------------------------------------- > root#earth:~>net groupmap list > .... > Domain Users (S-1-5-21-3971777737-3877677318-3229927643-513) -> domain > ---------------------------------------------------------------- > > Until recent upgrade everything was OK with access to this > share, but now I'm receiving "Error reading drive error" from > both Windows clients and smbclient: > > ---------------------------------------------------------------- > root#earth:~>smbclient -I 10.25.1.1 -U antonz > \\\\earth\\domain > Password: > Domain=[LIBRARY] OS=[Unix] Server=[Samba 3.0.23a] > smb: \> ls > NT_STATUS_NETWORK_ACCESS_DENIED listing \* > > 0 blocks of size 0. 61680 blocks available > smb: \>It would be interesting to see what the token looks like for this access. Can you get a debug level 10 log from the smbclient access please ? Jeremy.
Nolan Garrett
2006-Jul-29 04:14 UTC
[Samba] Re: Problems with access to share after upgrading to 3.0.23(a)
It appears that we are experiencing the same problem - after upgrade to 3.0.23 I cannot access any shares on my Linux systems except for the home and printer shares. My configuration has not changed since 3.0.22 - it just stopped working. Have you had any luck with this problem? Nolan Anton N. Breusov wrote:> Hi! > > I'm experiencing problems with access to one of shares on server > with Samba working as PDC for windows clients, after I upgraded > Samba from 3.0.22 to 3.0.23 (this problem also present in > 3.0.23a). There are config section for this share: > > ---------------------------------------------------------------- > [domain] > comment = Domain users exchange share > path = /home/special/domain > guest ok = No > writeable = Yes > create mask = 0664 > directory mask = 0775 > ---------------------------------------------------------------- > > Access to directory in which share resides denied to "world", so > only members of group "domain" can access this share: > ---------------------------------------------------------------- > root#earth:~>ls -la /home/special/ > ... > drwxr-x--- 5 ntadm domain 512 1 Jul 18:52 domain > > In this group placed all users-members of domain, also me > (antonz) : > root#earth:~>cat /etc/group |grep domain > domain:*:250:ntadm,guest,antonz,oksana,valent ..... > > root#earth:~>id antonz > uid=1002(antonz) gid=1002(antonz) groups=1002(antonz), 0(wheel), > 53(bind), 80(www), 103(sshspec), 200(staff), 201(admin), > 202(automation), 250(domain) > ---------------------------------------------------------------- > > And this group "domain" also has mapping to domain-wide group > "Domain Users": > > ---------------------------------------------------------------- > root#earth:~>net groupmap list > .... > Domain Users (S-1-5-21-3971777737-3877677318-3229927643-513) -> domain > ---------------------------------------------------------------- > > Until recent upgrade everything was OK with access to this > share, but now I'm receiving "Error reading drive error" from > both Windows clients and smbclient: > > ---------------------------------------------------------------- > root#earth:~>smbclient -I 10.25.1.1 -U antonz > \\\\earth\\domain > Password: > Domain=[LIBRARY] OS=[Unix] Server=[Samba 3.0.23a] > smb: \> ls > NT_STATUS_NETWORK_ACCESS_DENIED listing \* > > 0 blocks of size 0. 61680 blocks available > smb: \> > ---------------------------------------------------------------- > > Everything other goes well: domain logins, roaming profiles > storing and retrieving, accessing other shares with more simple > access rights (also user's homes). Samba config files was not > changed when updating. Unfortunately, I cannot downgrade to > 3.0.22 to at least test thing with it, it seems that TDB format > changed between versions, and previous version didn't work at > all, yelling about unknown TDB format. > > Here is log level 2 report when I'm tried to connect. I can > provide log level 3 or higher if needed. > /var/log/samba/samba.10.25.1.16.log > ---------------------------------------------------------------- > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[homes]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[print$]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[printers]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[profile]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[hp1100]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[netlogon]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[ftp]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[cdrom]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[public]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[domain]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[WWW]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > param/loadparm.c:do_section(3704) > Processing section "[rnb]" > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/interface.c:add_interface(81) > added interface ip=10.0.1.251 bcast=10.0.1.255 > nmask=255.255.255.0 > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/interface.c:add_interface(81) > added interface ip=10.25.1.1 bcast=10.25.1.255 > nmask=255.255.255.0 > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/interface.c:add_interface(81) > added interface ip=10.25.2.1 bcast=10.25.2.255 > nmask=255.255.255.0 > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/interface.c:add_interface(81) > added interface ip=195.245.194.78 bcast=195.245.194.79 > nmask=255.255.255.252 > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/access.c:check_access(324) > Allowed connection from (10.25.1.16) > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/reply.c:reply_special(496) > netbios connect: name1=EARTH name2=CAPELLA > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/reply.c:reply_special(503) > netbios connect: local=earth remote=capella, name type = 0 > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/sesssetup.c:setup_new_vc_session(795) > setup_new_vc_session: New VC == 0, if NT4.x compatible we > would close all old resources. > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/sesssetup.c:setup_new_vc_session(795) > setup_new_vc_session: New VC == 0, if NT4.x compatible we > would close all old resources. > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > auth/auth.c:check_ntlm_password(309) > check_ntlm_password: authentication for user [antonz] -> > [antonz] -> [antonz] succeeded > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/access.c:check_access(324) > Allowed connection from (10.25.1.16) > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/reply.c:reply_special(496) > netbios connect: name1=EARTH name2=CAPELLA > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/reply.c:reply_special(503) > netbios connect: local=earth remote=capella, name type = 0 > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/sesssetup.c:setup_new_vc_session(795) > setup_new_vc_session: New VC == 0, if NT4.x compatible we > would close all old resources. > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > smbd/sesssetup.c:setup_new_vc_session(795) > setup_new_vc_session: New VC == 0, if NT4.x compatible we > would close all old resources. > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > auth/auth.c:check_ntlm_password(309) > check_ntlm_password: authentication for user [antonz] -> > [antonz] -> [antonz] succeeded > [2006/07/27 21:17:46, 2, pid=94387, effective(0, 0), real(0, 0)] > lib/access.c:check_access(324) > Allowed connection from (10.25.1.16) > [2006/07/27 21:17:46, 1, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:make_connection_snum(941) > capella (10.25.1.16) connect to service domain initially as > user antonz (uid=1002, gid=1002) (pid 94387) > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > [2006/07/27 21:17:46, 0, pid=94387, effective(1002, 1002), > real(1002, 0)] smbd/service.c:set_current_service(150) > chdir (/home/special/domain) failed > ---------------------------------------------------------------- > > It seems like additional user groups not assigned by setgroups() > for me, to access this share. > There are also new DFS options in Samba: "host msdfs" and "dfs > root", I tried to turn them off and do not compile DFS support, > but when I'm turning this off, things are worse: other shares > not working at all, so I leave this at default. > > Here is Samba configs. I'm having three of them: one global and > one per "virtual NetBIOS host" served by this server. Because > other virtual host working in "share mode" and doesn't have this > share, I'm providing only global config file and for PDC virtual > host. I'm also cutting non important shares. > > /usr/local/etc/smb.conf : > ---------------------------------------------------------------- > [global] > ### Main NetBIOS options. > netbios name = EARTH > netbios aliases = LIBRARY > workgroup = LIBRARY > > ### Network and TCP/IP options. > hosts allow = ALL > deadtime = 60 > keepalive = 60 > socket options = TCP_NODELAY SO_KEEPALIVE > # Hmm, default value ("445 139") disallows our 'virtual NetBIOS > hosts' feature on 2K/XP, > # it seems that this happens because there are no NetBIOS names > on 445 port (RAW SMB). > smb ports = 139 > > ### System options. > max smbd processes = 256 > > ### Logging options. > debug timestamp = Yes > debug uid = Yes > debug pid = Yes > log file = /var/log/samba/samba.%I.log > log level = 2 > max log size = 256 > > ### Misc WINS/NetBIOS options. > wins support = Yes > time server = Yes > > ### Codepage/charset settings. > # Now we using cp-1125 (ruscii) ukrainian OEM codepage. > display charset = ASCII > dos charset = CP1125 > unix charset = KOI8-U > > ### Security and user access options. > invalid users = toor daemon operator bin games news man uucp > xten pop > guest account = ftp > passdb backend = tdbsam:/usr/local/private/passdb.tdb > encrypt passwords = Yes > update encrypted = No > create mask = 0640 > directory mask = 0750 > # host msdfs = No > # msdfs root = No > enable privileges = no > > ### UTMP options (still not supported???). > ; utmp = Yes > ; utmp dir = /var/run > ; wtmp dir = /var/log > ; utmp consolidate = No > > ### Printing options. > printing = lprng > load printers = No > max print jobs = 128 > show add printer wizard = No > lppause command = /usr/local/bin/lpc -P%p hold %p %j > lpresume command = /usr/local/bin/lpc -P%p release %p %j > lpq command = /usr/local/bin/lpq -P%p > lprm command = /usr/local/bin/lprm -P%p %j > ; print command = /usr/local/etc/samba/printwrap.sh %s %p > print command = /usr/local/bin/lpr -r -P%p %s > queuepause command = /usr/local/bin/lpc -P%p hold %p > queueresume command = /usr/local/bin/lpc -P%p release %p > ; Printer support via SPOOLSS seems to be buggy in 2.2.3a... > ; disable spoolss = Yes > ; use client driver = Yes > > ### NetBIOS Virtual Hosts support. > include = /usr/local/etc/samba/smb.%L.conf > ---------------------------------------------------------------- > > /usr/local/etc/samba/smb.earth.conf: > ---------------------------------------------------------------- > [global] > ### Main NetBIOS options. > server string = %h [%L] (Samba %v) - Library Domain > security = user > > ### Network and TCP/IP options. > hosts allow = 10.25. > > ### Misc WINS/NetBIOS/Domain options. > local master = Yes > preferred master = Yes > domain master = Yes > domain logons = Yes > os level = 64 > logon script = logon.cmd > logon drive = H: > logon home = \\%N\%U > logon path = \\%N\profile\.profile.WinNT > > ### Security and user access options. > map archive = No > create mask = 0644 > directory mask = 0755 > security mask = 0774 > force security mode = 0000 > directory security mask = 0775 > force directory security mode = 0000 > unix password sync = Yes > # using default "passwd chat"... > passwd program = /usr/bin/passwd %u > > [homes] > browseable = No > writeable = Yes > guest ok = No > valid users = %S > csc policy = disable > ; profile acls = yes > > ; Special workaround. > [profile] > path = %H > browseable = Yes > writeable = Yes > guest ok = No > map archive = Yes > ; Read README.Win2kSP2 file ... > nt acl support = yes > create mask = 0600 > directory mask = 0700 > csc policy = disable > profile acls = yes > ; vfs objects = fake_perms > > [domain] > comment = Domain users exchange share > path = /home/special/domain > guest ok = No > writeable = Yes > create mask = 0664 > directory mask = 0775 > ; security mask = 0774 > ; force security mode = 0000 > ; directory security mask = 0775 > ; force directory security mode = 0000 > > .... > ---------------------------------------------------------------- > > And also about my system... > > ---------------------------------------------------------------- > root#earth:~>uname -a > FreeBSD earth.library.ntu-kpi.kiev.ua 6.1-STABLE FreeBSD 6.1- > STABLE #19: Sat Jul 1 17:34:30 EEST 2006 > root@earth.library.ntu-kpi.kiev.ua:/usr/obj/usr/src/sys/EARTH > amd64 > ---------------------------------------------------------------- > > ...and samba build. It was built from ports: > ---------------------------------------------------------------- > root#earth:~>smbd --build-options > Build environment: > Built by: root@earth.library.ntu-kpi.kiev.ua > Built on: ???????, 27 ???? 2006 ?. 13:44:54 (EEST) > Built using: cc > Build host: FreeBSD earth.library.ntu-kpi.kiev.ua 6.1-STABLE > FreeBSD 6.1-STABLE #19: Sat Jul 1 17:34:30 EEST 2006 > root@earth.library.ntu-kpi.kiev.ua:/usr/obj/usr/src/sys/EARTH > amd64 > SRCDIR: /usr/obj/ports/usr/ports/net/samba3/work/samba- > 3.0.23a/source > BUILDDIR: /usr/obj/ports/usr/ports/net/samba3/work/samba- > 3.0.23a/source > > Paths: > SBINDIR: /usr/local/sbin > BINDIR: /usr/local/bin > SWATDIR: /usr/local/share/swat > CONFIGFILE: /usr/local/etc/smb.conf > LOGFILEBASE: /var/log/samba > LMHOSTSFILE: /usr/local/etc/lmhosts > LIBDIR: /usr/local/lib/samba > SHLIBEXT: so > LOCKDIR: /var/db/samba > PIDDIR: /var/run > SMB_PASSWD_FILE: /usr/local/private/smbpasswd > PRIVATE_DIR: /usr/local/private > > System Headers: > HAVE_SYS_ACL_H > HAVE_SYS_CDEFS_H > HAVE_SYS_EXTATTR_H > HAVE_SYS_FCNTL_H > HAVE_SYS_FILIO_H > HAVE_SYS_IOCTL_H > HAVE_SYS_IPC_H > HAVE_SYS_MMAN_H > HAVE_SYS_MOUNT_H > HAVE_SYS_PARAM_H > HAVE_SYS_RESOURCE_H > HAVE_SYS_SELECT_H > HAVE_SYS_SHM_H > HAVE_SYS_SOCKET_H > HAVE_SYS_SOCKIO_H > HAVE_SYS_STATVFS_H > HAVE_SYS_STAT_H > HAVE_SYS_SYSCALL_H > HAVE_SYS_SYSLOG_H > HAVE_SYS_TIME_H > HAVE_SYS_TYPES_H > HAVE_SYS_UIO_H > HAVE_SYS_UNISTD_H > HAVE_SYS_UN_H > HAVE_SYS_WAIT_H > > Headers: > HAVE_AIO_H > HAVE_ARPA_INET_H > HAVE_COM_ERR_H > HAVE_CTYPE_H > HAVE_DIRENT_H > HAVE_DLFCN_H > HAVE_FCNTL_H > HAVE_FLOAT_H > HAVE_GLOB_H > HAVE_GRP_H > HAVE_GSSAPI_H > HAVE_INTTYPES_H > HAVE_KRB5_H > HAVE_LANGINFO_H > HAVE_LBER_H > HAVE_LDAP_H > HAVE_LIMITS_H > HAVE_LOCALE_H > HAVE_MEMORY_H > HAVE_NETINET_IN_SYSTM_H > HAVE_NETINET_IP_H > HAVE_NETINET_TCP_H > HAVE_NET_IF_H > HAVE_NSSWITCH_H > HAVE_NSS_H > HAVE_POLL_H > HAVE_READLINE_HISTORY_H > HAVE_READLINE_READLINE_H > HAVE_RPCSVC_NIS_H > HAVE_RPCSVC_YPCLNT_H > HAVE_RPCSVC_YP_PROT_H > HAVE_RPC_NETTYPE_H > HAVE_RPC_RPC_H > HAVE_SECURITY_PAM_APPL_H > HAVE_SECURITY_PAM_MODULES_H > HAVE_STDARG_H > HAVE_STDINT_H > HAVE_STDLIB_H > HAVE_STRINGS_H > HAVE_STRING_H > HAVE_SYSLOG_H > HAVE_TERMIOS_H > HAVE_UNISTD_H > HAVE_UTIME_H > > UTMP Options: > HAVE_UTMP_H > HAVE_UT_UT_HOST > HAVE_UT_UT_NAME > HAVE_UT_UT_TIME > WITH_UTMP > > HAVE_* Defines: > HAVE_ACL_GET_PERM_NP > HAVE_ADDR_TYPE_IN_KRB5_ADDRESS > HAVE_AP_OPTS_USE_SUBKEY > HAVE_ASPRINTF > HAVE_ASPRINTF_DECL > HAVE_ATEXIT > HAVE_BER_SCANF > HAVE_C99_VSNPRINTF > HAVE_CHECKSUM_IN_KRB5_CHECKSUM > HAVE_CHMOD > HAVE_CHOWN > HAVE_CHROOT > HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS > HAVE_CONNECT > HAVE_COPY_AUTHENTICATOR > HAVE_CRYPT > HAVE_DEVICE_MAJOR_FN > HAVE_DEVICE_MINOR_FN > HAVE_DLCLOSE > HAVE_DLERROR > HAVE_DLOPEN > HAVE_DLSYM > HAVE_DUP2 > HAVE_ENCTYPE_ARCFOUR_HMAC_MD5 > HAVE_ENDNETGRENT > HAVE_ERRNO_DECL > HAVE_ETYPE_IN_ENCRYPTEDDATA > HAVE_EXECL > HAVE_EXPLICIT_LARGEFILE_SUPPORT > HAVE_EXTATTR_DELETE_FD > HAVE_EXTATTR_DELETE_FILE > HAVE_EXTATTR_DELETE_LINK > HAVE_EXTATTR_GET_FD > HAVE_EXTATTR_GET_FILE > HAVE_EXTATTR_GET_LINK > HAVE_EXTATTR_LIST_FD > HAVE_EXTATTR_LIST_FILE > HAVE_EXTATTR_LIST_LINK > HAVE_EXTATTR_SET_FD > HAVE_EXTATTR_SET_FILE > HAVE_EXTATTR_SET_LINK > HAVE_E_DATA_POINTER_IN_KRB5_ERROR > HAVE_FCHMOD > HAVE_FCHOWN > HAVE_FCNTL_LOCK > HAVE_FREE_AP_REQ > HAVE_FSTAT > HAVE_FSYNC > HAVE_FTRUNCATE > HAVE_FTRUNCATE_EXTEND > HAVE_FUNCTION_MACRO > HAVE_GETCWD > HAVE_GETDENTS > HAVE_GETDIRENTRIES > HAVE_GETGRENT > HAVE_GETGRNAM > HAVE_GETGROUPLIST > HAVE_GETNETGRENT > HAVE_GETRLIMIT > HAVE_GETTIMEOFDAY_TZ > HAVE_GLOB > HAVE_GRANTPT > HAVE_GSSAPI > HAVE_GSS_DISPLAY_STATUS > HAVE_ICONV > HAVE_IFACE_AIX > HAVE_IMMEDIATE_STRUCTURES > HAVE_INITGROUPS > HAVE_INNETGR > HAVE_KRB5 > HAVE_KRB5_ADDRESSES > HAVE_KRB5_AUTH_CON_SETKEY > HAVE_KRB5_CRYPTO > HAVE_KRB5_CRYPTO_DESTROY > HAVE_KRB5_CRYPTO_INIT > HAVE_KRB5_DECODE_AP_REQ > HAVE_KRB5_ENCTYPES_COMPATIBLE_KEYS > HAVE_KRB5_FREE_DATA_CONTENTS > HAVE_KRB5_FREE_ERROR_CONTENTS > HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES > HAVE_KRB5_GET_KDC_CRED > HAVE_KRB5_GET_PW_SALT > HAVE_KRB5_KEYBLOCK_KEYVALUE > HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK > HAVE_KRB5_KRBHST_GET_ADDRINFO > HAVE_KRB5_KT_COMPARE > HAVE_KRB5_KT_FREE_ENTRY > HAVE_KRB5_KU_OTHER_CKSUM > HAVE_KRB5_MK_REQ_EXTENDED > HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM > HAVE_KRB5_PRINCIPAL_GET_COMP_STRING > HAVE_KRB5_SESSION_IN_CREDS > HAVE_KRB5_SET_DEFAULT_IN_TKT_ETYPES > HAVE_KRB5_STRING_TO_KEY > HAVE_KRB5_STRING_TO_KEY_SALT > HAVE_LDAP > HAVE_LDAP_ADD_RESULT_ENTRY > HAVE_LDAP_DN2AD_CANONICAL > HAVE_LDAP_INIT > HAVE_LDAP_INITIALIZE > HAVE_LDAP_SET_REBIND_PROC > HAVE_LIBASN1 > HAVE_LIBCOM_ERR > HAVE_LIBGSSAPI > HAVE_LIBKRB5 > HAVE_LIBLBER > HAVE_LIBLDAP > HAVE_LIBPAM > HAVE_LIBREADLINE > HAVE_LIBROKEN > HAVE_LINK > HAVE_LONGLONG > HAVE_MAKEDEV > HAVE_MEMMOVE > HAVE_MEMSET > HAVE_MKNOD > HAVE_MKTIME > HAVE_MLOCK > HAVE_MLOCKALL > HAVE_MMAP > HAVE_MUNLOCK > HAVE_MUNLOCKALL > HAVE_NANOSLEEP > HAVE_NATIVE_ICONV > HAVE_NEW_LIBREADLINE > HAVE_NL_LANGINFO > HAVE_NO_AIO > HAVE_PATHCONF > HAVE_PIPE > HAVE_POLL > HAVE_POSIX_ACLS > HAVE_PRCTL > HAVE_PREAD > HAVE_PWRITE > HAVE_QUOTACTL_4B > HAVE_RAND > HAVE_RANDOM > HAVE_READLINK > HAVE_REALPATH > HAVE_RENAME > HAVE_ROKEN_GETADDRINFO_HOSTSPEC > HAVE_ROOT > HAVE_SECURE_MKSTEMP > HAVE_SELECT > HAVE_SENDFILE > HAVE_SETBUFFER > HAVE_SETENV > HAVE_SETGROUPS > HAVE_SETLINEBUF > HAVE_SETLOCALE > HAVE_SETNETGRENT > HAVE_SETPGID > HAVE_SETRESGID > HAVE_SETRESGID_DECL > HAVE_SETRESUID > HAVE_SETRESUID_DECL > HAVE_SETSID > HAVE_SHMGET > HAVE_SHM_OPEN > HAVE_SIGACTION > HAVE_SIGBLOCK > HAVE_SIGPROCMASK > HAVE_SIG_ATOMIC_T_TYPE > HAVE_SNPRINTF > HAVE_SNPRINTF_DECL > HAVE_SOCKLEN_T_TYPE > HAVE_SOCK_SIN_LEN > HAVE_SRAND > HAVE_SRANDOM > HAVE_STAT_ST_BLKSIZE > HAVE_STAT_ST_BLOCKS > HAVE_STRCASECMP > HAVE_STRCHR > HAVE_STRDUP > HAVE_STRERROR > HAVE_STRFTIME > HAVE_STRLCAT > HAVE_STRLCPY > HAVE_STRPBRK > HAVE_STRSIGNAL > HAVE_STRTOUL > HAVE_STRUCT_SIGEVENT > HAVE_STRUCT_SIGEVENT_SIGEV_VALUE_SIGVAL_PTR > HAVE_STRUCT_STAT_ST_RDEV > HAVE_STRUCT_TIMESPEC > HAVE_ST_RDEV > HAVE_SYMLINK > HAVE_SYSCALL > HAVE_SYSCONF > HAVE_SYSLOG > HAVE_TIMEGM > HAVE_UNIXSOCKET > HAVE_USLEEP > HAVE_UTIMBUF > HAVE_UTIME > HAVE_UTIMES > HAVE_VASPRINTF > HAVE_VASPRINTF_DECL > HAVE_VA_COPY > HAVE_VOLATILE > HAVE_VSNPRINTF > HAVE_VSNPRINTF_DECL > HAVE_VSYSLOG > HAVE_WAITPID > HAVE_WORKING_AF_LOCAL > HAVE__CHDIR > HAVE__CLOSE > HAVE__DUP > HAVE__DUP2 > HAVE__ET_LIST > HAVE__FCHDIR > HAVE__FCNTL > HAVE__FORK > HAVE__FSTAT > HAVE__LSTAT > HAVE__OPEN > HAVE__READ > HAVE__SEEKDIR > HAVE__STAT > HAVE__WRITE > HAVE___GETCWD > > --with Options: > WITH_ADS > WITH_PAM > WITH_QUOTAS > WITH_SENDFILE > WITH_UTMP > > Build Options: > BROKEN_GETGRNAM > COMPILER_SUPPORTS_LL > DEFAULT_DISPLAY_CHARSET > DEFAULT_DOS_CHARSET > DEFAULT_UNIX_CHARSET > FREEBSD > FREEBSD_SENDFILE_API > KRB5_PRINC_REALM_RETURNS_REALM > KRB5_VERIFY_CHECKSUM_ARGS > LDAP_SET_REBIND_PROC_ARGS > PACKAGE_BUGREPORT > PACKAGE_NAME > PACKAGE_STRING > PACKAGE_TARNAME > PACKAGE_VERSION > REPLACE_GETPASS > RETSIGTYPE > SEEKDIR_RETURNS_VOID > SIZEOF_INT > SIZEOF_LONG > SIZEOF_LONG_LONG > SIZEOF_OFF_T > SIZEOF_SHORT > STAT_STATVFS > STAT_ST_BLOCKSIZE > STDC_HEADERS > STRING_STATIC_MODULES > SYSCONF_SC_NGROUPS_MAX > SYSCONF_SC_NPROCESSORS_ONLN > SYSCONF_SC_PAGESIZE > TIME_WITH_SYS_TIME > USE_SETRESUID > WITH_ADS > WITH_PAM > WITH_QUOTAS > WITH_SENDFILE > auth_script_init > charset_CP437_init > charset_CP850_init > loff_t > offset_t > static_decl_auth > static_decl_charset > static_decl_idmap > static_decl_pdb > static_decl_rpc > static_decl_vfs > static_init_auth > static_init_charset > static_init_idmap > static_init_pdb > static_init_rpc > static_init_vfs > vfs_audit_init > vfs_cap_init > vfs_default_quota_init > vfs_expand_msdfs_init > vfs_extd_audit_init > vfs_fake_perms_init > vfs_full_audit_init > vfs_netatalk_init > vfs_readonly_init > vfs_recycle_init > vfs_shadow_copy_init > > Type sizes: > sizeof(char): 1 > sizeof(int): 4 > sizeof(long): 8 > sizeof(long long): 8 > sizeof(uint8): 1 > sizeof(uint16): 2 > sizeof(uint32): 4 > sizeof(short): 2 > sizeof(void*): 8 > sizeof(size_t): 8 > sizeof(off_t): 8 > sizeof(ino_t): 4 > sizeof(dev_t): 4 > > Builtin modules: > lss rpc_eventlog rpc_samr idmap_ldap idmap_tdb auth_sam > auth_unix auth_winbind auth_server auth_domain auth_builtin > ---------------------------------------------------------------- >