Hi Felix, thanks for the share. Sadly it doesn't work and I don't know how to start debugging this one. I tried your config (had to switch from domain member to standalone) but it's the same: [global] ??????? netbios name = yourName ??????? workgroup = yourWorkgroup ??????? realm = YourRealm ??????? log file = /var/log/samba/log.%m ??????? max log size = 50 ??????? security = ads ??????? clustering = yes ??? ??? max protocol = SMB3 ? ? ?? ? kernel share modes = no ?? ? ? ? kernel change notify = no ??????? kernel oplocks = no ??????? posix locking = no ??????? map archive = no ??????? map hidden = no ??????? map read only = no ??????? map system = no ??????? store dos attributes = yes ??????? idmap config * : backend = autorid ??????? idmap config * : range = 1000000-19999999 ??????? idmap config * : rangesize = 1000000 ??????? include = /etc/samba/ctdb.conf ??????? fruit:aapl = yes ??????? ea support = yes ??? # it turns out that using SMB1 via linux/rsync ??? # is leading to wrong permissions in our case ??? min protocol = SMB2 [gluster-replicated] ??? comment ??? vfs objects = fruit streams_xattr glusterfs ??? glusterfs:volume = yourGlusterVolume ??? glusterfs:logfile = /var/log/samba/yourLog.log ??? glusterfs:loglevel = 1 ??? inherit acls = yes ??? path = / ??? read only = no ??? guest ok = no Best Regards, Strahil Nikolov ? ?????, 1 ??? 2020 ?., 19:33:12 ?. ???????+3, Felix K?lzow via samba <samba at lists.samba.org> ??????: Dear Strahil, please find my current settings below: [global] ??????? netbios name = yourName ??????? workgroup = yourWorkgroup ??????? realm = YourRealm ??????? log file = /var/log/samba/log.%m ??????? max log size = 50 ??????? security = ads ??????? clustering = yes ??? ??? max protocol = SMB3 ? ? ?? ? kernel share modes = no ?? ? ? ? kernel change notify = no ??????? kernel oplocks = no ??????? posix locking = no ??????? map archive = no ??????? map hidden = no ??????? map read only = no ??????? map system = no ??????? store dos attributes = yes ??????? idmap config * : backend = autorid ??????? idmap config * : range = 1000000-19999999 ??????? idmap config * : rangesize = 1000000 ??????? include = /etc/samba/ctdb.conf ??????? fruit:aapl = yes ??????? ea support = yes ??? # it turns out that using SMB1 via linux/rsync ??? # is leading to wrong permissions in our case ??? min protocol = SMB2 [gluster-replicated] ??? comment ??? vfs objects = fruit streams_xattr glusterfs ??? glusterfs:volume = yourGlusterVolume ??? glusterfs:logfile = /var/log/samba/yourLog.log ??? glusterfs:loglevel = 1 ??? inherit acls = yes ??? path = / ??? read only = no ??? guest ok = no Please let me know if this works for you. Regards, Felix On 01/07/2020 18:08, Strahil Nikolov via samba wrote:> Hello All, > > I'm new to the list and I don't have much of experience with samba. > > I have a test setup on CentOS 7.8 with samba-4.10.4 and samba-vfs-glusterfs . > When my client mounts the samba share via vers=1.0 , the user sees the share properly (uid,gid,mode are just like on gluster). When the share is mounted with vers=2.0 or not specified (anything higher) the files are owned by root/root and can't be changed (even by root). > > Here is a short summary: > > Packages: > samba-4.10.4-11.el7_8.x86_64 > samba-client-libs-4.10.4-11.el7_8.x86_64 > samba-common-4.10.4-11.el7_8.noarch > samba-common-libs-4.10.4-11.el7_8.x86_64 > samba-common-tools-4.10.4-11.el7_8.x86_64 > samba-libs-4.10.4-11.el7_8.x86_64 > samba-vfs-glusterfs-4.10.4-11.el7_8.x86_64 > > > TESTPARM: > > # Global parameters > [global] >? ??????? printcap name = cups >? ??????? security = USER >? ??????? workgroup = SAMBA >? ??????? idmap config * : backend = tdb >? ??????? cups options = raw > > > [homes] >? ??????? browseable = No >? ??????? comment = Home Directories >? ??????? inherit acls = Yes >? ??????? read only = No >? ??????? valid users = %S %D%w%S > > > [printers] >? ??????? browseable = No >? ??????? comment = All Printers >? ??????? create mask = 0600 >? ??????? path = /var/tmp >? ??????? printable = Yes > > > [print$] >? ??????? comment = Printer Drivers >? ??????? create mask = 0664 >? ??????? directory mask = 0775 >? ??????? force group = @printadmin >? ??????? path = /var/lib/samba/drivers >? ??????? write list = @printadmin root > > > [gluster-replicate] >? ??????? comment = For samba share of volume replicate >? ??????? guest ok = Yes >? ??????? inherit acls = Yes >? ??????? kernel share modes = No >? ??????? path = / >? ??????? read only = No >? ??????? vfs objects = glusterfs >? ??????? glusterfs:loglevel = 7 >? ??????? glusterfs:logfile = /var/log/samba/glusterfs-replicate.%M.log >? ??????? glusterfs:volume = replicate > > Shares ownership: > [root at servera ~]# mount -t cifs //servera/gluster-replicate /mnt -o user=smbuser > Password for smbuser@//servera/gluster-replicate:? *** > [root at servera ~]# ls -l /mnt > ???? 9 > drwxr-xr-x. 2 root root 0? 1 ??? 18,42 test > -rwxr-xr-x. 1 root root 4? 1 ??? 18,49 test12 > -rwxr-xr-x. 1 root root 9? 1 ??? 18,51 test12345 > drwxr-xr-x. 2 root root 0? 1 ??? 18,49 test35 > [root at servera ~]# umount /mnt > [root at servera ~]# mount -t cifs //servera/gluster-replicate /mnt -o user=smbuser,vers=1.0 > Password for smbuser@//servera/gluster-replicate:? *** > [root at servera ~]# ls -l /mnt > ???? 9 > drwxrwsrwx. 2 smbuser smbuser 4096? 1 ??? 18,42 test > -rw-r--r--. 1 smbuser smbuser??? 4? 1 ??? 18,49 test12 > -rw-r--r--. 1 smbuser smbuser??? 9? 1 ??? 18,51 test12345 > drwxr-sr-x. 2 smbuser smbuser 4096? 1 ??? 18,49 test35 > [root at servera ~]# umount /mnt > [root at servera ~]# mount -t glusterfs -o acl servera:/replicate /mnt > [root at servera ~]# ls -l /mnt > ???? 9 > drwxrwsrwx. 2 smbuser smbuser 4096? 1 ??? 18,42 test > -rw-r--r--. 1 smbuser smbuser??? 4? 1 ??? 18,49 test12 > -rw-r--r--. 1 smbuser smbuser??? 9? 1 ??? 18,51 test12345 > drwxr-sr-x. 2 smbuser smbuser 4096? 1 ??? 18,49 test35 > [root at servera ~]# > > > I'm pretty sure I'm missing something , but I have no idea what it is. Any ideas why the share is viewable as "root" will be highly appreciated. > > > Thanks in advance. > > Best Regards, > Strahil NIkolov> >-- To unsubscribe from this list go to the following URL and read the instructions:? https://lists.samba.org/mailman/options/samba
Dear Strahil, please increase the gluster log-level to 10 and try to reconnect to the share with a specific client. Maybe it is useful to share the client log-output (it is located on the server side! I guess /var/log/samba/yourClientIP.log) Maybe more experienced samba users can deal with the log-file messages. Regards, Felix On 01/07/2020 19:47, Strahil Nikolov via samba wrote:> Hi Felix, > > thanks for the share. > Sadly it doesn't work and I don't know how to start debugging this one. > > I tried your config (had to switch from domain member to standalone) but it's the same: > > [global] > ??????? netbios name = yourName > ??????? workgroup = yourWorkgroup > ??????? realm = YourRealm > ??????? log file = /var/log/samba/log.%m > ??????? max log size = 50 > ??????? security = ads > > ??????? clustering = yes > > ??? ??? max protocol = SMB3 > ? ? ?? ? kernel share modes = no > ?? ? ? ? kernel change notify = no > > ??????? kernel oplocks = no > ??????? posix locking = no > > ??????? map archive = no > ??????? map hidden = no > ??????? map read only = no > ??????? map system = no > ??????? store dos attributes = yes > > > ??????? idmap config * : backend = autorid > ??????? idmap config * : range = 1000000-19999999 > ??????? idmap config * : rangesize = 1000000 > ??????? include = /etc/samba/ctdb.conf > ??????? fruit:aapl = yes > ??????? ea support = yes > > ??? # it turns out that using SMB1 via linux/rsync > ??? # is leading to wrong permissions in our case > ??? min protocol = SMB2 > > [gluster-replicated] > ??? comment > ??? vfs objects = fruit streams_xattr glusterfs > ??? glusterfs:volume = yourGlusterVolume > ??? glusterfs:logfile = /var/log/samba/yourLog.log > ??? glusterfs:loglevel = 1 > ??? inherit acls = yes > ??? path = / > ??? read only = no > ??? guest ok = no > > Best Regards, > Strahil Nikolov > > > > > ? ?????, 1 ??? 2020 ?., 19:33:12 ?. ???????+3, Felix K?lzow via samba <samba at lists.samba.org> ??????: > > > > > > Dear Strahil, > > please find my current settings below: > > > [global] > ??????? netbios name = yourName > ??????? workgroup = yourWorkgroup > ??????? realm = YourRealm > ??????? log file = /var/log/samba/log.%m > ??????? max log size = 50 > ??????? security = ads > > ??????? clustering = yes > > ??? ??? max protocol = SMB3 > ? ? ?? ? kernel share modes = no > ?? ? ? ? kernel change notify = no > > ??????? kernel oplocks = no > ??????? posix locking = no > > ??????? map archive = no > ??????? map hidden = no > ??????? map read only = no > ??????? map system = no > ??????? store dos attributes = yes > > > ??????? idmap config * : backend = autorid > ??????? idmap config * : range = 1000000-19999999 > ??????? idmap config * : rangesize = 1000000 > ??????? include = /etc/samba/ctdb.conf > ??????? fruit:aapl = yes > ??????? ea support = yes > > ??? # it turns out that using SMB1 via linux/rsync > ??? # is leading to wrong permissions in our case > ??? min protocol = SMB2 > > [gluster-replicated] > ??? comment > ??? vfs objects = fruit streams_xattr glusterfs > ??? glusterfs:volume = yourGlusterVolume > ??? glusterfs:logfile = /var/log/samba/yourLog.log > ??? glusterfs:loglevel = 1 > ??? inherit acls = yes > ??? path = / > ??? read only = no > ??? guest ok = no > > > Please let me know if this works for you. > > > Regards, > > Felix > > On 01/07/2020 18:08, Strahil Nikolov via samba wrote: >> Hello All, >> >> I'm new to the list and I don't have much of experience with samba. >> >> I have a test setup on CentOS 7.8 with samba-4.10.4 and samba-vfs-glusterfs . >> When my client mounts the samba share via vers=1.0 , the user sees the share properly (uid,gid,mode are just like on gluster). When the share is mounted with vers=2.0 or not specified (anything higher) the files are owned by root/root and can't be changed (even by root). >> >> Here is a short summary: >> >> Packages: >> samba-4.10.4-11.el7_8.x86_64 >> samba-client-libs-4.10.4-11.el7_8.x86_64 >> samba-common-4.10.4-11.el7_8.noarch >> samba-common-libs-4.10.4-11.el7_8.x86_64 >> samba-common-tools-4.10.4-11.el7_8.x86_64 >> samba-libs-4.10.4-11.el7_8.x86_64 >> samba-vfs-glusterfs-4.10.4-11.el7_8.x86_64 >> >> >> TESTPARM: >> >> # Global parameters >> [global] >> ? ??????? printcap name = cups >> ? ??????? security = USER >> ? ??????? workgroup = SAMBA >> ? ??????? idmap config * : backend = tdb >> ? ??????? cups options = raw >> >> >> [homes] >> ? ??????? browseable = No >> ? ??????? comment = Home Directories >> ? ??????? inherit acls = Yes >> ? ??????? read only = No >> ? ??????? valid users = %S %D%w%S >> >> >> [printers] >> ? ??????? browseable = No >> ? ??????? comment = All Printers >> ? ??????? create mask = 0600 >> ? ??????? path = /var/tmp >> ? ??????? printable = Yes >> >> >> [print$] >> ? ??????? comment = Printer Drivers >> ? ??????? create mask = 0664 >> ? ??????? directory mask = 0775 >> ? ??????? force group = @printadmin >> ? ??????? path = /var/lib/samba/drivers >> ? ??????? write list = @printadmin root >> >> >> [gluster-replicate] >> ? ??????? comment = For samba share of volume replicate >> ? ??????? guest ok = Yes >> ? ??????? inherit acls = Yes >> ? ??????? kernel share modes = No >> ? ??????? path = / >> ? ??????? read only = No >> ? ??????? vfs objects = glusterfs >> ? ??????? glusterfs:loglevel = 7 >> ? ??????? glusterfs:logfile = /var/log/samba/glusterfs-replicate.%M.log >> ? ??????? glusterfs:volume = replicate >> >> Shares ownership: >> [root at servera ~]# mount -t cifs //servera/gluster-replicate /mnt -o user=smbuser >> Password for smbuser@//servera/gluster-replicate:? *** >> [root at servera ~]# ls -l /mnt >> ???? 9 >> drwxr-xr-x. 2 root root 0? 1 ??? 18,42 test >> -rwxr-xr-x. 1 root root 4? 1 ??? 18,49 test12 >> -rwxr-xr-x. 1 root root 9? 1 ??? 18,51 test12345 >> drwxr-xr-x. 2 root root 0? 1 ??? 18,49 test35 >> [root at servera ~]# umount /mnt >> [root at servera ~]# mount -t cifs //servera/gluster-replicate /mnt -o user=smbuser,vers=1.0 >> Password for smbuser@//servera/gluster-replicate:? *** >> [root at servera ~]# ls -l /mnt >> ???? 9 >> drwxrwsrwx. 2 smbuser smbuser 4096? 1 ??? 18,42 test >> -rw-r--r--. 1 smbuser smbuser??? 4? 1 ??? 18,49 test12 >> -rw-r--r--. 1 smbuser smbuser??? 9? 1 ??? 18,51 test12345 >> drwxr-sr-x. 2 smbuser smbuser 4096? 1 ??? 18,49 test35 >> [root at servera ~]# umount /mnt >> [root at servera ~]# mount -t glusterfs -o acl servera:/replicate /mnt >> [root at servera ~]# ls -l /mnt >> ???? 9 >> drwxrwsrwx. 2 smbuser smbuser 4096? 1 ??? 18,42 test >> -rw-r--r--. 1 smbuser smbuser??? 4? 1 ??? 18,49 test12 >> -rw-r--r--. 1 smbuser smbuser??? 9? 1 ??? 18,51 test12345 >> drwxr-sr-x. 2 smbuser smbuser 4096? 1 ??? 18,49 test35 >> [root at servera ~]# >> >> >> I'm pretty sure I'm missing something , but I have no idea what it is. Any ideas why the share is viewable as "root" will be highly appreciated. >> >> >> Thanks in advance. >> >> Best Regards, >> Strahil NIkolov >>
On 01/07/2020 18:47, Strahil Nikolov via samba wrote:> Hi Felix, > > thanks for the share. > Sadly it doesn't work and I don't know how to start debugging this one. > > I tried your config (had to switch from domain member to standalone) but it's the same: >Hang on, don't you mean 'switch from standalone to domain member' ? Rowland
Hi Rowland, I ment thay I removed some extra options from Felix settings - as they are for Samba in DC , and my setup is a Stand-alone samba. @Anoop, so this is expected ? I will check the documentation and follow up. Maybe I can optimize the Gluster documentation and update that? Best Regards, Strahil Nikolov ?? 1 ??? 2020 ?. 21:07:26 GMT+03:00, Rowland penny via samba <samba at lists.samba.org> ??????:>On 01/07/2020 18:47, Strahil Nikolov via samba wrote: >> Hi Felix, >> >> thanks for the share. >> Sadly it doesn't work and I don't know how to start debugging this >one. >> >> I tried your config (had to switch from domain member to standalone) >but it's the same: >> >Hang on, don't you mean 'switch from standalone to domain member' ? > >Rowland