Tamas Papp
2024-Jun-17 17:47 UTC
[Samba] Random permission denied and path not found errors
On 6/17/24 16:15, Rowland Penny via samba wrote:> Are your incus containers privileged ?Yes.> I should also point out that, from the Samba point of view, 4.15.13 is > EOL.I can upgrade samba (ubuntu), but would only do if there is any relevant change/fix/improvement. The release notes are quite long and in many cases I am unsure about the meaning of the content. Ubuntu 24.04 includes 4.19.5+dfsg-4ubuntu9.> No idea because I haven't a clue how you are running Samba, for all I > know, you could be running sssd on a Samba fileserver. > > Might be an idea if you post the output of 'testparm -s'Good point, I missed adding the configuration. The windows server is a AD DC and samba is AD member: # Global parameters [global] ?? ?kerberos method = secrets and keytab ?? ?log file = /var/log/samba/log.%m ?? ?logging = file ?? ?map to guest = Bad User ?? ?max log size = 1000 ?? ?obey pam restrictions = Yes ?? ?pam password change = Yes ?? ?panic action = /usr/share/samba/panic-action %d ?? ?passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . ?? ?passwd program = /usr/bin/passwd %u ?? ?realm = SPECTRALSTUDIOS.LOCAL ?? ?security = ADS ?? ?server role = standalone server ?? ?server string = %h server (Samba, Ubuntu) ?? ?template homedir = /home/%U@%D ?? ?template shell = /bin/bash ?? ?unix password sync = Yes ?? ?usershare allow guests = Yes ?? ?winbind offline logon = Yes ?? ?winbind refresh tickets = Yes ?? ?workgroup = SPECTRALSTUDIOS ?? ?idmap config * : range = 10000-999999 ?? ?idmap config spectralstudios : backend = rid ?? ?idmap config spectralstudios : range = 2000000-2999999 ?? ?idmap config * : backend = tdb [HUNY_asset] ?? ?comment = HUNY/asset ?? ?create mask = 0664 ?? ?directory mask = 02775 ?? ?force create mode = 0664 ?? ?force directory mode = 02775 ?? ?path = /data/Projects/HUNY/asset ?? ?read only = No ?? ?valid users = "@spectralstudios\domain users" There are more shares but the configuration is the same. Thank you,
Rowland Penny
2024-Jun-17 18:18 UTC
[Samba] Random permission denied and path not found errors
On Mon, 17 Jun 2024 19:47:04 +0200 Tamas Papp via samba <samba at lists.samba.org> wrote:> > On 6/17/24 16:15, Rowland Penny via samba wrote: > > Are your incus containers privileged ? > > Yes. > > > I should also point out that, from the Samba point of view, 4.15.13 > > is EOL. > > > I can upgrade samba (ubuntu), but would only do if there is any > relevant change/fix/improvement. The release notes are quite long and > in many cases I am unsure about the meaning of the content. > > Ubuntu 24.04 includes 4.19.5+dfsg-4ubuntu9.There have been numerous fixes since 4.15.x , using the most recent version of Samba possible is always a good idea.> > > No idea because I haven't a clue how you are running Samba, for all > > I know, you could be running sssd on a Samba fileserver. > > > > Might be an idea if you post the output of 'testparm -s' > > > Good point, I missed adding the configuration. > > The windows server is a AD DC and samba is AD member: > > > # Global parameters > [global] > ?? ?kerberos method = secrets and keytab > ?? ?log file = /var/log/samba/log.%m > ?? ?logging = file > ?? ?map to guest = Bad User > ?? ?max log size = 1000 > ?? ?obey pam restrictions = Yes > ?? ?pam password change = Yes > ?? ?panic action = /usr/share/samba/panic-action %d > ?? ?passwd chat = *Enter\snew\s*\spassword:* %n\n > *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . > ?? ?passwd program = /usr/bin/passwd %u > ?? ?realm = SPECTRALSTUDIOS.LOCAL > ?? ?security = ADS > ?? ?server role = standalone server > ?? ?server string = %h server (Samba, Ubuntu) > ?? ?template homedir = /home/%U@%D > ?? ?template shell = /bin/bash > ?? ?unix password sync = Yes > ?? ?usershare allow guests = Yes > ?? ?winbind offline logon = Yes > ?? ?winbind refresh tickets = Yes > ?? ?workgroup = SPECTRALSTUDIOS > ?? ?idmap config * : range = 10000-999999 > ?? ?idmap config spectralstudios : backend = rid > ?? ?idmap config spectralstudios : range = 2000000-2999999 > ?? ?idmap config * : backend = tdb > > [HUNY_asset] > ?? ?comment = HUNY/asset > ?? ?create mask = 0664 > ?? ?directory mask = 02775 > ?? ?force create mode = 0664 > ?? ?force directory mode = 02775 > ?? ?path = /data/Projects/HUNY/asset > ?? ?read only = No > ?? ?valid users = "@spectralstudios\domain users" > > > There are more shares but the configuration is the same.Hmm, did you take the standard Ubuntu smb.conf and then add to it ? I ask this because you have numerous lines that do not really have a place in Unix domain member smb.conf I would definitely remove these lines: ?? ?obey pam restrictions = Yes ?? ?pam password change = Yes ?? ?passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . ?? ?passwd program = /usr/bin/passwd %u ?? ?server role = standalone server ?? ?unix password sync = Yes Unless you have 'guest ok = yes' or 'public = yes' set in a share (if so why ?) then I would remove this line: ?? ?map to guest = Bad User Also if you are not going to be using usershares, I would remove this line: ?? ?usershare allow guests = Yes Turning to your share, add these lines to 'global': vfs objects = acl_xattr map acl inherit = Yes then make your share look like this: [HUNY_asset] ?? ?comment = HUNY/asset ?? ?read only = No Then read this: https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs Rowland
Reasonably Related Threads
- Random permission denied and path not found errors
- Random permission denied and path not found errors
- Random permission denied and path not found errors
- samba behavior change with version upgrade
- 答复: About error: 'Windows cannot access, you do not have permission to access'