John R. Graham
2024-Nov-11 22:34 UTC
[Samba] Very strange: Samba is unable to access one of its own files
Got these log messages on Samba startup just now on my AD/DC (including the preamble to show the version I'm running): Nov 11 17:05:18 ceres samba[31981]: [2024/11/11 17:05:18.209145, 0] ../../source4/samba/server.c:633(binary_smbd_main) Nov 11 17:05:18 ceres samba[31981]:?? samba version 4.19.7 started. Nov 11 17:05:18 ceres samba[31981]:?? Copyright Andrew Tridgell and the Samba Team 1992-2023 Nov 11 17:05:18 ceres smbd[31996]: [2024/11/11 17:05:18.534058, 0] ../../source3/smbd/server.c:1746(main) Nov 11 17:05:18 ceres smbd[31996]:?? smbd version 4.19.7 started. Nov 11 17:05:18 ceres smbd[31996]:?? Copyright Andrew Tridgell and the Samba Team 1992-2023 Nov 11 17:05:18 ceres winbindd[32025]: [2024/11/11 17:05:18.623651,? 0] ../../source3/winbindd/winbindd.c:1441(main) Nov 11 17:05:18 ceres winbindd[32025]:?? winbindd version 4.19.7 started. Nov 11 17:05:18 ceres winbindd[32025]:?? Copyright Andrew Tridgell and the Samba Team 1992-2023 Nov 11 17:05:30 ceres smbd[32069]:?? chdir_current_service: vfs_ChDir(/var/lib/samba/sysvol) failed: Permission denied. Current token: uid=3000021, gid=3000016, 9 groups: 3000021 3000016 3000019 3000020 3000010 3000011 3000013 3000006 3000014 Nov 11 17:05:40 ceres smbd[32069]: [2024/11/11 17:05:40.355505, 0] ../../source3/smbd/smb2_service.c:117(chdir_current_service) Nov 11 17:05:40 ceres smbd[32069]:?? chdir_current_service: vfs_ChDir(/var/lib/samba/sysvol) failed: Permission denied. Current token: uid=3000021, gid=3000016, 9 groups: 3000021 3000016 3000019 3000020 3000010 3000011 3000013 3000006 3000014 Looking at the directory in question, there's an odd-looking (at least to me) group ID associated with that directory: ceres /var/lib/samba/sysvol # ls -la /var/lib/samba/sysvol total 36 drwxrwx---+ 3 root 3000000? 3 Apr 18? 2023 . drwxr-xr-x? 7 root root??? 11 Nov 11 17:05 .. drwxrwx---+ 4 root 3000000? 4 Apr 18? 2023 samdom.example.com (Note: domain name anonymized above.) Should I be concerned? - John