Daniel J Walsh ha scritto / said the following il giorno/on 23/02/2011 22:18: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 02/23/2011 12:49 PM, antonio montagnani wrote: >> Craig White ha scritto / said the following il giorno/on 22/02/2011 >> 14:04: >>> On Mon, 2011-02-21 at 17:52 +0100, antonio.montagnani@xxxxxxxx wrote: >>>> >>>>> ----Messaggio originale---- >>>>> Da: craigwhite@xxxxxxxxxxx >>>>> Data: 21-feb-2011 >>>> 16.43 >>>>> A:<users@xxxxxxxxxxxxxxxxxxxxxxx> >>>>> Ogg: Re: R: Re: Samba >>>> misconfiguration >>>>> >>>>> On Mon, 2011-02-21 at 17:38 +0100, antonio.montagnani@alice. >>>> it wrote: >>>>>> >>>>> >>>>>> I attach a log file of a test with samba trying to connect >>>> by smbclient...I >>>>>> am at a dead point. >>>>> ---- >>>>> no ability to look at the log >>>> until much, much later. >>>>> >>>>> What is output of command... >>>>> >>>>> pdbedit -Lv antonio >>>> >>>>> >>>>> ? >>>>> >>>>> Craig >>>>> >>>>> >>>>> -- >>>>> This message has been scanned for viruses and >>>> >>>>> dangerous content by MailScanner, and is >>>>> believed to be clean. >>>>> >>>>> -- >>>>> users >>>> mailing list >>>>> users@xxxxxxxxxxxxxxxxxxxxxxx >>>>> To unsubscribe or change >>>> subscription options: >>>>> https://admin.fedoraproject.org/mailman/listinfo/users>Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> >>>> pdbedit -Lv antonio >>>> INFO: Current debug levels: >>>> all: True/10 >>>> tdb: >>>> False/0 >>>> printdrivers: False/0 >>>> lanman: False/0 >>>> smb: False/0 >>>> rpc_parse: >>>> False/0 >>>> rpc_srv: False/0 >>>> rpc_cli: False/0 >>>> passdb: False/0 >>>> sam: False/0 >>>> >>>> auth: False/0 >>>> winbind: False/0 >>>> vfs: False/0 >>>> idmap: False/0 >>>> quota: >>>> False/0 >>>> acls: False/0 >>>> locking: False/0 >>>> msdfs: False/0 >>>> dmapi: False/0 >>>> >>>> registry: False/0 >>>> doing parameter server string = Samba Server Version %v >>>> doing >>>> parameter print command = >>>> doing parameter guest ok = yes >>>> doing parameter >>>> workgroup = workgroup >>>> doing parameter username map = /etc/samba/smbusers >>>> doing >>>> parameter security = user >>>> doing parameter lprm command = >>>> doing parameter max >>>> log size = 50 >>>> doing parameter wins support = Yes >>>> doing parameter guest account >>>> = nfsnobody >>>> pm_process() returned Yes >>>> lp_servicenumber: couldn't find homes >>>> >>>> set_server_role: role = ROLE_STANDALONE >>>> Attempting to register new charset UCS- >>>> 2LE >>>> Registered charset UCS-2LE >>>> Attempting to register new charset UTF-16LE >>>> >>>> Registered charset UTF-16LE >>>> Attempting to register new charset UCS-2BE >>>> >>>> Registered charset UCS-2BE >>>> Attempting to register new charset UTF-16BE >>>> >>>> Registered charset UTF-16BE >>>> Attempting to register new charset UTF8 >>>> Registered >>>> charset UTF8 >>>> Attempting to register new charset UTF-8 >>>> Registered charset UTF-8 >>>> >>>> Attempting to register new charset ASCII >>>> Registered charset ASCII >>>> Attempting to >>>> register new charset 646 >>>> Registered charset 646 >>>> Attempting to register new >>>> charset ISO-8859-1 >>>> Registered charset ISO-8859-1 >>>> Attempting to register new >>>> charset UCS2-HEX >>>> Registered charset UCS2-HEX >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' for >>>> LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Netbios name list:- >>>> >>>> my_netbios_names[0]="ACER" >>>> Attempting to register passdb backend ldapsam >>>> >>>> Successfully added passdb backend 'ldapsam' >>>> Attempting to register passdb >>>> backend ldapsam_compat >>>> Successfully added passdb backend 'ldapsam_compat' >>>> >>>> Attempting to register passdb backend NDS_ldapsam >>>> Successfully added passdb >>>> backend 'NDS_ldapsam' >>>> Attempting to register passdb backend NDS_ldapsam_compat >>>> >>>> Successfully added passdb backend 'NDS_ldapsam_compat' >>>> Attempting to register >>>> passdb backend smbpasswd >>>> Successfully added passdb backend 'smbpasswd' >>>> >>>> Attempting to register passdb backend tdbsam >>>> Successfully added passdb backend >>>> 'tdbsam' >>>> Attempting to register passdb backend wbc_sam >>>> Successfully added >>>> passdb backend 'wbc_sam' >>>> Attempting to find a passdb backend to match tdbsam >>>> (tdbsam) >>>> Found pdb backend tdbsam >>>> pdb backend tdbsam has a valid init >>>> >>>> tdbsam_open: successfully opened /var/lib/samba/private/passdb.tdb >>>> >>>> pdb_set_username: setting username antonio, was >>>> pdb_set_domain: setting domain >>>> ACER, was >>>> pdb_set_nt_username: setting nt username , was >>>> pdb_set_full_name: >>>> setting full name antonio, was >>>> Home server: acer >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> Substituting charset 'UTF-8' >>>> for LOCALE >>>> Substituting charset 'UTF-8' for LOCALE >>>> pdb_set_homedir: setting >>>> home dir \\acer\antonio, was >>>> pdb_set_dir_drive: setting dir drive , was NULL >>>> >>>> pdb_set_logon_script: setting logon script , was >>>> Home server: acer >>>> >>>> pdb_set_profile_path: setting profile path \\acer\antonio\profile, was >>>> >>>> pdb_set_workstations: setting workstations , was >>>> account_policy_get: name: >>>> password history, val: 0 >>>> pdb_set_user_sid: setting user sid S-1-5-21-3734388162- >>>> 611009795-2949902601-1003 >>>> pdb_set_user_sid_from_rid: >>>> setting user sid S-1-5-21- >>>> 3734388162-611009795-2949902601-1003 from rid 1003 >>>> account_policy_get: name: >>>> maximum password age, val: -1 >>>> Finding user antonio >>>> Trying _Get_Pwnam(), >>>> username as lowercase is antonio >>>> Get_Pwnam_internals did find user [antonio]! >>>> >>>> Opening cache file at /var/lib/samba/gencache.tdb >>>> Opening cache file at >>>> /var/lib/samba/gencache_notrans.tdb >>>> Cache entry with key = IDMAP/GID2SID/500 >>>> couldn't be found >>>> gid_to_sid: winbind failed to find a sid for gid 500 >>>> LEGACY: >>>> gid 500 -> sid S-1-22-2-500 >>>> account_policy_get: name: password history, val: 0 >>>> >>>> pdb_set_username: setting username antonio, was >>>> pdb_set_domain: setting domain >>>> ACER, was >>>> pdb_set_nt_username: setting nt username , was >>>> pdb_set_full_name: >>>> setting full name antonio, was >>>> Home server: acer >>>> pdb_set_homedir: setting home >>>> dir \\acer\antonio, was >>>> pdb_set_dir_drive: setting dir drive , was NULL >>>> >>>> pdb_set_logon_script: setting logon script , was >>>> Home server: acer >>>> >>>> pdb_set_profile_path: setting profile path \\acer\antonio\profile, was >>>> >>>> pdb_set_workstations: setting workstations , was >>>> account_policy_get: name: >>>> password history, val: 0 >>>> pdb_set_user_sid: setting user sid S-1-5-21-3734388162- >>>> 611009795-2949902601-1003 >>>> pdb_set_user_sid_from_rid: >>>> setting user sid S-1-5-21- >>>> 3734388162-611009795-2949902601-1003 from rid 1003 >>>> Returning expired cache >>>> entry: key = IDMAP/SID2GID/S-1-5-21-3734388162-611009795-2949902601-513, value >>>> = -1, timeout = Mon Feb 21 17:50:39 2011 >>>> Adding cache entry with key = >>>> IDMAP/SID2GID/S-1-5-21-3734388162-611009795-2949902601-513 and timeout = Thu >>>> Jan 1 01:00:00 1970 >>>> (-1298307042 seconds in the past) >>>> winbind failed to find >>>> a gid for sid S-1-5-21-3734388162-611009795-2949902601-513 >>>> >>>> lookup_global_sam_rid: looking up RID 513. >>>> pdb_getsampwrid (TDB): error looking >>>> up RID 513 by key RID_00000201. >>>> Can't find a unix id for an unmapped group >>>> >>>> LEGACY: mapping failed for sid S-1-5-21-3734388162-611009795-2949902601-513 >>>> >>>> pdb_set_group_sid: setting group sid S-1-5-21-3734388162-611009795-2949902601- >>>> 513 >>>> Unix username: antonio >>>> NT username: >>>> Account Flags: >>>> [U ] >>>> User SID: S-1-5-21-3734388162-611009795-2949902601- >>>> 1003 >>>> Primary Group SID: S-1-5-21-3734388162-611009795-2949902601-513 >>>> Full >>>> Name: antonio >>>> Home Directory: \\acer\antonio >>>> HomeDir >>>> Drive: >>>> Logon Script: >>>> Profile Path: >>>> \\acer\antonio\profile >>>> Domain: ACER >>>> Account desc: >>>> >>>> Workstations: >>>> Munged dial: >>>> Logon time: 0 >>>> Logoff >>>> time: never >>>> Kickoff time: never >>>> Password last set: lun, 21 >>>> feb 2011 16:17:06 CET >>>> account_policy_get: name: minimum password age, val: 0 >>>> >>>> Password can change: lun, 21 feb 2011 16:17:06 CET >>>> account_policy_get: name: >>>> maximum password age, val: -1 >>>> Password must change: never >>>> Last bad password : >>>> 0 >>>> Bad password count : 0 >>>> Logon hours : >>>> FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF >>> ---- >>> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html >>> >>> specifically, this should help... >>> >>> http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html#id2598404 >>> >>> Fix your groups, make sure the user 'antonio' and the group he belongs >>> to have access to the directory/files in the share. >>> >>> Craig >>> >>> >> >> Craig >> >> I made an easy test, no other jobs done, booting with selinux=0, and >> magic samba is working. >> >> How do I debug the selinux policy, it is not a problem of Samba but of >> Selinux. >> What is wrong?? >> >> Tnx >> > SELinux error messages are stored in /var/log/audit/audit.log, do you > have setroubleshoot installed. Probably a labeling or boolean issue. > > Also look at > > man samba_selinux > -----BEGIN PGP SIGNATURE----- > After my previous post, I went through man samba_selinux just after dinner, and also samba.conf file, and I understood that I should have done some homework on selinux labeling and so on :-) : What surprises me that on a different box in my home selinux is enforced too, but samba is working fine sharing folders, even if I didn't do my homework (i.e. no tip&tricks). The real difference between these two machines is a fresh installation of F14 (that is having these problems) and an F14 as update (when Samba was installed Selinux had been disabled). Set What do you suggest?? not a problem at home as I am working with Fedora only, a problem if I want share folders in a Windows environment (this is a laptop) When I try to connect to the to-be-shared folder I get (not completely sure) > type=ANOM_ABEND msg=audit(1298497182.397:43): auid=500 uid=500 gid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 pid=4107 comm="gvfsd-smb-brows" sig=6 > type=USER_AUTH msg=audit(1298497753.618:44): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success' > type=USER_ACCT msg=audit(1298497753.618:45): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success' > type=USER_START msg=audit(1298497753.790:46): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success' > type=CRED_ACQ msg=audit(1298497753.790:47): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success' > type=USER_END msg=audit(1298497814.426:48): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success' > type=CRED_DISP msg=audit(1298497814.427:49): user pid=4318 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="root" exe="/usr/sbin/userhelper" hostname=? addr=? terminal=pts/1 res=success' Tnx a lot for help Antonio M Skype: amontag52 Linux Fedora F14 (Laughlin) on Acer 5720 http://lugsaronno.altervista.org www.campingmonterosa.com www.studiodacolpaloschi.it -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
