FC5 SAMBA security=share [homes] problem
Gary Stainburn
gary.stainburn at ringways.co.uk
Thu Oct 12 09:53:33 UTC 2006
Hi folks
I've finally got round to upgrading a RH7.2 system and I'm having a problem
with Samba.
I've set the following non-default values (copied from old config):
workgroup = LEEDS
server string = Ringways Network Server
security = share
passdb backend = smbpasswd
local master = yes
domain master = yes
wins support = yes
debug pid = yes
debug uid = yes
debug timestamp = yes
debug hires timestamp = yes
debug level = 3
and have a homes section of:
[homes]
comment = Home Directories
browseable = no
writable = yes
hide dot files = yes
I've experimented with variations of:
force user = %u
valid users = %u
users = %u
username = %u
path = /home/%u
and using %S and %U.
Accessing normal shares works fine, but trying to access any of the [homes]
fails with:
[root at larry2 ~]# smbclient -U igaunt //larry2/igaunt
Password:
Domain=[LEEDS] OS=[Unix] Server=[Samba 3.0.23c-1.fc5]
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_WRONG_PASSWORD
[root at larry2 ~]#
The log shows:
[2006/10/12 10:52:44.801731, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/oplock.c:init_oplocks(862)
open_oplock_ipc: initializing messages.
[2006/10/12 10:52:44.802145, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/oplock_linux.c:linux_init_kernel_oplocks(260)
Linux kernel oplocks enabled
[2006/10/12 10:52:44.814248, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:process_smb(1110)
Transaction 0 of length 183
[2006/10/12 10:52:44.814388, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:switch_message(914)
switch message SMBnegprot (pid 2176) conn 0x0
[2006/10/12 10:52:44.814428, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:44.814492, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2006/10/12 10:52:44.814529, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [MICROSOFT NETWORKS 1.03]
[2006/10/12 10:52:44.814559, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2006/10/12 10:52:44.814589, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [LANMAN1.0]
[2006/10/12 10:52:44.814619, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [LM1.2X002]
[2006/10/12 10:52:44.814648, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [DOS LANMAN2.1]
[2006/10/12 10:52:44.814677, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(487)
Requested protocol [Samba]
[2006/10/12 10:52:44.814924, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_nt1(350)
not using SPNEGO
[2006/10/12 10:52:44.814964, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/negprot.c:reply_negprot(580)
Selected protocol NT LANMAN 1.0
[2006/10/12 10:52:47.789340, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:process_smb(1110)
Transaction 1 of length 144
[2006/10/12 10:52:47.789448, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:switch_message(914)
switch message SMBsesssetupX (pid 2176) conn 0x0
[2006/10/12 10:52:47.789483, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.789539, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sesssetup.c:reply_sesssetup_and_X(849)
wct=13 flg2=0xc801
[2006/10/12 10:52:47.789583, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sesssetup.c:reply_sesssetup_and_X(995)
Domain=[LEEDS] NativeOS=[Unix] NativeLanMan=[Samba 3.0.23c-1.fc5]
PrimaryDomain=[null]
[2006/10/12 10:52:47.789615, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sesssetup.c:reply_sesssetup_and_X(1010)
sesssetupX:name=[LEEDS]\[igaunt]@[10.1.1.118]
[2006/10/12 10:52:47.789889, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sesssetup.c:check_guest_password(136)
Got anonymous request
[2006/10/12 10:52:47.789955, 3, pid=2176, effective(0, 0), real(0, 0)]
auth/auth.c:check_ntlm_password(221)
check_ntlm_password: Checking password for unmapped user []\[]@[] with the
new password interface
[2006/10/12 10:52:47.789992, 3, pid=2176, effective(0, 0), real(0, 0)]
auth/auth.c:check_ntlm_password(224)
check_ntlm_password: mapped user is: []\[]@[]
[2006/10/12 10:52:47.790188, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:push_sec_ctx(208)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/10/12 10:52:47.790231, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/uid.c:push_conn_ctx(345)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/10/12 10:52:47.790265, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/10/12 10:52:47.790491, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:pop_sec_ctx(339)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.790540, 3, pid=2176, effective(0, 0), real(0, 0)]
auth/auth.c:check_ntlm_password(270)
check_ntlm_password: guest authentication for user [] succeeded
[2006/10/12 10:52:47.790739, 3, pid=2176, effective(0, 0), real(0, 0)]
lib/privileges.c:get_privileges(261)
get_privileges: No privileges assigned to SID
[S-1-5-21-3752263785-3138147321-1563396351-501]
[2006/10/12 10:52:47.790790, 3, pid=2176, effective(0, 0), real(0, 0)]
lib/privileges.c:get_privileges(261)
get_privileges: No privileges assigned to SID [S-1-5-2]
[2006/10/12 10:52:47.790828, 3, pid=2176, effective(0, 0), real(0, 0)]
lib/privileges.c:get_privileges(261)
get_privileges: No privileges assigned to SID [S-1-5-32-546]
[2006/10/12 10:52:47.791385, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:process_smb(1110)
Transaction 2 of length 110
[2006/10/12 10:52:47.791456, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:switch_message(914)
switch message SMBtconX (pid 2176) conn 0x0
[2006/10/12 10:52:47.791488, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.791571, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/service.c:find_service(252)
checking for home directory igaunt gave /home/igaunt
[2006/10/12 10:52:47.791706, 3, pid=2176, effective(0, 0), real(0, 0)]
param/loadparm.c:lp_add_home(2591)
adding home's share [igaunt] for user 'igaunt' at '/home/%U'
[2006/10/12 10:52:47.791801, 2, pid=2176, effective(0, 0), real(0, 0)]
smbd/service.c:make_connection_snum(592)
Invalid username/password for [igaunt]
[2006/10/12 10:52:47.791841, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/error.c:error_packet(146)
error packet at smbd/reply.c(676) cmd=117 (SMBtconX)
NT_STATUS_WRONG_PASSWORD
[2006/10/12 10:52:47.793160, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/process.c:timeout_processing(1359)
timeout_processing: End of file from client (client has disconnected).
[2006/10/12 10:52:47.793307, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/sec_ctx.c:set_sec_ctx(241)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.793368, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/connection.c:yield_connection(69)
Yielding connection to
[2006/10/12 10:52:47.793464, 3, pid=2176, effective(0, 0), real(0, 0)]
smbd/server.c:exit_server_common(675)
Server exit (normal exit)
--
Gary Stainburn
This email does not contain private or confidential material as it
may be snooped on by interested government parties for unknown
and undisclosed purposes - Regulation of Investigatory Powers Act, 2000
More information about the fedora-list
mailing list