[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

FC5 SAMBA security=share [homes] problem



Hi folks

I've finally got round to upgrading a RH7.2 system and I'm having a problem 
with Samba.

I've set the following non-default values (copied from old config):

   workgroup = LEEDS
   server string = Ringways Network Server
   security = share
    passdb backend = smbpasswd
    local master = yes
    domain master = yes
    wins support = yes
debug pid = yes
debug uid = yes
debug timestamp = yes
debug hires timestamp = yes
debug level = 3

and have a homes section of:
[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   hide dot files = yes

I've experimented with variations of: 

   force user = %u
   valid users = %u
   users = %u
   username = %u
   path = /home/%u

and using %S and %U.

Accessing normal shares works fine, but trying to access any of the [homes] 
fails with:

[root larry2 ~]# smbclient -U igaunt //larry2/igaunt
Password:
Domain=[LEEDS] OS=[Unix] Server=[Samba 3.0.23c-1.fc5]
Server not using user level security and no password supplied.
tree connect failed: NT_STATUS_WRONG_PASSWORD
[root larry2 ~]#


The log shows:
[2006/10/12 10:52:44.801731, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/oplock.c:init_oplocks(862)
  open_oplock_ipc: initializing messages.
[2006/10/12 10:52:44.802145, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/oplock_linux.c:linux_init_kernel_oplocks(260)
  Linux kernel oplocks enabled
[2006/10/12 10:52:44.814248, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:process_smb(1110)
  Transaction 0 of length 183
[2006/10/12 10:52:44.814388, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:switch_message(914)
  switch message SMBnegprot (pid 2176) conn 0x0
[2006/10/12 10:52:44.814428, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:44.814492, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2006/10/12 10:52:44.814529, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [MICROSOFT NETWORKS 1.03]
[2006/10/12 10:52:44.814559, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [MICROSOFT NETWORKS 3.0]
[2006/10/12 10:52:44.814589, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [LANMAN1.0]
[2006/10/12 10:52:44.814619, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [LM1.2X002]
[2006/10/12 10:52:44.814648, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [DOS LANMAN2.1]
[2006/10/12 10:52:44.814677, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(487)
  Requested protocol [Samba]
[2006/10/12 10:52:44.814924, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_nt1(350)
  not using SPNEGO
[2006/10/12 10:52:44.814964, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/negprot.c:reply_negprot(580)
  Selected protocol NT LANMAN 1.0
[2006/10/12 10:52:47.789340, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:process_smb(1110)
  Transaction 1 of length 144
[2006/10/12 10:52:47.789448, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:switch_message(914)
  switch message SMBsesssetupX (pid 2176) conn 0x0
[2006/10/12 10:52:47.789483, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.789539, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X(849)
  wct=13 flg2=0xc801
[2006/10/12 10:52:47.789583, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X(995)
  Domain=[LEEDS]  NativeOS=[Unix] NativeLanMan=[Samba 3.0.23c-1.fc5] 
PrimaryDomain=[null]
[2006/10/12 10:52:47.789615, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:reply_sesssetup_and_X(1010)
  sesssetupX:name=[LEEDS]\[igaunt] [10 1 1 118]
[2006/10/12 10:52:47.789889, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sesssetup.c:check_guest_password(136)
  Got anonymous request
[2006/10/12 10:52:47.789955, 3, pid=2176, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(221)
  check_ntlm_password:  Checking password for unmapped user []\[] [] with the 
new password interface
[2006/10/12 10:52:47.789992, 3, pid=2176, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(224)
  check_ntlm_password:  mapped user is: []\[] []
[2006/10/12 10:52:47.790188, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2006/10/12 10:52:47.790231, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/uid.c:push_conn_ctx(345)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2006/10/12 10:52:47.790265, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2006/10/12 10:52:47.790491, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:pop_sec_ctx(339)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.790540, 3, pid=2176, effective(0, 0), real(0, 0)] 
auth/auth.c:check_ntlm_password(270)
  check_ntlm_password: guest authentication for user [] succeeded
[2006/10/12 10:52:47.790739, 3, pid=2176, effective(0, 0), real(0, 0)] 
lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID 
[S-1-5-21-3752263785-3138147321-1563396351-501]
[2006/10/12 10:52:47.790790, 3, pid=2176, effective(0, 0), real(0, 0)] 
lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-2]
[2006/10/12 10:52:47.790828, 3, pid=2176, effective(0, 0), real(0, 0)] 
lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-32-546]
[2006/10/12 10:52:47.791385, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:process_smb(1110)
  Transaction 2 of length 110
[2006/10/12 10:52:47.791456, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:switch_message(914)
  switch message SMBtconX (pid 2176) conn 0x0
[2006/10/12 10:52:47.791488, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.791571, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/service.c:find_service(252)
  checking for home directory igaunt gave /home/igaunt
[2006/10/12 10:52:47.791706, 3, pid=2176, effective(0, 0), real(0, 0)] 
param/loadparm.c:lp_add_home(2591)
  adding home's share [igaunt] for user 'igaunt' at '/home/%U'
[2006/10/12 10:52:47.791801, 2, pid=2176, effective(0, 0), real(0, 0)] 
smbd/service.c:make_connection_snum(592)
  Invalid username/password for [igaunt]
[2006/10/12 10:52:47.791841, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/error.c:error_packet(146)
  error packet at smbd/reply.c(676) cmd=117 (SMBtconX) 
NT_STATUS_WRONG_PASSWORD
[2006/10/12 10:52:47.793160, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/process.c:timeout_processing(1359)
  timeout_processing: End of file from client (client has disconnected).
[2006/10/12 10:52:47.793307, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2006/10/12 10:52:47.793368, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/connection.c:yield_connection(69)
  Yielding connection to 
[2006/10/12 10:52:47.793464, 3, pid=2176, effective(0, 0), real(0, 0)] 
smbd/server.c:exit_server_common(675)
  Server exit (normal exit)
-- 
Gary Stainburn
 
This email does not contain private or confidential material as it
may be snooped on by interested government parties for unknown
and undisclosed purposes - Regulation of Investigatory Powers Act, 2000     


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]