| View previous topic :: View next topic |
| Author |
Message |
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
 Posted: Mon Aug 07, 2006 6:20 pm Post subject: Yet another samba start problem [SOLVED PARTLY] |
 |
|
I am trying to start samba and here is what I get
| Code: | /etc/init.d/samba start
* samba -> start: smbd ... [ !! ]
* samba -> start: nmbd ... [ ok ]
* Error: stopping services (see system logs)
* samba -> stop: smbd ... [ !! ]
* samba -> stop: nmbd ... [ !! ]
|
and system log is not created at all, there isn't a /var/log/samba directory
here my smb.conf
| Code: | [global]
workgroup = MAVINOKTA
interfaces = lo eth0
bind interfaces only = yes
wins support = yes
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
log level = 5
panic action = /usr/share/samba/panic-action %d
security = user
smb passwd file = /etc/samba/private/smbpasswd
guest ok = yes
guest account = guest
valid users = ali, administrator, hasan, guest, mavi
write list = mavi, administrator
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
domain master = no
restrict anonymous = no
preferred master = no
max protocol = NT
acl compatibility = winnt
ldap ssl = No
server signing = Auto
#[printers]
# comment = All Printers
# path = /tmp
# create mask = 0700
# printable = Yes
# browseable = No
#[print$]
# comment = Printer Drivers
# path = /var/lib/samba/printers
[share]
path = /media/share
guest ok = yes
guest account = guest
#guest ok = yes
valid users = ali, administrator, hasan, guest, mavi
write list = mavi, administrator
read only = no
create mask = 0766
[ourshare]
path = /media/ourshare
guest ok = yes
guest account = guest
#guest ok = yes
valid users = ali, administrator, hasan, guest, mavi
write list = mavi, administrator
read only = no
create mask = 0766
[homes]
case sensitive = no
strict locking = no
msdfs proxy = no |
Thanks
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714
Last edited by rojanu on Tue Oct 10, 2006 8:36 pm; edited 3 times in total |
|
| Back to top |
|
 |
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Mon Aug 07, 2006 6:30 pm Post subject: |
|
|
Run smbd in the foregound, manually, and post output.
| Code: |
smbd -i -S -d <number between 1 and 10>
|
Also, run testparm to make sure you've no syntax errors. |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Tue Aug 08, 2006 12:20 am Post subject: |
|
|
I have already run testparm config file is OK
here is the output for
| Code: | # smbd -i -S -d 1
smbd version 3.0.23a started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
Global parameter guest account found in service section!
Global parameter guest account found in service section!
create_builtin_administrators: Failed to create Administrators
create_local_nt_token: Failed to create BUILTIN\Administrators group!
create_builtin_users: Failed to create Users
create_local_nt_token: Failed to create BUILTIN\Administrators group!
create_builtin_administrators: Failed to create Administrators
create_local_nt_token: Failed to create BUILTIN\Administrators group!
create_builtin_users: Failed to create Users
create_local_nt_token: Failed to create BUILTIN\Administrators group! |
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Tue Aug 08, 2006 12:49 am Post subject: |
|
|
Remove this from you global section:
| Code: |
guest ok = yes
guest account = guest
valid users = ali, administrator, hasan, guest, mavi
write list = mavi, administrator
|
Are you really connecting with NT 4.0 clients? If not, remove
You have an odd mix of parameters in your config file. You have guest=ok, but then a valid users list. If you allow guest access, that means anyone can connect.
Are you really trying to be a WINS server? If not, don't set wins support = yes. (wins server may the parameter you were looking for)
Try something simpler to start, then add options as you need them. For example:
| Code: |
[global]
workgroup = WHATEVER
server string = Gentoo Linux
username map = /etc/samba/smbusers
guest account = ftp
log file = /var/log/samba/log.%m
max log size = 50
printcap name = cups
preferred master = No
domain master = No
dns proxy = No
hosts allow = 192.168.123., 192.168.124.
[homes]
comment = Home Directories
read only = No
browseable = No
[tmp]
comment = Temporary file space
path = /tmp
read only = No
[share]
comment = Shared media
path = /media/share
guest ok = Yes
write list = mavi, administrator
read only = No
create mask = 02664
directory mask = 02775
|
|
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Tue Aug 08, 2006 1:25 am Post subject: |
|
|
Well I actually trashed my config file while trying to get the samba working on the forums.
I have tried with the conf you provided to no avail
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Tue Aug 08, 2006 12:12 pm Post subject: |
|
|
Are you trying to use winbind, or something? I'm confused by the error you get re: "failed to create builtin\administrators."
Try commenting all but the global section, and then post the smbd output. |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Tue Aug 08, 2006 12:47 pm Post subject: |
|
|
I am trying to get user level security so only users with passwords are able to access the shares e.g. by mapping network drives on windows machines.
To get that working what I did
1- Set up samba & config file
2- Add user
- samba
- administrator
- mavi
- guest
- etc.
to gentoo users
3- Add above users to samba with same passwords as their gentoo passwords
I now manully create a /var/log/samba directory and logs are created now
here they are
| Code: | # cat /var/log/samba/log.smbd
[2006/08/08 13:30:16, 0] smbd/server.c:main(847)
smbd version 3.0.23a started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
[2006/08/08 13:30:19, 0] auth/auth_util.c:create_builtin_administrators(763)
create_builtin_administrators: Failed to create Administrators
[2006/08/08 13:30:19, 0] auth/auth_util.c:create_local_nt_token(872)
create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/08/08 13:30:19, 0] auth/auth_util.c:create_builtin_users(729)
create_builtin_users: Failed to create Users
[2006/08/08 13:30:19, 0] auth/auth_util.c:create_local_nt_token(899)
create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/08/08 13:30:19, 0] passdb/pdb_interface.c:guest_user_info(295)
guest_user_info: Unable to locate guest account [ftp]!
[2006/08/08 13:30:19, 0] smbd/server.c:main(960)
ERROR: failed to setup guest info. |
| Code: | # cat /var/log/samba/log.nmbd
[2006/08/08 13:30:21, 0] nmbd/nmbd.c:main(699)
Netbios nameserver version 3.0.23a started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
[2006/08/08 13:30:22, 0] nmbd/nmbd.c:terminate(58)
Got SIGTERM: going down...
|
| Code: | # smbd -i -S -d 1
smbd version 3.0.23a started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
create_builtin_administrators: Failed to create Administrators
create_local_nt_token: Failed to create BUILTIN\Administrators group!
create_builtin_users: Failed to create Users
create_local_nt_token: Failed to create BUILTIN\Administrators group!
guest_user_info: Unable to locate guest account [ftp]!
ERROR: failed to setup guest info.
|
As suggested only global section is enabled
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Tue Aug 08, 2006 1:05 pm Post subject: |
|
|
| Code: | | Unable to locate guest account [ftp] |
That is b/c of the guest account = ftp in global. Replace ftp with your desired OS account (sounds like you created a user called guest, so use that).
As for nmbd crashing... try giving it a wins server. If you don't know the IP of your wins server, do
from a win32 machine. Then, in the global section, put:
| Code: |
wins server = <ip of wins server>
|
If you won't be using wins at all, you can try removing it from the name resolution order, or putting it last:
| Code: |
name resolve order = host lmhosts dns bcast wins
|
I still don't understand why you are getting the error about builtin\administrator. You have used smbpasswd to assign samba passwords to your users, right? |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Tue Aug 08, 2006 1:46 pm Post subject: |
|
|
OK, now samba starts but when I try to map the network drive it keeps askig for username password
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Tue Aug 08, 2006 3:47 pm Post subject: |
|
|
Which usually means smbpasswd hasn't been run, or that you are pointing to the wrong smbpasswd file.
Run testparm with -v, and look for smb passwd file. Make sure it's pointing to the correct file. |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Wed Aug 09, 2006 3:46 pm Post subject: |
|
|
I am back to my old conf file now with out the extra crap. I am able to connect to the share now but read only, has it got anything to do with directory and create mask. I really don't know if it makes difference but the share is on a FAT32 file system
| Code: | [global]
workgroup = MAVINOKTA
interfaces = lo eth0
bind interfaces only = yes
log file = /var/log/samba/log.%m
max log size = 1000
log level = 5
panic action = /usr/share/samba/panic-action %d
security = user
smb passwd file = /etc/samba/private/smbpasswd
valid users = ali, administrator, hasan, guest, mavi
write list = mavi, administrator
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
domain master = no
restrict anonymous = yes
preferred master = no
max protocol = NT
acl compatibility = winnt
ldap ssl = No
server signing = Auto
[share]
path = /media/share
read only = no
create mask = 02664
directory mask = 02775
[ourshare]
path = /media/ourshare
read only = no
create mask = 02664
directory mask = 02775
[homes]
case sensitive = no
strict locking = no
msdfs proxy = no |
and | Code: | # smbclient -L localhost
Password:
Domain=[NTINSTALL] OS=[Unix] Server=[Samba 3.0.23a]
tree connect failed: NT_STATUS_ACCESS_DENIED |
Thanks
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Wed Aug 09, 2006 5:58 pm Post subject: |
|
|
| It'll use LInux file system security. FAT32 will definitely be an issue. |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Wed Aug 09, 2006 7:39 pm Post subject: |
|
|
but I did use the same share before on the same machine when it was amd64 but then I decided to go back to x86 and forget to backup the conf file
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
dfelicia
Apprentice
Joined: 11 May 2005
Posts: 281
Location: Southwestern Connecticut
|
| Posted: Wed Aug 09, 2006 8:10 pm Post subject: |
|
|
You're going to have a heck of a time securing things with FAT32.
If you have the FAT32 partition mounted such that all of your "write list" OS users can write the the filesystem, things should work. What you can't do, though, is make a file/dir writable only by "mavi" - FAT32 doesn't support that.
Anyway, if you just want this basic read/write ability, check your mount options for the FAT32 partition in /etc/fstab. Then make sure that the Linux users can write to that filesystem.
e.g.
| Code: |
su - mavi
touch /media/share/foo
|
|
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Wed Aug 09, 2006 9:05 pm Post subject: |
|
|
Well, I don't per user r/w anyway (at least for time being), but thats not a problem then for being read only then.
and still I do have this errors in the log
| Code: | # cat /var/log/samba/log.smbd
[2006/08/09 18:22:45, 0] smbd/server.c:main(847)
smbd version 3.0.23a started.
Copyright Andrew Tridgell and the Samba Team 1992-2006
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_builtin_administrators(763)
create_builtin_administrators: Failed to create Administrators
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_local_nt_token(872)
create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_builtin_users(729)
create_builtin_users: Failed to create Users
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_local_nt_token(899)
create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_builtin_administrators(763)
create_builtin_administrators: Failed to create Administrators
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_local_nt_token(872)
create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_builtin_users(729)
create_builtin_users: Failed to create Users
[2006/08/09 18:22:45, 0] auth/auth_util.c:create_local_nt_token(899)
create_local_nt_token: Failed to create BUILTIN\Administrators group!
[2006/08/09 18:49:53, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 18:49:53, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 19:09:05, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 19:09:05, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 19:45:34, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 19:45:34, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 20:26:19, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 20:26:19, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 21:30:19, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected
[2006/08/09 21:30:19, 0] lib/util_sock.c:get_peer_addr(1229)
getpeername failed. Error was Transport endpoint is not connected |
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Thu Aug 10, 2006 9:19 am Post subject: |
|
|
OK, I guess a restart of good Windows was required to solve the read/write. I don't know why but probably it ws remembering some of previous settings somehow.
I decided to move everything to a reiserfs FS or what FS would you suggest
Thank you very much
I had to delete solved from topic,
It only allows administrator to connect to share and all other users are not able to connect,
I realised that read/write is limited I can delete or create a file
but not able to open it
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
rojanu
Guru
Joined: 02 Feb 2004
Posts: 361
Location: London
|
| Posted: Thu Aug 24, 2006 11:41 am Post subject: |
|
|
OK! I don't know what I did but everthing seems fine for now
Except that whenever a file is accessed and saved it replaces the owner and group of the file to whoever accessed thus not letting any other user access
_________________
"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler,
Linux User: #416714 |
|
| Back to top |
|
|
|
Networking & Security
