Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: bacob on September 26, 2010, 12:16:05 am
-
Hi everyone,
I am setting up a new PDC and slave file server.
The PDC is hosting the LDAP/Samba backend. The slave is a beefy box that has about 4 TB of shares that will replace a really old server that is about to die.
The users will authenticate off the PDC (Mac/Win) and then need to connect to the file server with the same network login account.
I have setup the PDC and can authenticate, SSH and mount the basic Samba shares from the PDC. The slave is setup and is replicating the user accounts but cannot login via samba shares on that server (or ssh or user corner, all fails).
When I setup a share on the slave it seems fine until I try to login. I have tried with both guest access on (and no ACL's) and also with user permissions turned on. Both ways authentication fails.
The slave is configured with the modules "Users and Groups", "User Corner" and "File Sharing". The samba configuration on the slave is not set to be a PDC.
In the samba log files I get this error:
[2010/09/25 18:00:59, 0] passdb/pdb_get_set.c:211(pdb_get_group_sid)
pdb_get_group_sid: Failed to find Unix account for xxxx
[2010/09/25 18:00:59, 1] auth/auth_util.c:577(make_server_info_sam)
User xxxx in passdb, but getpwnam() fails!
[2010/09/25 18:00:59, 0] auth/auth_sam.c:355(check_sam_security)
check_sam_security: make_server_info_sam() failed with 'NT_STATUS_NO_SUCH_USER'
Any ideas what could be causing this?
Is there something configured wrong or is a slave not supported for samba shares, login, etc..
Thanks.
-
I am also seeing this error now when trying to restart "File Sharing":
root command mkdir -p /home/samba/shares/InterBox chmod 0670 /home/samba/shares/InterBox chown ebox:__USERS__ /home/samba/shares/InterBox failed. Error output: chown: invalid group: `ebox:__USERS__' Command output: . Exit value: 1
Any ideas?
-
root command mkdir -p /home/samba/shares/InterBox chmod 0670 /home/samba/shares/InterBox chown ebox:__USERS__ /home/samba/shares/InterBox failed. Error output: chown: invalid group: `ebox:__USERS__' Command output: . Exit value: 1
I have the same issu here. Error Details:
root command mkdir -p /home/samba/shares/install
chmod 0670 /home/samba/shares/install
chown ebox:__USERS__ /home/samba/shares/install failed.
Error output: chown: ungültige Gruppe: „ebox:__USERS__“
Command output: .
Exit value: 1 at /usr/share/perl5/Error.pm line 182
Error::throw('EBox::Exceptions::Sudo::Command', 'cmd', 'mkdir -p /home/samba/shares/install\x{a}chmod 0670 /home/samba/sh...', 'output', 'ARRAY(0xbd3de7c0)', 'error', 'ARRAY(0xb9a8c250)', 'exitValue', 1, ...) called at /usr/share/perl5/EBox/Sudo.pm line 212
EBox::Sudo::_rootError('/usr/bin/sudo -p sudo: /var/lib/ebox/tmp/JrbagfC2tQ.cmd 2> /v...', 'mkdir -p /home/samba/shares/install\x{a}chmod 0670 /home/samba/sh...', 256, 'ARRAY(0xbd3de7c0)', 'ARRAY(0xb9a8c250)') called at /usr/share/perl5/EBox/Sudo.pm line 181
EBox::Sudo::_root(1, 'mkdir -p /home/samba/shares/install', 'chmod 0670 /home/samba/shares/install', 'chown ebox:__USERS__ /home/samba/shares/install') called at /usr/share/perl5/EBox/Sudo.pm line 136
EBox::Sudo::root('mkdir -p /home/samba/shares/install', 'chmod 0670 /home/samba/shares/install', 'chown ebox:__USERS__ /home/samba/shares/install') called at /usr/share/perl5/EBox/Samba/Model/SambaShares.pm line 278
EBox::Samba::Model::SambaShares::createDirs('EBox::Samba::Model::SambaShares=HASH(0xbd3f28c8)') called at /usr/share/perl5/EBox/Samba.pm line 519
EBox::Samba::_setConf('EBox::Samba=HASH(0xbbd77120)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Base.pm line 840
EBox::Module::Base::_regenConfig('EBox::Samba=HASH(0xbbd77120)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 644
EBox::Module::Service::_regenConfig('EBox::Samba=HASH(0xbbd77120)', 'restart', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 672
EBox::Module::Service::restartService('EBox::Samba=HASH(0xbbd77120)') called at /usr/share/perl5/EBox/CGI/EBox/RestartService.pm line 51
EBox::CGI::EBox::RestartService::_process('EBox::CGI::EBox::RestartService=HASH(0xbd3cd700)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::EBox::RestartService=HASH(0xbd3cd700)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'EBox/RestartService', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0xbd4001b0)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0xbd3c14d0)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0xbd3c14d0)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0xbd4001b0)') called at -e line 0
eval {...} called at -e line 0
I can only create shares when i give them guest access.
I tried to reinstall/reconfigure ldap on master and slave an also unconfigured samba on the slave using.
sudo /usr/share/ebox-usersandgroups/ebox-usersandgroups-reinstall
sudo /usr/share/ebox/ebox-unconfigure-module samba
Master/Salve synchronisation works fine for users and groups, but Samba on the slave does not.
I am using Ubuntu 10.04.1 LTS Server 32bit and installed Zentyal 2.0.2 via the repositories.
Any hints or suggestions?
Regards
Alexander
-
I also tried to install the servers with the original Zentyal Install CD and the same error accure. :(
-
try setting the user:group to nobody with chown
chown -R nobody:nobody /root/of/share
that seems to work on my box.. its a little bit unsecure, but it seems to do the trick
because, apearantly, samba users are not system users on Zentyal, thus.. the user you login with, has no access rights to the share, because linux says he/she doesnt exist in his database, wheras they do exist in samba
-
I have the same problem. Other services (for example Radius) are working on my slave server, but file sharing doesn't.
If I do ldapsearch to view the ldap groups, I can see the __USERS__ group.
If I do on the slave shell:
$ id username
id: username: No such user
Is it a bug?
-
I have the same problem. Other services (for example Radius) are working on my slave server, but file sharing doesn't.
If I do ldapsearch to view the ldap groups, I can see the __USERS__ group.
If I do on the slave shell:
$ id username
id: username: No such user
Is it a bug?
I can confirm this behavior. Same problems. Bug?
-
I has a similar problem and solve it creating in slave a group __USERS__ and add user ebox into __USERS__.
-
I has a similar problem and solve it creating in slave a group __USERS__ and add user ebox into __USERS__.
Didn't help me.
-
I has a similar problem and solve it creating in slave a group __USERS__ and add user ebox into __USERS__.
Didn't help me.
same here does not work
-
This is a known issue, will be fixed soon. Keep an eye on usersandgroups changelog.
-
This is a known issue, will be fixed soon. Keep an eye on usersandgroups changelog.
I'm not sure if this will fix your problems but I just removed apparmor. Mine seems to fix it.
Clean install MASTER
- only users & groups installed
- removed apparmor
Clean install SLAVE
- ebox office installed
- removed apparmor
- enabled users & groups = JOY :)
-
spoke too soon ... :P
got a couple of errors while trying to enable Samba PDC ...
-
this bug is realy a show stopper :(
-
Hi there,
I think this issue has been fixed with last ebox-samba release, if you want you can give it a try an tell us the result. You will need to reinstall ebox-usersandgroups module and reconfigure samba
Best regards
-
oh realy :) i give it a try on sunday and report here if it works.
-
still not working with Users and Groups 2.0.5
in the frontend i get the following error message
Einige Module meldeten ein Fehler beim Sichern der Änderungen. Weitere Informationen finden Sie in den Logs in /var/log/ebox/
The following modules failed while saving their changes, their state is unknown: samba
Click here to return to the Dashboard
in /var/log/ebox/ebox.log
2010/11/02 16:32:56 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command mkdir -p /home/samba/shares/install
chmod 0670 /home/samba/shares/install
chown ebox:__USERS__ /home/samba/shares/install failed.
Error output: chown: invalid group: `ebox:__USERS__'
Command output: .
Exit value: 1
2010/11/02 16:32:56 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: logs
2010/11/02 16:32:57 ERROR> Global.pm:568 EBox::Global::saveAllModules - The following modules failed while saving their changes, their state is unknown: samba
-
Hi axxxcel,
Is this an slave machine?
-
yes.
-
Hi
The problem is also related with Users and Groups module, in the last days we have done some fixes in order to make NSS and PAM work. We will release a new version of the package as soon as possible, but there are still some things to do...
Best regards
-
Hi there,
I think this issue has been fixed with last ebox-samba release, if you want you can give it a try an tell us the result. You will need to reinstall ebox-usersandgroups module and reconfigure samba
Best regards
Hi there,
I tired the new version of ebox-samba within a fresh installation. But unfortunately the result is the same like below... :(
(Before installing the new package I followed the official master-slave documentation.)
I will looking for the solution of this problem, because I have to use master-slave installation in my company network.
Please post here how to be solved this problem...
Many thanks, this system is really well designed and easy to use..
Sepi
-
slave still not working ... 2.06 i think was the latest as of today 11/6/2010
reinstalled ebox-usersandgroups then tried to enable module this is what i got
Trace
Failed to enable: Couldn't bind to LDAP server, result code: 49 at /usr/share/perl5/EBox/CGI/ServiceModule/ConfigureModuleController.pm line 74
EBox::CGI::ServiceModule::ConfigureModuleController::_process('EBox::CGI::ServiceModule::ConfigureModuleController=HASH(0x25...') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::ServiceModule::ConfigureModuleController=HASH(0x25...') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'ServiceModule/ConfigureModuleController', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x254167a8)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x2547ae48)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x2547ae48)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x254167a8)') called at -e line 0
eval {...} called at -e line 0
-
just for fun ...
1) i reinstalled usersandgroups on BOTH master and slave
2) added users on master
3) tried to add slave to master
4) NO JOY
i think 2.0.6 messed up everything ???
-
Hi,
Can you please attach your ebox.log file, i'm trying to reproduce this problem
Thank you for your report
Best regards
-
Hi,
Can you please attach your ebox.log file, i'm trying to reproduce this problem
Thank you for your report
Best regards
that's weird ... it works now ???
good thing i saved this ebox.log file when it was playing with it earlier
hope this helps
can't attach file says folder full
-
Hi,
I have detected and fixed a bug in users and groups module, a new version will be released soon.
Meanwhile if you want to give it a try here is the changeset:
http://trac.zentyal.org/changeset/19324
Now master-slave and NSS/PAM problems should be gone!
Best regards and thank you for your report
-
Is there any documentation or post explaining what you mean by "master/slave".
This is something I always find a bit confusing with Zentyal, especially when looking at restrictions while running Samba, master, slave etc..
I think I understand LDAP pretty well (I've deployed world wide LDAP infrastructure with custom schema and complex replicaiton scheme) but can't figure why such limitation occurs.
When I tried to investigate a bit more, I came under the impression that what you call "master/slave" is somewhat different from what I understand.
To me, ALL ldap servers being part of master/slave design should have exactly same content in term of schema and entries. The only difference between master and slave is that master accepts updates (entry creation, modiciaiton, delete) while slave works in "read only" mode and sends back referral (to master ldap servers) in case ldap clients tries to write on slave server.
Because of this, I don't understand why such limitation exists in you implementation and I don't understand why Zentyal components are not configured in such a way that one describes what is the main ldap server and what is the failover ldap server. After all, this is the only reason to have master/slave design (plus potentially some security reasons that might push not to have ldap master running on Zentyal server acting as internet gateway).
My approach is more toward users&groups design based on one single LDAP server (that is master), bringing replication capability for failover or performance reasons. Then new Zentyal instance deployment should contain, somewhere, parameter to identify LDAP server it relies on.
Is it standalone LDAP server ? if yes, then this is most likely local master
is it an existing ldap server ? remote ? Then one valid question is to decide whenever local replication (slave) should be deployed, but this is part of LDAP service redundancy, perf etc... not part of service (mail, samba etc) deployment.
So this is how I perceive this kind of deployment but I don't feel this is the way your implementation works but can't find any documentaiton expalining this.
Christian
-
Hi,
I have detected and fixed a bug in users and groups module, a new version will be released soon.
Meanwhile if you want to give it a try here is the changeset:
http://trac.zentyal.org/changeset/19324
Now master-slave and NSS/PAM problems should be gone!
Best regards and thank you for your report
I Updated the Users and Groups to 2.0.7 on Master and Slave and File Sharing to 2.0.5 on Slave.
Then I setup a new user on the master and replication of this account went well.
But when I try to set up permissions for this user on a samba share i still get errors.
Here is my ebox.log (on slave) showing the update of the modules and the errors when creating permissions:
2010/11/09 14:51:20 INFO> ebox-update-packages:84 main::__ANON__ - Read: Unpacking replacement ebox-samba ...
2010/11/09 14:51:20 INFO> ebox-update-packages:85 main::__ANON__ - R OT: Unpacking replacement ebox-usersandgroups ...
2010/11/09 14:51:21 INFO> ebox-update-packages:84 main::__ANON__ - Read: Setting up ebox-usersandgroups (2.0.7) ...
2010/11/09 14:51:21 INFO> ebox-update-packages:85 main::__ANON__ - R OT: Unpacking replacement ebox-samba ...
2010/11/09 14:51:22 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 1 in users
2010/11/09 14:51:22 DEBUG> ebox-migrate:43 main::__ANON__ - Subroutine runGConf redefined at (eval 158) line 63, <GEN2> line 2.
2010/11/09 14:51:22 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 1 in usercorner
2010/11/09 14:51:22 DEBUG> ebox-migrate:43 main::__ANON__ - Subroutine runGConf redefined at (eval 160) line 44, <GEN2> line 3.
2010/11/09 14:51:22 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 3 in users
2010/11/09 14:51:22 DEBUG> ebox-migrate:43 main::__ANON__ - Subroutine runGConf redefined at (eval 161) line 44, <GEN2> line 4.
2010/11/09 14:51:22 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 4 in users
2010/11/09 14:51:22 DEBUG> ebox-migrate:43 main::__ANON__ - Subroutine runGConf redefined at (eval 162) line 48, <GEN2> line 5.
2010/11/09 14:51:22 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 5 in users
2010/11/09 14:51:22 INFO> Service.pm:705 EBox::Module::Service::restartService - Restarting service for module: users
2010/11/09 14:51:24 INFO> ebox-update-packages:84 main::__ANON__ - Read: Setting up ebox-samba (2.0.5) ...
2010/11/09 14:51:24 INFO> ebox-update-packages:85 main::__ANON__ - R OT: Setting up ebox-usersandgroups (2.0.7) ...
2010/11/09 14:51:24 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 1 in samba
2010/11/09 14:51:24 DEBUG> ebox-migrate:43 main::__ANON__ - Subroutine runGConf redefined at (eval 183) line 44, <GEN2> line 2.
2010/11/09 14:51:24 DEBUG> Base.pm:76 EBox::Migration::Base::executeGConf - Skipping migration to 2 in samba
2010/11/09 14:51:26 INFO> Service.pm:705 EBox::Module::Service::restartService - Restarting service for module: apache
2010/11/09 14:51:27 INFO> ebox-apache-restart:52 main:: - Waiting for apache to shutdown, attempt 0
2010/11/09 14:51:29 INFO> ebox-update-packages:84 main::__ANON__ - Read: end
2010/11/09 14:51:29 INFO> ebox-update-packages:85 main::__ANON__ - R OT: Setting up ebox-samba (2.0.5) ...
2010/11/09 14:51:29 INFO> ebox-update-packages:110 main::__ANON__ - End packages installation
2010/11/09 14:51:29 INFO> Redis.pm:584 EBox::Config::Redis::_initRedis - Starting redis server
2010/11/09 14:51:46 INFO> Global.pm:471 EBox::Global::saveAllModules - Saving config and restarting services: firewall
2010/11/09 14:51:46 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: firewall
2010/11/09 14:51:47 INFO> Base.pm:798 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1
2010/11/09 14:52:31 DEBUG> UsersAndGroups.pm:2803 EBox::UsersAndGroups::waitSync - Master users: 2
2010/11/09 14:52:31 DEBUG> UsersAndGroups.pm:2804 EBox::UsersAndGroups::waitSync - Replica users: 2
2010/11/09 14:52:31 DEBUG> UsersAndGroups.pm:2805 EBox::UsersAndGroups::waitSync - Master groups: 10
2010/11/09 14:52:31 DEBUG> UsersAndGroups.pm:2806 EBox::UsersAndGroups::waitSync - Replica groups: 10
2010/11/09 14:52:31 ERROR> Ldap.pm:697 EBox::Ldap::_errorOnLdap - $VAR1 = 'uid=mustermann,ou=Users,dc=svl00,dc=nmt,dc=lan';
2010/11/09 14:52:31 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::__ANON__ Referral received
2010/11/09 14:52:31 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command /usr/bin/test -d '/home/samba/profiles/mustermann' failed.
Error output:
Command output: .
Exit value: 1
2010/11/09 14:52:31 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command /usr/bin/test -d '/home/samba/profiles/mustermann.V2' failed.
Error output:
Command output: .
Exit value: 1
2010/11/09 14:53:01 INFO> Global.pm:471 EBox::Global::saveAllModules - Saving config and restarting services: firewall samba logs
2010/11/09 14:53:01 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: firewall
2010/11/09 14:53:02 INFO> Base.pm:798 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1
2010/11/09 14:53:02 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: samba
2010/11/09 14:53:03 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command mkdir -p /home/samba/shares/install
chmod 0670 /home/samba/shares/install
chown ebox:__USERS__ /home/samba/shares/install failed.
Error output: chown: invalid group: `ebox:__USERS__'
Command output: .
Exit value: 1
2010/11/09 14:53:03 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: logs
2010/11/09 14:53:03 ERROR> Global.pm:568 EBox::Global::saveAllModules - The following modules failed while saving their changes, their state is unknown: samba
2010/11/09 14:53:40 INFO> Global.pm:471 EBox::Global::saveAllModules - Saving config and restarting services: firewall samba logs
2010/11/09 14:53:40 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: firewall
2010/11/09 14:53:41 INFO> Base.pm:798 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1
2010/11/09 14:53:41 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: samba
2010/11/09 14:53:42 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command mkdir -p /home/samba/shares/install
chmod 0670 /home/samba/shares/install
chown ebox:__USERS__ /home/samba/shares/install failed.
Error output: chown: invalid group: `ebox:__USERS__'
-
Hi axxxcel,
If you did not a full reinstall you will need to run this script in slave(s):
/usr/share/ebox-usersandgroups/zentyal-rejoin-slave
Give it a try and save samba changes again, and don't forget to tell us if this worked for you ;)
Thank you for your report
-
After i called the script i cant setup permissions in the frontend without an error.
I added a new share daten and only give the group "adminstratoren" access to this share and another share "install" with guest access and one user "mustermann"
But in the ebox.log errors still show up:
2010/11/10 16:41:38 DEBUG> SambaShares.pm:321 EBox::Samba::Model::SambaShares::createDirs - setfacl -m /home/samba/shares/daten and setfacl -m d: /home/samba/shares/daten
2010/11/10 16:41:38 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command setfacl -m /home/samba/shares/daten failed.
Error output: setfacl: Option -m: Invalid argument near character 1
Command output: .
Exit value: 2
2010/11/10 16:41:38 DEBUG> SambaShares.pm:326 EBox::Samba::Model::SambaShares::__ANON__ - Couldn't enable ACLs for /home/samba/shares/daten
2010/11/10 16:41:38 DEBUG> SambaShares.pm:321 EBox::Samba::Model::SambaShares::createDirs - setfacl -m u:mustermann:rx /home/samba/shares/install and setfacl -m d:u:mustermann:rx /home/samba/shares/install
2010/11/10 16:41:38 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: logs
2010/11/10 16:51:06 INFO> Global.pm:471 EBox::Global::saveAllModules - Saving config and restarting services: firewall samba logs
2010/11/10 16:51:06 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: firewall
2010/11/10 16:51:07 INFO> Base.pm:798 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1
2010/11/10 16:51:07 INFO> Base.pm:151 EBox::Module::Base::save - Restarting service for module: samba
2010/11/10 16:51:08 DEBUG> SambaShares.pm:321 EBox::Samba::Model::SambaShares::createDirs - setfacl -m /home/samba/shares/daten and setfacl -m d: /home/samba/shares/daten
2010/11/10 16:51:08 ERROR> Sudo.pm:212 EBox::Sudo::_rootError - root command setfacl -m /home/samba/shares/daten failed.
Error output: setfacl: Option -m: Invalid argument near character 1
Command output: .
Exit value: 2
2010/11/10 16:51:08 DEBUG> SambaShares.pm:326 EBox::Samba::Model::SambaShares::__ANON__ - Couldn't enable ACLs for /home/samba/shares/daten
The result is, that i can browse the resources of the server, but cant access the share "daten".
-
Is there any documentation or post explaining what you mean by "master/slave".
This is something I always find a bit confusing with Zentyal, especially when looking at restrictions while running Samba, master, slave etc..
I'm not sure if this has been fixed but the previous limitation with EBOX is that if it is made a "master" LDAP server, all modules that would require username verification (samba, mail, etc) cannot be installed on the same system.
If we wanted samba, we had to create another EBOX to connect to the "master". We then ended up calling them "slaves".
In my case, my problems started when this slave tries to attach itself to the master. Giving a user admin access or configuring shares would cause nasty bugs ... why? I don't know ;D
Hopefully the latest 2.0.7 core & usersgroup would fix my problems. Will play around with it and report here if I get another error
-
Did the same thing as before and borked my server ??? It just crashed ... I can't ssh to it anymore.
1) reinstall usersgroups on BOTH master & slave.
2) added new users/group on master
3) join slave to master
4) error
Trace
Failed to enable: Couldn't bind to LDAP server, result code: 49 at /usr/share/perl5/EBox/CGI/ServiceModule/ConfigureModuleController.pm line 74
EBox::CGI::ServiceModule::ConfigureModuleController::_process('EBox::CGI::ServiceModule::ConfigureModuleController=HASH(0x24...') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::ServiceModule::ConfigureModuleController=HASH(0x24...') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'ServiceModule/ConfigureModuleController', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x24f4d538)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x24f76008)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x24f76008)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x24f4d538)') called at -e line 0
eval {...} called at -e line 0
-
Hi,
This seems an auth problem, are you sure you copied password string well? Try to paste it before in a visible field.
Best regards
-
Hello cperez,
So I did the whole thing again and again just to check if I could reproduce the error. Well, your update did fix the auth problem but found another one with Samba.
1) reinstall usersgroup on BOTH master & slave
2) added user1 and group1 on master
3) joined slave to master
4) JOY! ;D
5) configured samba on slave
6) added user2, user3 on master
7) on slave, click on user1 EDIT = NO PROBLEM
#8 on slave, click user2 or user3 EDIT = ERROR
Trace
Unknown error at EBox::SambaLdapUser::_getAccountFlags Referral received at /usr/share/perl5/EBox/Ldap.pm line 699
EBox::Ldap::_errorOnLdap('Net::LDAP::Search=HASH(0x23571300)', 'HASH(0x22a57460)') called at /usr/share/perl5/EBox/Ldap.pm line 338
EBox::Ldap::search('EBox::Ldap=HASH(0x2259bea8)', 'HASH(0x22a57460)') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 841
EBox::SambaLdapUser::_getAccountFlags('EBox::SambaLdapUser=HASH(0x23549468)', 'user2') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 851
EBox::SambaLdapUser::_userSharing('EBox::SambaLdapUser=HASH(0x23549468)', 'user2') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 434
EBox::SambaLdapUser::_userAddOns('EBox::SambaLdapUser=HASH(0x23549468)', 'user2') called at /usr/share/perl5/EBox/UsersAndGroups.pm line 2249
EBox::UsersAndGroups::allUserAddOns('EBox::UsersAndGroups=HASH(0x227a3728)', 'user2') called at /usr/share/perl5/EBox/CGI/UsersAndGroups/User.pm line 50
EBox::CGI::UsersAndGroups::User::_process('EBox::CGI::UsersAndGroups::User=HASH(0x23516bb8)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::UsersAndGroups::User=HASH(0x23516bb8)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'UsersAndGroups/User', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x23571350)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x2353a7c8)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x2353a7c8)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x23571350)') called at -e line 0
eval {...} called at -e line 0
-
same thing happens when I add a new group. group2 then EDIT it on slave
Trace
Unknown error at EBox::SambaLdapUser::sharingName Referral received at /usr/share/perl5/EBox/Ldap.pm line 699
EBox::Ldap::_errorOnLdap('Net::LDAP::Search=HASH(0x234ffe80)', 'HASH(0x22a565c0)') called at /usr/share/perl5/EBox/Ldap.pm line 338
EBox::Ldap::search('EBox::Ldap=HASH(0x2259bea8)', 'HASH(0x22a565c0)') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 736
EBox::SambaLdapUser::sharingName('EBox::SambaLdapUser=HASH(0x2372ef98)', 'group2') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 633
EBox::SambaLdapUser::_groupSharing('EBox::SambaLdapUser=HASH(0x2372ef98)', 'group2') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 459
EBox::SambaLdapUser::_groupAddOns('EBox::SambaLdapUser=HASH(0x2372ef98)', 'group2') called at /usr/share/perl5/EBox/UsersAndGroups.pm line 2281
EBox::UsersAndGroups::allGroupAddOns('EBox::UsersAndGroups=HASH(0x227a3728)', 'group2') called at /usr/share/perl5/EBox/CGI/UsersAndGroups/Group.pm line 51
EBox::CGI::UsersAndGroups::Group::_process('EBox::CGI::UsersAndGroups::Group=HASH(0x236a3c60)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::UsersAndGroups::Group=HASH(0x236a3c60)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'UsersAndGroups/Group', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x23711260)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x23727330)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x23727330)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x23711260)') called at -e line 0
eval {...} called at -e line 0
One thing I noticed again was that master had some pending operations listed ... will try my old fix to see if it will work
-
Well ... deleting the pending operations didn't fix it for me this time:
http://forum.zentyal.org/index.php?topic=2968.msg13398#msg13398
It's an old bug from EBOX I really hope someone could fix this ;D
Can confirm also that new users are NOT created by samba.
-
started all over again but this time edit LDAP users on master without adding samba module on slave just to check if LDAP works
i'm still getting pending operations ... however if i check the users & groups on slave, they are updated ... even if i move around the users to different groups ... they will still get updated on slave ... ???
why have pending operations when the updates are pushed to slave? force sync doesn't do anything
ebox.log says this:
2010/11/13 22:34:24 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::__ANON__ - 200 OK
2010/11/13 22:34:24 DEBUG> slave-sync:79 main::__ANON__ - Trying to run method updateGroup with param GROUP1 on slave HASH(0xa5b4e20) failed
2010/11/13 22:34:26 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::__ANON__ - 200 OK
2010/11/13 22:34:26 DEBUG> slave-sync:79 main::__ANON__ - Trying to run method updateGroup with param GROUP4 on slave HASH(0xa5b4e20) failed
2010/11/13 22:35:05 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::__ANON__ - 200 OK
2010/11/13 22:35:05 DEBUG> slave-sync:79 main::__ANON__ - Trying to run method updateGroup with param GROUP5 on slave HASH(0xab961c8) failed
2010/11/13 22:35:06 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::__ANON__ - 200 OK
-
:o
fixed it ...
note to self:
DO NOT FORGET to update /etc/hosts