reach
Anmeldungsdatum: 24. August 2021
Beiträge: Zähle...
|
Hallo,
ich (totaler noob) habe von 16.04 (headless Server) nach 18.04 upgegradet.
Danach hat Samba nicht mehr funktioniert. Nachdem es "eh schon wurscht" war, habe ich dann auch gleich nach 20.04.02 LTS upgegradet.
Laut Google war ich nicht alleine mit dem Problem, daher gab es einige Tips und irgendwie (SMB Neuinstallation, SMB Benutzer neu angelegt) habe ich es dann auch wieder zum Funktionieren gebracht. Was jedoch noch immer nicht richtig geht, ist mein "Exchange" Share. Also ein Share wo jeder alles darf, auch Gäste.
Ich komme zwar auf den Share, kann Files lesen, aber nicht schreiben. Den Share habe ich über diese Settings in der smb.cfg damals eingerichtet. Sicher nicht state-of-the-art. Ich habe einfach alles reinkonfiguriert was Google diesbezgl. ausgeworfen hat. Wie gesagt - bin ein Noob. Hat so aber jahrelang funktioniert. Das Problem dürfte also sein, daß die neue Samba Version diese Settings anders auslegt. Hat jemand eine Idee?
Kann mir vielleicht zumindest jemand Starthilfe geben? Mit der Samba Doku bin ich leider nicht weitergekommen, das ist mir zu komplex. [Exchange]
path = /srv/file_exchange
force directory mode = 777
force create mode = 777
force user = nobody
create mode = 0777
browsable = yes
directory mode = 0777
create mask = 0777
directory mask = 0777
public = yes
writable = yes
guest ok = yes
|
chr123
Anmeldungsdatum: 19. Juli 2018
Beiträge: 1632
|
Kannst du bitte mal die Ausgaben von
getfacl /srv/file_exchange
getfacl /srv
testparm -vs
posten?
|
reach
(Themenstarter)
Anmeldungsdatum: 24. August 2021
Beiträge: 6
|
aber gerne doch. Es gibt noch 3-4 weitere Shares die aber alle brav funktionieren, daher hab ich sie hier rausgelöscht: # file: srv/file_exchange/
# owner: nobody
# group: root
user::rwx
group::rwx
other::r-x # file: srv/
# owner: reach
# group: root
user::rwx
group::r-x
other::r-x reach@server:~$ testparm -vs
Load smb config files from /etc/samba/smb.conf
WARNING: The "lanman auth" option is deprecated
Unknown parameter encountered: "force security mode"
Ignoring unknown parameter "force security mode"
Unknown parameter encountered: "force directory security mode"
Ignoring unknown parameter "force directory security mode"
Global parameter map to guest found in service section!
Global parameter guest account found in service section!
Unknown parameter encountered: "dirctory mask"
Ignoring unknown parameter "dirctory mask"
Loaded services file OK.
Server role: ROLE_STANDALONE
# Global parameters
[global]
abort shutdown script =
add group script =
additional dns hostnames =
add machine script =
addport command =
addprinter command =
add share command =
add user script =
add user to group script =
afs token lifetime = 604800
afs username map =
aio max threads = 100
algorithmic rid base = 1000
allow dcerpc auth level connect = No
allow dns updates = secure only
allow insecure wide links = No
allow nt4 crypto = No
allow trusted domains = Yes
allow unsafe cluster upgrade = No
apply group policies = No
async smb echo handler = No
auth event notification = No
auto services =
binddns dir = /var/lib/samba/bind-dns
bind interfaces only = No
browse list = Yes
cache directory = /var/cache/samba
change notify = Yes
change share command =
check password script =
cldap port = 389
client ipc max protocol = default
client ipc min protocol = default
client ipc signing = default
client lanman auth = No
client ldap sasl wrapping = sign
client max protocol = default
client min protocol = SMB2_02
client NTLMv2 auth = Yes
client plaintext auth = No
client schannel = Yes
client signing = default
client use spnego principal = No
client use spnego = Yes
cluster addresses =
clustering = No
config backend = file
config file =
create krb5 conf = Yes
ctdbd socket =
ctdb locktime warn threshold = 0
ctdb timeout = 0
cups connection timeout = 30
cups encrypt = No
cups server =
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver
deadtime = 10080
debug class = No
debug encryption = No
debug hires timestamp = Yes
debug pid = No
debug prefix timestamp = No
debug uid = No
dedicated keytab file =
default service =
defer sharing violations = Yes
delete group script =
deleteprinter command =
delete share command =
delete user from group script =
delete user script =
dgram port = 138
disable netbios = No
disable spoolss = No
dns forwarder =
dns proxy = Yes
dns update command = /usr/sbin/samba_dnsupdate
dns zone scavenging = No
domain logons = No
domain master = Auto
dos charset = CP850
dsdb event notification = No
dsdb group change notification = No
dsdb password event notification = No
enable asu support = No
enable core files = Yes
enable privileges = Yes
encrypt passwords = Yes
enhanced browsing = Yes
enumports command =
eventlog list =
get quota command =
getwd cache = Yes
gpo update command = /usr/sbin/samba-gpupdate
guest account = nobody
homedir map = auto.home
host msdfs = Yes
hostname lookups = No
idmap backend = tdb
idmap cache time = 604800
idmap gid =
idmap negative cache time = 120
idmap uid =
include system krb5 conf = Yes
init logon delay = 100
init logon delayed hosts =
interfaces =
iprint server =
keepalive = 300
kerberos encryption types = all
kerberos method = default
kernel change notify = Yes
kpasswd port = 464
krb5 port = 88
lanman auth = Yes
large readwrite = Yes
ldap admin dn =
ldap connection timeout = 2
ldap debug level = 0
ldap debug threshold = 10
ldap delete dn = No
ldap deref = auto
ldap follow referral = Auto
ldap group suffix =
ldap idmap suffix =
ldap machine suffix =
ldap max anonymous request size = 256000
ldap max authenticated request size = 16777216
ldap max search request size = 256000
ldap page size = 1000
ldap passwd sync = no
ldap replication sleep = 1000
ldap server require strong auth = Yes
ldap ssl = start tls
ldap ssl ads = No
ldap suffix =
ldap timeout = 15
ldap user suffix =
lm announce = Auto
lm interval = 60
load printers = Yes
local master = Yes
lock directory = /run/samba
lock spin time = 200
log file = /var/log/samba/log.%m
logging = file
log level = 1
log nt token command =
logon drive =
logon home = \\%N\%U
logon path = \\%N\%U\profile
logon script =
log writeable files on exit = No
lpq cache time = 30
lsa over netlogon = No
machine password timeout = 604800
mangle prefix = 1
mangling method = hash2
map to guest = Bad User
max disk size = 0
max log size = 1000
max mux = 50
max open files = 16384
max smbd processes = 0
max stat cache size = 512
max ttl = 259200
max wins ttl = 518400
max xmit = 16644
mdns name = netbios
message command =
min receivefile size = 0
min wins ttl = 21600
mit kdc command =
multicast dns register = Yes
name cache timeout = 660
name resolve order = lmhosts wins host bcast
nbt client socket address = 0.0.0.0
nbt port = 137
ncalrpc dir = /var/run/samba/ncalrpc
netbios aliases =
netbios name = SERVER
netbios scope =
neutralize nt4 emulation = No
NIS homedir = No
nmbd bind explicit broadcast = Yes
nsupdate command = /usr/bin/nsupdate -g
ntlm auth = ntlmv1-permitted
nt pipe support = Yes
ntp signd socket directory = /var/lib/samba/ntp_signd
nt status support = Yes
null passwords = No
obey pam restrictions = Yes
old password allowed period = 60
oplock break wait time = 0
os2 driver map =
os level = 20
pam password change = Yes
panic action = /usr/share/samba/panic-action %d
passdb backend = tdbsam
passdb expand explicit = No
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd chat debug = No
passwd chat timeout = 2
passwd program = /usr/bin/passwd %u
password hash gpg key ids =
password hash userPassword schemes =
password server = *
perfcount module =
pid directory = /run/samba
preferred master = Auto
prefork backoff increment = 10
prefork children = 4
prefork maximum backoff = 120
preload modules =
printcap cache time = 750
printcap name =
private dir = /var/lib/samba/private
raw NTLMv2 auth = No
read raw = Yes
realm =
registry shares = No
reject md5 clients = No
reject md5 servers = No
remote announce =
remote browse sync =
rename user script =
require strong key = Yes
reset on zero vc = No
restrict anonymous = 0
rndc command = /usr/sbin/rndc
root directory =
rpc big endian = No
rpc server dynamic port range = 49152-65535
rpc server port = 0
samba kcc command = /usr/sbin/samba_kcc
security = AUTO
server max protocol = SMB3
server min protocol = SMB2_02
server multi channel support = No
server role = standalone server
server schannel = Yes
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
server signing = default
server string = %h server (Samba, Ubuntu)
set primary group script =
set quota command =
share backend = classic
show add printer wizard = Yes
shutdown script =
smb2 leases = Yes
smb2 max credits = 8192
smb2 max read = 8388608
smb2 max trans = 8388608
smb2 max write = 8388608
smbd profiling level = off
smb passwd file = /etc/samba/smbpasswd
smb ports = 445 139
socket options = TCP_NODELAY
spn update command = /usr/sbin/samba_spnupdate
stat cache = Yes
state directory = /var/lib/samba
svcctl list =
syslog = 1
syslog only = No
template homedir = /home/%D/%U
template shell = /bin/false
time server = No
timestamp logs = Yes
tls cafile = tls/ca.pem
tls certfile = tls/cert.pem
tls crlfile =
tls dh params file =
tls enabled = Yes
tls keyfile = tls/key.pem
tls priority = NORMAL:-VERS-SSL3.0
tls verify peer = as_strict_as_possible
unicode = Yes
unix charset = UTF-8
unix extensions = Yes
unix password sync = Yes
use mmap = Yes
username level = 0
username map =
username map cache time = 0
username map script =
usershare allow guests = Yes
usershare max shares = 100
usershare owner only = Yes
usershare path = /var/lib/samba/usershares
usershare prefix allow list =
usershare prefix deny list =
usershare template share =
utmp = No
utmp directory =
winbind cache time = 300
winbindd socket directory = /var/run/samba/winbindd
winbind enum groups = No
winbind enum users = No
winbind expand groups = 0
winbind max clients = 200
winbind max domain connections = 1
winbind nested groups = Yes
winbind normalize names = No
winbind nss info = template
winbind offline logon = No
winbind reconnect delay = 30
winbind refresh tickets = No
winbind request timeout = 60
winbind rpc only = No
winbind scan trusted domains = Yes
winbind sealed pipes = Yes
winbind separator = \
winbind use default domain = No
winbind use krb5 enterprise principals = No
wins hook =
wins proxy = No
wins server =
wins support = No
workgroup = WORKGROUP
write raw = Yes
wtmp directory =
idmap config * : backend = tdb
access based share enum = No
acl allow execute always = No
acl check permissions = Yes
acl group control = No
acl map full control = Yes
administrative share = No
admin users =
afs share = No
aio read size = 1
aio write behind =
aio write size = 1
allocation roundup size = 0
available = Yes
blocking locks = Yes
block size = 1024
browseable = Yes
case sensitive = Auto
check parent directory delete on close = No
comment =
copy =
create mask = 0744
csc policy = manual
cups options =
default case = lower
default devmode = Yes
delete readonly = No
delete veto files = No
dfree cache time = 0
dfree command =
directory mask = 0755
directory name cache size = 100
dmapi support = No
dont descend =
dos filemode = No
dos filetime resolution = No
dos filetimes = Yes
durable handles = Yes
ea support = Yes
fake directory create times = No
fake oplocks = No
follow symlinks = Yes
force create mode = 0000
force directory mode = 0000
force group =
force printername = No
force unknown acl user = No
force user =
fstype = NTFS
guest ok = No
guest only = No
hide dot files = Yes
hide files =
hide new files timeout = 0
hide special files = No
hide unreadable = No
hide unwriteable files = No
hosts allow =
hosts deny =
include =
inherit acls = No
inherit owner = no
inherit permissions = No
invalid users =
kernel oplocks = No
kernel share modes = Yes
level2 oplocks = Yes
locking = Yes
lppause command =
lpq command = %p
lpresume command =
lprm command =
magic output =
magic script =
mangled names = illegal
mangling char = ~
map acl inherit = No
map archive = Yes
map hidden = No
map readonly = no
map system = No
max connections = 0
max print jobs = 1000
max reported print jobs = 0
min print space = 0
msdfs proxy =
msdfs root = No
msdfs shuffle referrals = No
nt acl support = Yes
ntvfs handler = unixuid, default
oplocks = Yes
path =
posix locking = Yes
postexec =
preexec =
preexec close = No
preserve case = Yes
printable = No
print command =
printer name =
printing = cups
printjob username = %U
print notify backchannel = No
queuepause command =
queueresume command =
read list =
read only = Yes
root postexec =
root preexec =
root preexec close = No
short preserve case = Yes
smbd async dosmode = No
smbd getinfo ask sharemode = Yes
smbd max async dosmode = 0
smbd search ask sharemode = Yes
smb encrypt = default
spotlight = No
store dos attributes = Yes
strict allocate = No
strict locking = Auto
strict rename = No
strict sync = Yes
sync always = No
use client driver = No
use sendfile = No
valid users =
veto files =
veto oplock files =
vfs objects =
volume =
wide links = No
write cache size = 0
write list =
[printers]
browseable = No
comment = All Printers
create mask = 0700
path = /var/spool/samba
printable = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[mirror home01]
comment = Servershare
create mask = 0775
directory mask = 0775
path = /srv/mirror_home01
write list = reach
[Exchange]
create mask = 0777
directory mask = 0777
force create mode = 0777
force directory mode = 0777
force user = nobody
guest ok = Yes
path = /srv/file_exchange
read only = No
[mirror_thinkpad]
comment = Servershare
create mask = 0775
path = /srv/mirror_thinkpad
write list = reach
|
reach
(Themenstarter)
Anmeldungsdatum: 24. August 2021
Beiträge: 6
|
ich habe übrigens auch noch diese Config probiert, die ich mehrfach online in Bezug auf diese Anforderung gefunden habe, die hilft aber auch nichts: map to guest = bad user
guest account = nobody
|
chr123
Anmeldungsdatum: 19. Juli 2018
Beiträge: 1632
|
Zunächst einmal:
testparm liefert diverse Fehler in der Syntax, die müsstest du erstmal korrigieren (speziell die gelb markierten Fehler könnten die Ursache für dein Problem sein):
Load smb config files from /etc/samba/smb.conf
WARNING: The "lanman auth" option is deprecated
Unknown parameter encountered: "force security mode"
Ignoring unknown parameter "force security mode"
Unknown parameter encountered: "force directory security mode"
Ignoring unknown parameter "force directory security mode"
Global parameter map to guest found in service section!
Global parameter guest account found in service section!
Unknown parameter encountered: "dirctory mask"
Ignoring unknown parameter "dirctory mask"
Loaded services file OK. Die lokal wirkenden Berechtigungen unter /srv/file_exchange sehen ok aus. Vielleicht liegt es ja wirklich an den syntakischen Fehlern in der smb.conf.
|
reach
(Themenstarter)
Anmeldungsdatum: 24. August 2021
Beiträge: 6
|
Danke Dir!
Die unbekannten Parameter habe ich auskommentiert und den Typo gefixt (der war aber in einem Share das eh funktioniert)
Nun sieht die Ausgabe sauber aus, es funktioniert aber immer noch nicht: Load smb config files from /etc/samba/smb.conf
Global parameter guest account found in service section!
Loaded services file OK.
Server role: ROLE_STANDALONE
# Global parameters
[global]
abort shutdown script =
add group script =
additional dns hostnames =
add machine script =
addport command =
addprinter command =
add share command =
add user script =
add user to group script =
afs token lifetime = 604800
afs username map =
aio max threads = 100
algorithmic rid base = 1000
allow dcerpc auth level connect = No
allow dns updates = secure only
allow insecure wide links = No
allow nt4 crypto = No
allow trusted domains = Yes
allow unsafe cluster upgrade = No
apply group policies = No
async smb echo handler = No
auth event notification = No
auto services =
binddns dir = /var/lib/samba/bind-dns
bind interfaces only = No
browse list = Yes
cache directory = /var/cache/samba
change notify = Yes
change share command =
check password script =
cldap port = 389
client ipc max protocol = default
client ipc min protocol = default
client ipc signing = default
client lanman auth = No
client ldap sasl wrapping = sign
client max protocol = default
client min protocol = SMB2_02
client NTLMv2 auth = Yes
client plaintext auth = No
client schannel = Yes
client signing = default
client use spnego principal = No
client use spnego = Yes
cluster addresses =
clustering = No
config backend = file
config file =
create krb5 conf = Yes
ctdbd socket =
ctdb locktime warn threshold = 0
ctdb timeout = 0
cups connection timeout = 30
cups encrypt = No
cups server =
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver
deadtime = 10080
debug class = No
debug encryption = No
debug hires timestamp = Yes
debug pid = No
debug prefix timestamp = No
debug uid = No
dedicated keytab file =
default service =
defer sharing violations = Yes
delete group script =
deleteprinter command =
delete share command =
delete user from group script =
delete user script =
dgram port = 138
disable netbios = No
disable spoolss = No
dns forwarder =
dns proxy = Yes
dns update command = /usr/sbin/samba_dnsupdate
dns zone scavenging = No
domain logons = No
domain master = Auto
dos charset = CP850
dsdb event notification = No
dsdb group change notification = No
dsdb password event notification = No
enable asu support = No
enable core files = Yes
enable privileges = Yes
encrypt passwords = Yes
enhanced browsing = Yes
enumports command =
eventlog list =
get quota command =
getwd cache = Yes
gpo update command = /usr/sbin/samba-gpupdate
guest account = nobody
homedir map = auto.home
host msdfs = Yes
hostname lookups = No
idmap backend = tdb
idmap cache time = 604800
idmap gid =
idmap negative cache time = 120
idmap uid =
include system krb5 conf = Yes
init logon delay = 100
init logon delayed hosts =
interfaces =
iprint server =
keepalive = 300
kerberos encryption types = all
kerberos method = default
kernel change notify = Yes
kpasswd port = 464
krb5 port = 88
lanman auth = No
large readwrite = Yes
ldap admin dn =
ldap connection timeout = 2
ldap debug level = 0
ldap debug threshold = 10
ldap delete dn = No
ldap deref = auto
ldap follow referral = Auto
ldap group suffix =
ldap idmap suffix =
ldap machine suffix =
ldap max anonymous request size = 256000
ldap max authenticated request size = 16777216
ldap max search request size = 256000
ldap page size = 1000
ldap passwd sync = no
ldap replication sleep = 1000
ldap server require strong auth = Yes
ldap ssl = start tls
ldap ssl ads = No
ldap suffix =
ldap timeout = 15
ldap user suffix =
lm announce = Auto
lm interval = 60
load printers = Yes
local master = Yes
lock directory = /run/samba
lock spin time = 200
log file = /var/log/samba/log.%m
logging = file
log level = 1
log nt token command =
logon drive =
logon home = \\%N\%U
logon path = \\%N\%U\profile
logon script =
log writeable files on exit = No
lpq cache time = 30
lsa over netlogon = No
machine password timeout = 604800
mangle prefix = 1
mangling method = hash2
map to guest = Bad User
max disk size = 0
max log size = 1000
max mux = 50
max open files = 16384
max smbd processes = 0
max stat cache size = 512
max ttl = 259200
max wins ttl = 518400
max xmit = 16644
mdns name = netbios
message command =
min receivefile size = 0
min wins ttl = 21600
mit kdc command =
multicast dns register = Yes
name cache timeout = 660
name resolve order = lmhosts wins host bcast
nbt client socket address = 0.0.0.0
nbt port = 137
ncalrpc dir = /var/run/samba/ncalrpc
netbios aliases =
netbios name = SERVER
netbios scope =
neutralize nt4 emulation = No
NIS homedir = No
nmbd bind explicit broadcast = Yes
nsupdate command = /usr/bin/nsupdate -g
ntlm auth = ntlmv1-permitted
nt pipe support = Yes
ntp signd socket directory = /var/lib/samba/ntp_signd
nt status support = Yes
null passwords = No
obey pam restrictions = Yes
old password allowed period = 60
oplock break wait time = 0
os2 driver map =
os level = 20
pam password change = Yes
panic action = /usr/share/samba/panic-action %d
passdb backend = tdbsam
passdb expand explicit = No
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd chat debug = No
passwd chat timeout = 2
passwd program = /usr/bin/passwd %u
password hash gpg key ids =
password hash userPassword schemes =
password server = *
perfcount module =
pid directory = /run/samba
preferred master = Auto
prefork backoff increment = 10
prefork children = 4
prefork maximum backoff = 120
preload modules =
printcap cache time = 750
printcap name =
private dir = /var/lib/samba/private
raw NTLMv2 auth = No
read raw = Yes
realm =
registry shares = No
reject md5 clients = No
reject md5 servers = No
remote announce =
remote browse sync =
rename user script =
require strong key = Yes
reset on zero vc = No
restrict anonymous = 0
rndc command = /usr/sbin/rndc
root directory =
rpc big endian = No
rpc server dynamic port range = 49152-65535
rpc server port = 0
samba kcc command = /usr/sbin/samba_kcc
security = AUTO
server max protocol = SMB3
server min protocol = SMB2_02
server multi channel support = No
server role = standalone server
server schannel = Yes
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
server signing = default
server string = %h server (Samba, Ubuntu)
set primary group script =
set quota command =
share backend = classic
show add printer wizard = Yes
shutdown script =
smb2 leases = Yes
smb2 max credits = 8192
smb2 max read = 8388608
smb2 max trans = 8388608
smb2 max write = 8388608
smbd profiling level = off
smb passwd file = /etc/samba/smbpasswd
smb ports = 445 139
socket options = TCP_NODELAY
spn update command = /usr/sbin/samba_spnupdate
stat cache = Yes
state directory = /var/lib/samba
svcctl list =
syslog = 1
syslog only = No
template homedir = /home/%D/%U
template shell = /bin/false
time server = No
timestamp logs = Yes
tls cafile = tls/ca.pem
tls certfile = tls/cert.pem
tls crlfile =
tls dh params file =
tls enabled = Yes
tls keyfile = tls/key.pem
tls priority = NORMAL:-VERS-SSL3.0
tls verify peer = as_strict_as_possible
unicode = Yes
unix charset = UTF-8
unix extensions = Yes
unix password sync = Yes
use mmap = Yes
username level = 0
username map =
username map cache time = 0
username map script =
usershare allow guests = Yes
usershare max shares = 100
usershare owner only = Yes
usershare path = /var/lib/samba/usershares
usershare prefix allow list =
usershare prefix deny list =
usershare template share =
utmp = No
utmp directory =
winbind cache time = 300
winbindd socket directory = /var/run/samba/winbindd
winbind enum groups = No
winbind enum users = No
winbind expand groups = 0
winbind max clients = 200
winbind max domain connections = 1
winbind nested groups = Yes
winbind normalize names = No
winbind nss info = template
winbind offline logon = No
winbind reconnect delay = 30
winbind refresh tickets = No
winbind request timeout = 60
winbind rpc only = No
winbind scan trusted domains = Yes
winbind sealed pipes = Yes
winbind separator = \
winbind use default domain = No
winbind use krb5 enterprise principals = No
wins hook =
wins proxy = No
wins server =
wins support = No
workgroup = WORKGROUP
write raw = Yes
wtmp directory =
idmap config * : backend = tdb
access based share enum = No
acl allow execute always = No
acl check permissions = Yes
acl group control = No
acl map full control = Yes
administrative share = No
admin users =
afs share = No
aio read size = 1
aio write behind =
aio write size = 1
allocation roundup size = 0
available = Yes
blocking locks = Yes
block size = 1024
browseable = Yes
case sensitive = Auto
check parent directory delete on close = No
comment =
copy =
create mask = 0744
csc policy = manual
cups options =
default case = lower
default devmode = Yes
delete readonly = No
delete veto files = No
dfree cache time = 0
dfree command =
directory mask = 0755
directory name cache size = 100
dmapi support = No
dont descend =
dos filemode = No
dos filetime resolution = No
dos filetimes = Yes
durable handles = Yes
ea support = Yes
fake directory create times = No
fake oplocks = No
follow symlinks = Yes
force create mode = 0000
force directory mode = 0000
force group =
force printername = No
force unknown acl user = No
force user =
fstype = NTFS
guest ok = No
guest only = No
hide dot files = Yes
hide files =
hide new files timeout = 0
hide special files = No
hide unreadable = No
hide unwriteable files = No
hosts allow =
hosts deny =
include =
inherit acls = No
inherit owner = no
inherit permissions = No
invalid users =
kernel oplocks = No
kernel share modes = Yes
level2 oplocks = Yes
locking = Yes
lppause command =
lpq command = %p
lpresume command =
lprm command =
magic output =
magic script =
mangled names = illegal
mangling char = ~
map acl inherit = No
map archive = Yes
map hidden = No
map readonly = no
map system = No
max connections = 0
max print jobs = 1000
max reported print jobs = 0
min print space = 0
msdfs proxy =
msdfs root = No
msdfs shuffle referrals = No
nt acl support = Yes
ntvfs handler = unixuid, default
oplocks = Yes
path =
posix locking = Yes
postexec =
preexec =
preexec close = No
preserve case = Yes
printable = No
print command =
printer name =
printing = cups
printjob username = %U
print notify backchannel = No
queuepause command =
queueresume command =
read list =
read only = Yes
root postexec =
root preexec =
root preexec close = No
short preserve case = Yes
smbd async dosmode = No
smbd getinfo ask sharemode = Yes
smbd max async dosmode = 0
smbd search ask sharemode = Yes
smb encrypt = default
spotlight = No
store dos attributes = Yes
strict allocate = No
strict locking = Auto
strict rename = No
strict sync = Yes
sync always = No
use client driver = No
use sendfile = No
valid users =
veto files =
veto oplock files =
vfs objects =
volume =
wide links = No
write cache size = 0
write list =
[printers]
browseable = No
comment = All Printers
create mask = 0700
path = /var/spool/samba
printable = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[mirror home01]
comment = Servershare
create mask = 0775
directory mask = 0775
path = /srv/mirror_home01
write list = reach
[Exchange]
create mask = 0777
directory mask = 0777
force create mode = 0777
force directory mode = 0777
force user = nobody
guest ok = Yes
path = /srv/file_exchange
read only = No
|
chr123
Anmeldungsdatum: 19. Juli 2018
Beiträge: 1632
|
Ok. Syntax passt. Jetzt bitte mal folgendes in der globalen Sektion ändern:
Von
obey pam restrictions = Yes
in
obey pam restrictions = no Darüber hinaus:
Kommentiere bitte mal folgendes in deinem Share aus:
create mask = 0777
directory mask = 0777
force create mode = 0777
force directory mode = 0777 Wenn dann müsstest du eher folgendes setzen:
create mask = 0000
force create mode = 0777
directory mask = 0000
force directory mode = 0777
|
reach
(Themenstarter)
Anmeldungsdatum: 24. August 2021
Beiträge: 6
|
Hab ich gemacht. Habe sowohl Auskommentieren probiert, als auch das, wie es richtig gehört. Geht leider beides nicht. Falls das hilfreich ist: bis jetzt habe ich immer nur probiert, ein File dort hin zu kopieren und da steht nur, dass mir die Berechtigung fehlt.
Nun habe ich aber gesehen, dass - in so ziemlich jeder smb Konfiguration - wenn ich versuche ein File dort umzubenennen, kommt am Windows Client eine etwas detailliertere Meldung, nämlich: "Sie müssen die erforderlichen Berechtigungen vom "SERVER\nobody" erhalten..." Zusatzfrage: gibt es irgendwo ein (Noob-verständliches) Changelog welches erklären würde, wieso dieselben Settings mit der neuen Samba Version nicht gleich funktionieren?
|
chr123
Anmeldungsdatum: 19. Juli 2018
Beiträge: 1632
|
reach schrieb: Hab ich gemacht. Habe sowohl Auskommentieren probiert, als auch das, wie es richtig gehört. Geht leider beides nicht.
Hattest du dann den smb Dienst neugestartet oder einfach nur die smb.conf geändert? Falls letzteres:
Dann den Parameter wie folgt in der smb.conf setzen: "obey pam restrictions = no" Kontrolle:
Und smb Dienst neustarten:
| sudo systemctl restart smbd.service
|
Falls das hilfreich ist: bis jetzt habe ich immer nur probiert, ein File dort hin zu kopieren und da steht nur, dass mir die Berechtigung fehlt.
Nun habe ich aber gesehen, dass - in so ziemlich jeder smb Konfiguration - wenn ich versuche ein File dort umzubenennen, kommt am Windows Client eine etwas detailliertere Meldung, nämlich: "Sie müssen die erforderlichen Berechtigungen vom "SERVER\nobody" erhalten..."
Die Fehlermeldung sagt mir leider nichts.
Zusatzfrage: gibt es irgendwo ein (Noob-verständliches) Changelog welches erklären würde, wieso dieselben Settings mit der neuen Samba Version nicht gleich funktionieren?
Das weiß ich nicht. Mir ist aber aufgefallen, dass der Paramter "ntlm auth = ntlmv1-permitted" veraltet ist. Aktuell ist "ntlm auth = ntlmv2-only". Das würde ich noch ändern, aber ich denke nicht, dass es was bringt. Eine Idee wäre noch folgendes:
| sudo chown -R root: /srv/file_exchange
sudo chmod o=rwx /srv/file_exchange
# Kontrolle
getfacl /srv/file_exchange
|
Den Standardbenutzer nobody gibt es aber auch in der Serverversion, oder?
|
reach
(Themenstarter)
Anmeldungsdatum: 24. August 2021
Beiträge: 6
|
chr123 schrieb:
Eine Idee wäre noch folgendes:
| sudo chown -R root: /srv/file_exchange
sudo chmod o=rwx /srv/file_exchange
# Kontrolle
getfacl /srv/file_exchange
|
Den Standardbenutzer nobody gibt es aber auch in der Serverversion, oder?
Yeah! Die beiden chmod und chown haben das Problem gelöst! Tausend Dank!
Warum auch immer, ich hab ja nichts geändert. Aber mit meinem Linux Knowhow muß wirklich nicht alles verstehen ☺ Nur der Vollständigkeit halber: 1) ich habe den Server nach jeder Änderung einfach immer komplett rebootet um sicher zu gehen, dass ich ja nichts falsch mache. 2) die Ausgabe auf die zweite Frage ist reach@server:~$ grep nobody /etc/passwd
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
Whatever that means... Danke nochmal!
|