configuring samba-4.2.3 will get the error of "ACL support not found" on hpux, as: =============== /home/samba-4.2.3/source3/wscript:481: error: ACL support not found. Try installing libacl1-dev or libacl-devel. Otherwise, use --without-acl-support to build without ACL support. ACL support is required to change permissions from Windows clients.
The related configure codes: ====================== if Options.options.with_acl_support: if (host_os.rfind('hpux') > -1): Logs.info('Using HPUX ACLs') conf.DEFINE('HAVE_HPUX_ACLS',1) conf.DEFINE('POSIX_ACL_NEEDS_MASK',1) default_static_modules.extend(TO_LIST('vfs_hpuxacl')) elif (host_os.rfind('aix') > -1): Logs.info('Using AIX ACLs') conf.DEFINE('HAVE_AIX_ACLS',1) default_static_modules.extend(TO_LIST('vfs_aixacl vfs_aixacl2')) elif (host_os.rfind('darwin') > -1): Logs.warn('ACLs on Darwin currently not supported') conf.fatal("ACL support not available on Darwin/MacOS. " "Use --without-acl-support for building without " "ACL support. " "ACL support is required to change permissions " "from Windows clients.") else: conf.CHECK_FUNCS_IN(['acl_get_file'], 'acl') if conf.CHECK_CODE(''' =========================== On hpux platform, the uname sysname type is "HP-UX", so we can change "host_os.rfind('hpux')" to "host_os.rfind('hp-ux')", can fix the above issue.
After above fix, will get following build errors : ========================= In file included from ../source3/include/includes.h:363, from ../source3/lib/sysacls.c:22: ../source3/../lib/util/samba_util.h:877: warning: parameter has incomplete type ../source3/lib/sysacls.c: In function `sys_acl_get_permset': ../source3/lib/sysacls.c:98: warning: assignment from incompatible pointer type ../source3/lib/sysacls.c: In function `sys_acl_get_file': ../source3/lib/sysacls.c:501: error: too many arguments to function `hpuxacl_sys_acl_get_file' ../source3/lib/sysacls.c: In function `sys_acl_get_fd': ../source3/lib/sysacls.c:507: error: too many arguments to function `hpuxacl_sys_acl_get_fd' ========================= The root cause of the issue is: hpuxacl_sys_acl_get_file function declared as: ============================= SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type); ========================== but it be called as: ==================== hpuxacl_sys_acl_get_file(handle, path_p, type, mem_ctx) ==================== solution: do following changes in source3/modules/vfs_hpuxacl.h ================ SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type); SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp); ========================= to ======================== SMB_ACL_T hpuxacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx); SMB_ACL_T hpuxacl_sys_acl_get_fd(vfs_handle_struct *handle, files_struct *fsp, TALLOC_CTX *mem_ctx); ================================ then rebuild, will get following error: ================================ ../source3/modules/vfs_hpuxacl.c: In function `hpuxacl_sys_acl_delete_def_file': ../source3/modules/vfs_hpuxacl.c:369: error: too few arguments to function `hpuxacl_sys_acl_get_file' ================= the root cause is the hpuxacl_sys_acl_get_file be called as in vfs_hpuxacl.c:369: =============== smb_acl = hpuxacl_sys_acl_get_file(handle, path, SMB_ACL_TYPE_ACCESS); ================ the solution: add TALLOC_CTX *mem_ctx; line, and change smb_acl = hpuxacl_sys_acl_get_file(handle, path,SMB_ACL_TYPE_ACCESS); to smb_acl = hpuxacl_sys_acl_get_file(handle, path,SMB_ACL_TYPE_ACCESS,mem_ctx); in ../source3/modules/vfs_hpuxacl.c:369.
(In reply to jinyunshuai from comment #2) Any chance you get us the required changes as diff or even git format-patch patches? https://wiki.samba.org/index.php/Using_Git_for_Samba_Development has a very brief intoduction to what is necessary.
After above fixes, samba-4.2.3 can be built succcessfully. But there are some permission issue. when using smbclient to access samba server share dir, will get the error of "NT_STATUS_ACCESS_DENIED" the share dir: ================ drwxrwxrwx 2 root sys 96 Sep 2 05:13 share-test ======================= the logs: ============================ 11959 [2015/09/02 05:36:00.768474, 4, pid=19366, effective(10008, 10008), real(0, 0)] ../source3/smbd/sec_ctx.c:421(pop_sec_ctx) 11960 pop_sec_ctx (10008, 10008) - sec_ctx_stack_ndx = 0 11961 [2015/09/02 05:36:00.768733, 10, pid=19366, effective(10008, 10008), real(0, 0)] ../source3/passdb/lookup_sid.c:1112(legacy_gid_to_sid) 11962 LEGACY: gid 3 -> sid S-1-22-2-3 11963 [2015/09/02 05:36:00.769209, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:2724(canonicalise_acl) 11964 canonicalise_acl: Access ace entries before arrange : 11965 [2015/09/02 05:36:00.769453, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:2737(canonicalise_acl) 11966 canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- 11967 [2015/09/02 05:36:00.769845, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:2737(canonicalise_acl) 11968 canon_ace index 1. Type = allow SID = S-1-22-2-3 gid 3 (sys) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- 11969 [2015/09/02 05:36:00.771356, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:2737(canonicalise_acl) 11970 canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms --- 11971 [2015/09/02 05:36:00.772131, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:848(print_canon_ace_list) 11972 print_canon_ace_list: canonicalise_acl: ace entries after arrange 11973 canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms --- 11974 canon_ace index 1. Type = allow SID = S-1-22-2-3 gid 3 (sys) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- 11975 canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- 11976 [2015/09/02 05:36:00.773262, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:1110(map_canon_ace_perms) 11977 map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 11978 [2015/09/02 05:36:00.773505, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:1110(map_canon_ace_perms) 11979 map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 11980 [2015/09/02 05:36:00.773732, 10, pid=19366, effective(10008, 10008), real(0, 0), class=acls] ../source3/smbd/posix_acls.c:1110(map_canon_ace_perms) 11981 map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 11982 [2015/09/02 05:36:00.774715, 10, pid=19366, effective(10008, 10008), real(0, 0)] ../source3/smbd/open.c:174(smbd_check_access_rights) 11983 smbd_check_access_rights: file . requesting 0x1 returning 0x1 (NT_STATUS_ACCESS_DENIED) ===========================
Hi Guys, have any opinion about above issue? or any tips ? Thank you in advance。
i don't think that this is related to the build bug. I don't even think the access denies is a bug so this is not for bugzilla. if would be great if you can add a patch for the build issue here.
the access denies is not a bug? you think the access denies is reasonable? can you analyze this issue to us? according to my understanding, as the share dir permission as followng shows, we should have right to access this share dir. ================ drwxrwxrwx 2 root sys 96 Sep 2 05:13 share-test =======================
(In reply to Björn Jacke from comment #6) the access denies is not a bug? you think the access denies is reasonable? can you analyze this issue to us? according to my understanding, as the share dir permission as followng shows, we should have right to access this share dir. ================ drwxrwxrwx 2 root sys 96 Sep 2 05:13 share-test ======================= and if add "--without-acl-support" to configure. and do not exist access denies issue we talked above.
first of all this is unrelated to the builg bug you reported here, don't mix different problems in one bug report. Apart of that the S-1-22 SID shows me that you don't have unmapped unix (not domain) users here. In addition to that you just show the classical rights, that "ls" shows, which does not reflect any ACLs you might have set. This is definetely unrelated to this bug report. For support you might consult https://www.samba.org/samba/support/
I am getting the same NT_STATUS_ACCESS_DENIED issue with samba 4.5.0 on hpux ia64. Is this issue been resolved ? Or any patch is available for the same ?
Anyone using hpux and encountering the "access denied" issue pointerd at in comment #4 - can you open a separate bug (if it still exists)? I may have a fix for that, but I think it would be prudent to report it as a separate bug because this one was initially reported as a build issue.
and the POSIX ACL bug is what bug 13176 is about. Closing this build bug report now.