Bug 130 - cannot use homes alias
Summary: cannot use homes alias
Status: CLOSED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.0preX
Hardware: All Linux
: P2 normal
Target Milestone: none
Assignee: Tim Potter
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-05-26 18:59 UTC by Brad Langhorst
Modified: 2005-11-14 09:28 UTC (History)
3 users (show)

See Also:


Attachments
Generic solution to the 'no [homes]' problem (1.22 KB, patch)
2003-06-06 04:20 UTC, Andrew Bartlett
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Brad Langhorst 2003-05-26 18:59:38 UTC
When trying to access //host/homes i see this in the logs

[2003/05/26 19:40:57, 2] auth/auth.c:check_ntlm_password(294)
  check_ntlm_password:  authentication for user [bwlang] -> [bwlang] -> [bwlang]
suceeded
[2003/05/26 19:40:57, 2] smbd/service.c:make_connection(793)
  [homes] share not available for this user because it was not found or created
at session setup time

however access to 
//host/bwlang works just fine...

I'm using the a24 packages from debian unstable from 5/26/03.
smb.conf is nothing special - nearly all default settings.
Comment 1 Tim Potter 2003-06-01 17:20:17 UTC
The code that generates this error is only called if:

 - the user is a guest user
 - the user has no home directory

Are any of these conditions true?  Is there a 'guest only' setting that is
causing the user to be mapped to guest for the [homes] share (you mention nearly
all default settings)?

The second condition can be checked by setting 'debug level = 10' and grepping
for  'pdb_set_unix_homedir: setting home dir' in the log file.
Comment 2 Brad Langhorst 2003-06-03 20:35:40 UTC
user is not a guest user
user does have a home dir

there is no guest only setting

if i remove this line and add a smbpasswd file homes works again
passdb backend = tdbsam, guest

pdbeditl -L says
idmap uid range missing or invalid
idmap will be unable to map foreign SIDs
idmap gid range missing or invalid
idmap will be unable to map foreign SIDs
... (lots of users)
bwlang:1000:

here's the complete smb.conf file that gives rise the homes behaviour
# Samba config file created using SWAT
# from 127.0.0.1 (127.0.0.1)
# Date: 2003/05/26 19:46:50

# Global parameters
[global]
        workgroup = LANGHORST
        server string = %h server (Samba %v)
        obey pam restrictions = Yes
        passdb backend = tdbsam, guest
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
        log level = 2
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        printcap name = /etc/printcap.cups
        dns proxy = No
        panic action = /usr/share/samba/panic-action %d
        invalid users = root
        printing = cups

[backup]
        path = /tmp
        read only = No
        guest ok = Yes

[homes]
        comment = Home Directories
        read only = No
        create mask = 0700
        directory mask = 0700

[printers]
        comment = All Printers
        path = /tmp
        create mask = 0700
        printable = Yes
        browseable = No

[cdrom]
        comment = Samba server's CD-ROM
        path = /cdrom
        guest ok = Yes
        locking = No
Comment 3 Tim Potter 2003-06-04 19:28:42 UTC
I've found the cause of the problem: the tdbsam passdb backend doesn't seem to
set the unix home directory attribute at all!  It should be initialised with the
value returned by the getpwnam() system call.
Comment 4 Tim Potter 2003-06-04 19:29:14 UTC
Assigning bug to me.
Comment 5 Tim Potter 2003-06-04 20:09:25 UTC
Hey abartlet, can you take a look at my patch?  It seems to do the trick.

Index: passdb/pdb_tdb.c
===================================================================
RCS file: /data/cvs/samba/source/passdb/pdb_tdb.c,v
retrieving revision 1.58.2.13
diff -u -r1.58.2.13 pdb_tdb.c
--- passdb/pdb_tdb.c	27 May 2003 07:21:57 -0000	1.58.2.13
+++ passdb/pdb_tdb.c	5 Jun 2003 03:08:28 -0000
@@ -144,6 +144,19 @@
 		goto done;
 	}
 
+	/* Initialise sensible defaults */
+
+	{
+		struct passwd *pwfile;
+
+		pwfile = getpwnam_alloc(username);
+
+		if (pwfile) {
+			pdb_fill_sam_pw(sampass, pwfile);
+			passwd_free(&pwfile);
+		}
+	}
+
 	pdb_set_logon_time(sampass, logon_time, PDB_SET);
 	pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
 	pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
Comment 6 Andrew Bartlett 2003-06-05 06:38:49 UTC
This idea with tdbsam is that it does not call getpwnam().

There *was* some code in password.c's 'claim new vuid' code that would do the
same call, but I seem to have lost it - either not commited or lost between the
two branches, as it does not appear to be there.

It's just a fluke that tdbsam is the only 'big' backend not supporting this at
the moment - we shouldn't require this.

Andrew,
Comment 7 Simo Sorce 2003-06-05 08:02:02 UTC
Tim, your fix is _wrong_, we are trying to get all getpw calls out of the passdb
backends.
My idea was to add an initialization layer out of passdb, had no time.

Currently our infrastructure permit use to know if a value has been se tin
SAM_ACCOUNT or not, I propose to move the default-filling code that currently is
duplicated over each backend, outside the backends, so that we avoid code
duplication and different behaviours beetween modules.

The reason to take getpw* calls out of passdb backends is that we want to be
able to make the famous winbind_pdc module, and that need the passdb backend
don't try to loop over itself.

Simo.
Comment 8 Tim Potter 2003-06-05 16:48:13 UTC
OK that's fine but 
what is the correct fix then?
Comment 9 Andrew Bartlett 2003-06-06 04:20:22 UTC
Created attachment 20 [details]
Generic solution to the 'no [homes]' problem

This is how I intended to fix this.
Comment 10 Simo Sorce 2003-06-06 05:04:50 UTC
Abartlet, that's *exactly* what I would have done!
Thank you.

Simo.
Comment 11 Andrew Bartlett 2003-06-06 05:40:30 UTC
That's becouse it's the change we agreed on back when we were doing the idmap
stuff :-)
Comment 12 Andrew Bartlett 2003-06-06 20:20:37 UTC
Patch applied to Samba 3.0 tree.
Comment 13 Gerald (Jerry) Carter (dead mail address) 2005-02-07 07:57:15 UTC
originally reported against 3.0aph24.  Bugzilla spring cleaning.  
Removing old alpha versions.
Comment 14 Gerald (Jerry) Carter (dead mail address) 2005-08-24 10:18:08 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 15 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:28:26 UTC
database cleanup