The default "lock directory" in the .20.pre2 (and .14) when not manually entered into /etc/samba/smb.conf is /var/lib/samba, whereas the redhat build sets the default to /var/cache/samba. (tested using testparm -v on 3 builds) If selinux is installed & enforcing, then smb/nmb have many audit denied fails (/var/log/messages) when trying to start up using current updated-released policy: selinux-policy-targeted-1.17.30-3.16.fc3.rpm (redhat) Adding in /etc/samba/smb.conf: lock direcory = /var/cache/samba allows smb/nmb to start OK. However, winbind will not start, and has the following audit trail: Jul 22 01:27:56 server1 kernel: audit(1121959676.497:60): avc: denied { search } for pid=7876 comm="winbindd" name="/" dev=sda10 ino=2 scontext=user_u:system_r:winbind_t tcontext=system_u:object_r:tmp_t tclass=dir Jul 22 01:27:56 server1 winbindd[7876]: [2005/07/22 01:27:56, 0] lib/util_sock.c:create_pipe_sock(1265) Jul 22 01:27:56 server1 winbindd[7876]: lstat failed on socket directory /tmp/.winbindd: Permission denied Jul 22 01:27:56 server1 winbind: winbindd startup succeeded notes: while the log says it started, it didn't. sda10 is mounted as /tmp. turning selinux enforcing off allows winbind to start OK. me thinks that the socket file should be getting created in: /var/cache/samba/winbindd_privileged (which it does on redhats fc3 3.0.10 build) but some conflict seems to block it, and it attempts to write instead to /tmp/.winbindd ... is this just a different policy between redhat and samba on where data should be stored ? or is jerry's package intended to work out of the box on an up2date fc3 box ?
/var/lib/samba is the better choice according to the FHS. RedHat needs to fix their SELinux policies.