When smbstatus is run as a non-privileged user, the following output is received: ERROR: Failed to initialise messages database: Permission denied messaging_tdb_init failed: NT_STATUS_ACCESS_DENIED messaging_init failed Works normally when run as root. Used to work for any non-root user in our previous version (which was 3.0.25c) -------- Operating system ---------- Distributor ID: Debian Description: Debian GNU/Linux 4.0 (etch) Release: 4.0 Codename: etch -------- Compile flags ---------- export CUPS_CONFIG=/opt/cups/bin/cups-config export SMB_DIR=samba export PATH=/usr/bin:/bin:/usr/sbin:$PATH # Versions of software installed and being built export LDAP_VERSION="openldap-2.4.11" export SAMBA_VERSION="$SMB_DIR-3.3.6" # Configure... env CPPFLAGS="$CPPFLAGS -I/opt/$LDAP_VERSION/include -I/opt/cups/include" \ LDFLAGS="$LDFLAGS -L/opt/$LDAP_VERSION/lib -L/opt/cups/lib" \ ./configure --prefix=/opt/$SAMBA_VERSION \ --localstatedir=/var/local/$SAMBA_VERSION \ --with-logfilebase=/var/local/$SAMBA_VERSION/logs \ --with-configdir=/opt/$SAMBA_VERSION/etc \ --with-lockdir=/var/local/$SAMBA_VERSION/locks \ --with-swatdir=/opt/$SAMBA_VERSION/swat \ --with-privatedir=/opt/$SAMBA_VERSION/etc/private \ --enable-cups \ --with-ldap \ --with-sys-quotas \ --with-acl-support \ --with-libsmbclient \ --with-cifsmount \ --enable-socket-wrapper \ --enable-nss-wrapper -------- Simple patch to work around bug #5886 ---------- --- samba-3.3.6/source/passdb/pdb_ldap.c.orig 2009-06-23 21:35:13.000000000 +1200 +++ samba-3.3.6/source/passdb/pdb_ldap.c 2009-08-11 09:57:33.000000000 +1200 @@ -1733,7 +1733,7 @@ if ((ber_printf (ber, "{") < 0) || (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn) < 0) || (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password) < 0) || - (ber_printf (ber, "n}") < 0)) { + (ber_printf (ber, "N}") < 0)) { DEBUG(0,("ldapsam_modify_entry: ber_printf returns a value <0\n")); ber_free(ber,1); SAFE_FREE(utf8_dn); -------- Debug 10 output ---------- [grlrw0@zzsv01:/var/local/samba/locks/lrw] smbstatus -d 10 INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 lp_load_ex: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/opt/samba-3.3.6/etc/smb.conf" Processing section "[global]" doing parameter include = /opt/samba/etc/machine.conf params.c:pm_process() - Processing configuration file "/opt/samba/etc/machine.conf" doing parameter interfaces = 10.0.4.31/255.255.252.0 doing parameter netbios name = ZZSV01 handle_netbios_name: set global_myname to: ZZSV01 doing parameter server string = Etch Development Office, Wellington, NZ doing parameter workgroup = OPUS.CO.NZ doing parameter display charset = UTF8 Attempting to register new charset UCS-2LE Registered charset UCS-2LE Attempting to register new charset UTF-16LE Registered charset UTF-16LE Attempting to register new charset UCS-2BE Registered charset UCS-2BE Attempting to register new charset UTF-16BE Registered charset UTF-16BE Attempting to register new charset UTF8 Registered charset UTF8 Attempting to register new charset UTF-8 Registered charset UTF-8 Attempting to register new charset ASCII Registered charset ASCII Attempting to register new charset 646 Registered charset 646 Attempting to register new charset ISO-8859-1 Registered charset ISO-8859-1 Attempting to register new charset UCS2-HEX Registered charset UCS2-HEX doing parameter lock directory = /var/local/samba/locks doing parameter pid directory = /var/local/samba/locks doing parameter passdb backend = ldapsam:ldap://localhost doing parameter ldap admin dn = "uid=sambaBDC,ou=Accounts,dc=opus,dc=co,dc=nz" doing parameter ldap passwd sync = yes doing parameter ldap ssl = no doing parameter ldap suffix = dc=opus,dc=co,dc=nz doing parameter ldap user suffix = ou=People doing parameter ldap group suffix = ou=Group doing parameter ldap machine suffix = ou=Computers doing parameter ldap idmap suffix = ou=Idmap doing parameter guest account = nobody doing parameter enable privileges = yes doing parameter log level = 1 doing parameter max log size = 1024 doing parameter debug prefix timestamp = yes doing parameter debug pid = yes doing parameter printing = cups doing parameter printcap name = cups doing parameter cups connection timeout = 30 doing parameter display charset = UTF8 doing parameter domain master = no doing parameter local master = yes doing parameter preferred master = no doing parameter os level = 65 doing parameter time server = true doing parameter wins server = 10.0.56.1 doing parameter enhanced browsing = no doing parameter domain logons = yes doing parameter encrypt passwords = yes doing parameter security = user doing parameter null passwords = yes doing parameter logon drive = z: doing parameter logon home = \\%L\%U doing parameter logon path = doing parameter host msdfs = yes doing parameter comment = OpusNet %T doing parameter dont descend = /proc,/dev,/devices,/kernel,/etc,lost+found,/sbin,/bin doing parameter writeable = yes doing parameter create mask = 0771 doing parameter map hidden = yes doing parameter map system = no pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_DOMAIN_BDC tdb(unnamed): tdb_open_ex: could not open file /var/local/samba/locks/messages.tdb: Permission denied ERROR: Failed to initialise messages database: Permission denied messaging_tdb_init failed: NT_STATUS_ACCESS_DENIED messaging_init failed [grlrw0@zzsv01:/var/local/samba/locks/lrw]
Created attachment 4715 [details] Patch for 3.4 Attached find a patch that fixes the issue for me for the non-clustering case. Jeremy, can you ack it for 3.4.2 and reassign to Karolin? Thanks, Volker
+1 - obviously good fix ! Karolin please merge for 3.4.2. Thanks ! Jeremy.
Pushed. Will be included in 3.4.2. Closing out bug report. Thanks!