Web lists-archives.com

Re: [Samba] I: Missing 'security' tab




Of course is not; /opt/shares/geoportale-lizmap belongs to /

/dev/mapper/ubuntugis01--vg-root on / type ext4
(rw,relatime,errors=remount-ro,data=ordered)

It should read like this:
/dev/mapper/ubuntugis01--vg-root on / type ext4 (rw,relatime,errors=remount-ro,data=ordered,acl,user_xattr)

Edit /etc/fstab, add those 2 options then reboot (or remount).


Il 26/02/2018 13:44, Andrea Rossetti ha scritto:

Is not mounted see below

root@ubuntugis01:/opt/share# mount

sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)

udev on /dev type devtmpfs (rw,nosuid,relatime,size=487712k,nr_inodes=121928,mode=755)

devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)

tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=101604k,mode=755)

/dev/mapper/ubuntugis01--vg-root on / type ext4 (rw,relatime,errors=remount-ro,data=ordered)

securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)

tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)

tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)

tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)

cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)

pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)

cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)

cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)

cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)

cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)

cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)

cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)

cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)

cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)

cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)

cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)

systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=22,pgrp=1,timeout=0,minproto=5,maxproto=5,direct)

hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)

mqueue on /dev/mqueue type mqueue (rw,relatime)

debugfs on /sys/kernel/debug type debugfs (rw,relatime)

fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)

/dev/sda1 on /boot type ext2 (rw,relatime,block_validity,barrier,user_xattr,acl)

lxcfs on /var/lib/lxcfs type fuse.lxcfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other)

tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=101604k,mode=700,uid=1000,gid=1000)

Inviato da Posta <https://go.microsoft.com/fwlink/?LinkId=550986>per Windows 10

*Da: *Claudio Nicora <mailto:nicorac@xxxxxxxxx>
*Inviato: *lunedì 26 febbraio 2018 13:41
*A: *samba@xxxxxxxxxxxxxxx <mailto:samba@xxxxxxxxxxxxxxx>
*Oggetto: *Re: [Samba] I: Missing 'security' tab

No, I asked how the filesystem holding that share is mounted.
Post the output of "mount" command and/or the content of "/etc/fstab" file.

Il 26/02/2018 13:06, Andrea Rossetti ha scritto:

    If I understand what you ask me these parameters are set in the
    global section of the smb.conf file

    …

       vfs objects = acl_xattr

       map acl inherit = yes

       store dos attributes = yes

    …

    see below my samba-debug-info.txt

    Collected config  --- 2018-02-26-12:57 -----------

    Hostname: ubuntugis01

    DNS Domain: comune.spoleto.local

    FQDN: ubuntugis01.comune.spoleto.local

    ipaddress: 192.168.23.70

    -----------

    Samba is running as a Unix domain member

    Checking file: /etc/os-release

    NAME="Ubuntu"

    VERSION="16.04.4 LTS (Xenial Xerus)"

    ID=ubuntu

    ID_LIKE=debian

    PRETTY_NAME="Ubuntu 16.04.4 LTS"

    VERSION_ID="16.04"

    HOME_URL="http://www.ubuntu.com/"; <http://www.ubuntu.com/>

    SUPPORT_URL="http://help.ubuntu.com/"; <http://help.ubuntu.com/>

    BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/";
    <http://bugs.launchpad.net/ubuntu/>

    VERSION_CODENAME=xenial

    UBUNTU_CODENAME=xenial

    -----------

    Warning, /etc/devuan_version does not exist

    -----------

    running command : ip a

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state
    UNKNOWN group default qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

        inet 127.0.0.1/8 scope host lo

        inet6 ::1/128 scope host

    2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
    pfifo_fast state UP group default qlen 1000

    link/ether 08:00:27:66:1b:d2 brd ff:ff:ff:ff:ff:ff

        inet 192.168.23.70/24 brd 192.168.23.255 scope global enp0s3

        inet6 fe80::a00:27ff:fe66:1bd2/64 scope link

    -----------

    Checking file: /etc/hosts

    127.0.0.1 localhost

    192.168.23.70 ubuntugis01.comune.spoleto.local        ubuntugis01

    # The following lines are desirable for IPv6 capable hosts

    ::1 localhost ip6-localhost ip6-loopback

    ff02::1 ip6-allnodes

    ff02::2 ip6-allrouters

    -----------

    Checking file: /etc/resolv.conf

    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by
    resolvconf(8)

    #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE
    OVERWRITTEN

    nameserver 192.168.23.11

    nameserver 192.168.23.12

    search comune.spoleto.local

    -----------

    Checking file: /etc/krb5.conf

    [libdefaults]

    default_realm = COMUNE.SPOLETO.LOCAL

    dns_lookup_realm = false

    dns_lookup_kdc = true

    # The following krb5.conf variables are only for MIT Kerberos.

    # krb4_config = /etc/krb.conf

    # krb4_realms = /etc/krb.realms

    # kdc_timesync = 1

    # ccache_type = 4

    # forwardable = true

    # proxiable = true

    # The following encryption type specification will be used by MIT
    Kerberos

    # if uncommented.  In general, the defaults in the MIT Kerberos
    code are

    # correct and overriding these specifications only serves to
    disable new

    # encryption types as they are added, creating interoperability
    problems.

    #

    # Thie only time when you might need to uncomment these lines and
    change

    # the enctypes is if you have local software that will break on ticket

    # caches containing ticket encryption types it doesn't know about
    (such as

    # old versions of Sun Java).

    # default_tgs_enctypes = des3-hmac-sha1

    # default_tkt_enctypes = des3-hmac-sha1

    # permitted_enctypes = des3-hmac-sha1

    # The following libdefaults parameters are only for Heimdal Kerberos.

    # v4_instance_resolve = false

    # v4_name_convert = {

    # host = {

    # rcmd = host

    # ftp = ftp

    # }

    # plain = {

    # something = something-else

    # }

    #       }

    # fcc-mit-ticketflags = true

    #

    #[realms]

    # COMUNE.SPOLETO.LOCAL = {

    # kdc = kerberos.mit.edu:88

    # kdc = kerberos-1.mit.edu:88

    # kdc = kerberos-2.mit.edu:88

    # admin_server = kerberos.mit.edu

    # default_domain = mit.edu

    #       }

    # MEDIA-LAB.MIT.EDU = {

    # kdc = kerberos.media.mit.edu

    # admin_server = kerberos.media.mit.edu

    #       }

    # ZONE.MIT.EDU = {

    # kdc = casio.mit.edu

    # kdc = seiko.mit.edu

    # admin_server = casio.mit.edu

    #       }

    # MOOF.MIT.EDU = {

    # kdc = three-headed-dogcow.mit.edu:88

    # kdc = three-headed-dogcow-1.mit.edu:88

    # admin_server = three-headed-dogcow.mit.edu

    #       }

    # CSAIL.MIT.EDU = {

    # kdc = kerberos-1.csail.mit.edu

    # kdc = kerberos-2.csail.mit.edu

    # admin_server = kerberos.csail.mit.edu

    #               default_domain = csail.mit.edu

    # krb524_server = krb524.csail.mit.edu

    #       }

    # IHTFP.ORG = {

    # kdc = kerberos.ihtfp.org

    # admin_server = kerberos.ihtfp.org

    #       }

    # GNU.ORG = {

    # kdc = kerberos.gnu.org

    # kdc = kerberos-2.gnu.org

    # kdc = kerberos-3.gnu.org

    # admin_server = kerberos.gnu.org

    #       }

    # 1TS.ORG = {

    # kdc = kerberos.1ts.org

    # admin_server = kerberos.1ts.org

    #       }

    # GRATUITOUS.ORG = {

    # kdc = kerberos.gratuitous.org

    # admin_server = kerberos.gratuitous.org

    #       }

    # DOOMCOM.ORG = {

    # kdc = kerberos.doomcom.org

    #      admin_server = kerberos.doomcom.org

    #       }

    # ANDREW.CMU.EDU = {

    # kdc = kerberos.andrew.cmu.edu

    # kdc = kerberos2.andrew.cmu.edu

    # kdc = kerberos3.andrew.cmu.edu

    # admin_server = kerberos.andrew.cmu.edu

    # default_domain = andrew.cmu.edu

    #       }

    # CS.CMU.EDU = {

    # kdc = kerberos.cs.cmu.edu

    # kdc = kerberos-2.srv.cs.cmu.edu

    # admin_server = kerberos.cs.cmu.edu

    #       }

    # DEMENTIA.ORG = {

    # kdc = kerberos.dementix.org

    # kdc = kerberos2.dementix.org

    # admin_server = kerberos.dementix.org

    #       }

    # stanford.edu = {

    # kdc = krb5auth1.stanford.edu

    #        kdc = krb5auth2.stanford.edu

    # kdc = krb5auth3.stanford.edu

    # master_kdc = krb5auth1.stanford.edu

    # admin_server = krb5-admin.stanford.edu

    # default_domain = stanford.edu

    #       }

    # UTORONTO.CA = {

    # kdc = kerberos1.utoronto.ca

    # kdc = kerberos2.utoronto.ca

    # kdc = kerberos3.utoronto.ca

    # admin_server = kerberos1.utoronto.ca

    # default_domain = utoronto.ca

    #       }

    #

    #[domain_realm]

    # .mit.edu = ATHENA.MIT.EDU

    # mit.edu = ATHENA.MIT.EDU

    # .media.mit.edu = MEDIA-LAB.MIT.EDU

    # media.mit.edu = MEDIA-LAB.MIT.EDU

    # .csail.mit.edu = CSAIL.MIT.EDU

    # csail.mit.edu = CSAIL.MIT.EDU

    # .whoi.edu = ATHENA.MIT.EDU

    # whoi.edu = ATHENA.MIT.EDU

    # .stanford.edu = stanford.edu

    # .slac.stanford.edu = SLAC.STANFORD.EDU

    # .toronto.edu = UTORONTO.CA

    # .utoronto.ca = UTORONTO.CA

    #

    #[login]

    # krb4_convert = true

    # krb4_get_tickets = false

    -----------

    Checking file: /etc/nsswitch.conf

    # /etc/nsswitch.conf

    #

    # Example configuration of GNU Name Service Switch functionality.

    # If you have the `glibc-doc-reference' and `info' packages
    installed, try:

    # `info libc "Name Service Switch"' for information about this file.

    passwd: compat winbind

    group: compat winbind

    shadow: compat

    gshadow: files

    hosts: files dns

    networks: files

    protocols: db files

    services: db files

    ethers: db files

    rpc: db files

    netgroup: nis

    -----------

    Checking file: /etc/samba/smb.conf

    #

    # Sample configuration file for the Samba suite for Debian GNU/Linux.

    #

    #

    # This is the main Samba configuration file. You should read the

    # smb.conf(5) manual page in order to understand the options listed

    # here. Samba has a huge number of configurable options most of which

    # are not shown in this example

    #

    # Some options that are often worth tuning have been included as

    # commented-out examples in this file.

    #  - When such options are commented with ";", the proposed setting

    # differs from the default Samba behaviour

    #  - When commented with "#", the proposed setting is the default

    # behaviour of Samba but the option is considered important

    # enough to be mentioned here

    #

    # NOTE: Whenever you modify this file you should run the command

    # "testparm" to check that you have not made any basic syntactic

    # errors.

    #======================= Global Settings =======================

    [global]

    ## Browsing/Identification ###

    # Change this to the workgroup/NT-domain name your Samba server
    will part of

    workgroup = COM_SPOLETO

       realm = COMUNE.SPOLETO.LOCAL

       client signing = yes

       client use spnego = yes

    kerberos method = secrets and keytab

    security = ads

    # Just a member server

       domain master = no

       local master = no

    preferred master = no

       # Disable printing error log messages when CUPS is not installed.

    printcap name = /etc/printcap

       load printers = no

       bind interfaces only = yes

    interfaces = lo enp0s3

       enable privileges = yes

       idmap config * : backend = tdb

       idmap config * : range = 2000-9999

    #   idmap config COMUNE.SPOLETO.LOCAL : backend = rid

    #   idmap config COMUNE.SPOLETO.LOCAL : range = 10000-29999

       idmap config COM_SPOLETO : backend = rid

       idmap config COM_SPOLETO : range = 10000-999999

    username map = /etc/samba/user.map

       vfs objects = acl_xattr

       map acl inherit = yes

       store dos attributes = yes

    winbind refresh tickets = Yes

    # This way users log in with username instead of
    username@xxxxxxxxxxx <mailto:username@xxxxxxxxxxx>

    winbind use default domain = yes

    winbind enum users = yes

    winbind enum groups = yes

    # Inherit groups in groups

    winbind nested groups = yes

    winbind offline logon = true

       client ntlmv2 auth = yes

    # server string is the equivalent of the NT Description field

    server string = %h server (Samba, Ubuntu)

    # Windows Internet Name Serving Support Section:

    # WINS Support - Tells the NMBD component of Samba to enable its
    WINS Server

    #   wins support = no

    # WINS Server - Tells the NMBD components of Samba to be a WINS Client

    # Note: Samba can be either a WINS Server, or a WINS Client, but
    NOT both

    ;   wins server = w.x.y.z

    # This will prevent nmbd to search for NetBIOS names through DNS.

       dns proxy = no

    #### Networking ####

    # The specific set of interfaces / networks to bind to

    # This can be either the interface name or an IP address/netmask;

    # interface names are normally preferred

    ; interfaces = 127.0.0.0/8 eth0

    # Only bind to the named interfaces and/or networks; you must use the

    # 'interfaces' option above to use this.

    # It is recommended that you enable this feature if your Samba
    machine is

    # not protected by a firewall or is a firewall itself. However, this

    # option cannot handle dynamic or non-broadcast interfaces correctly.

    ;   bind interfaces only = yes

    #### Debugging/Accounting ####

    # This tells Samba to use a separate log file for each machine

    # that connects

       log file = /var/log/samba/log.%m

       log level = 3

    # Cap the size of the individual log files (in KiB).

       max log size = 1000

    # If you want Samba to only log through syslog then set the following

    # parameter to 'yes'.

    # syslog only = no

    # We want Samba to log a minimum amount of information to syslog.
    Everything

    # should go to /var/log/samba/log.{smbd,nmbd} instead. If you want
    to log

    # through syslog you should set the following parameter to
    something higher.

       syslog = 0

    # Do something sensible when Samba crashes: mail the admin a backtrace

       panic action = /usr/share/samba/panic-action %d

    ####### Authentication #######

    # Server role. Defines in which mode Samba will operate. Possible

    # values are "standalone server", "member server", "classic primary

    # domain controller", "classic backup domain controller", "active

    # directory domain controller".

    #

    # Most people will want "standalone sever" or "member server".

    # Running as "active directory domain controller" will require first

    # running "samba-tool domain provision" to wipe databases and create a

    # new domain.

    # server role = standalone server

       server role = member server

    # server role = AUTO

    # If you are using encrypted passwords, Samba will need to know what

    # password database type you are using.

       passdb backend = tdbsam

    #   obey pam restrictions = yes

    # This boolean parameter controls whether Samba attempts to sync
    the Unix

    # password with the SMB password when the encrypted SMB password
    in the

    # passdb is changed.

    #   unix password sync = yes

    # For Unix password sync to work on a Debian GNU/Linux system, the
    following

    # parameters must be set (thanks to Ian Kahan
    <<kahan@xxxxxxxxxxxxxxxxxxxxxxxxx>
    <mailto:kahan@xxxxxxxxxxxxxxxxxxxxxxxxx> for

    # sending the correct chat script for the passwd program in Debian
    Sarge).

    # passwd program = /usr/bin/passwd %u

    # passwd chat = *Enter\snew\s*\spassword:* %n\n
    *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

    # This boolean controls whether PAM will be used for password changes

    # when requested by an SMB client instead of the program listed in

    # 'passwd program'. The default is 'no'.

    #   pam password change = yes

    # This option controls how unsuccessful authentication attempts
    are mapped

    # to anonymous connections

       map to guest = bad user

    ########## Domains ###########

    #

    # The following settings only takes effect if 'server role = primary

    # classic domain controller', 'server role = backup domain controller'

    # or 'domain logons' is set

    #

    # It specifies the location of the user's

    # profile directory from the client point of view) The following

    # required a [profiles] share to be setup on the samba server (see

    # below)

    ;   logon path = \\%N\profiles\%U

    # Another common choice is storing the profile in the user's home
    directory

    # (this is Samba's default)

    #   logon path = \\%N\%U\profile

    # The following setting only takes effect if 'domain logons' is set

    # It specifies the location of a user's home directory (from the
    client

    # point of view)

    ;   logon drive = H:

    #   logon home = \\%N\%U

    # The following setting only takes effect if 'domain logons' is set

    # It specifies the script to run during logon. The script must be
    stored

    # in the [netlogon] share

    # NOTE: Must be store in 'DOS' file format convention

    ;   logon script = logon.cmd

    # This allows Unix users to be created on the domain controller
    via the SAMR

    # RPC pipe.  The example command creates a user account with a
    disabled Unix

    # password; please adapt to your needs

    ; add user script = /usr/sbin/adduser --quiet --disabled-password
    --gecos "" %u

    # This allows machine accounts to be created on the domain
    controller via the

    # SAMR RPC pipe.

    # The following assumes a "machines" group exists on the system

    ; add machine script  = /usr/sbin/useradd -g machines -c "%u
    machine account" -d /var/lib/samba -s /bin/false %u

    # This allows Unix groups to be created on the domain controller
    via the SAMR

    # RPC pipe.

    ; add group script = /usr/sbin/addgroup --force-badname %g

    ############ Misc ############

    # Using the following line enables you to customise your configuration

    # on a per machine basis. The %m gets replaced with the netbios name

    # of the machine that is connecting

    ; include = /home/samba/etc/smb.conf.%m

    # Some defaults for winbind (make sure you're not using the ranges

    # for something else.)

    ;   idmap uid = 10000-20000

    ;   idmap gid = 10000-20000

    ; template shell = /bin/bash

    # Setup usershare options to enable non-root users to share folders

    # with the net usershare command.

    # Maximum number of usershare. 0 (default) means that usershare is
    disabled.

    ; usershare max shares = 100

    # Allow users who've been granted usershare privileges to create

    # public shares, not just authenticated ones

    # usershare allow guests = yes

    usershare allow guests = no

    #======================= Share Definitions =======================

    # Un-comment the following (and tweak the other settings below to
    suit)

    # to enable the default home directory shares. This will share each

    # user's home directory as \\server\username

    ;[homes]

    ; comment = Home Directories

    ; browseable = no

    # By default, the home directories are exported read-only. Change the

    # next parameter to 'no' if you want to be able to write to them.

    ;   read only = yes

    # File creation mask is set to 0700 for security reasons. If you
    want to

    # create files with group=rw permissions, set next parameter to 0775.

    ; create mask = 0700

    # Directory creation mask is set to 0700 for security reasons. If
    you want to

    # create dirs. with group=rw permissions, set next parameter to 0775.

    ; directory mask = 0700

    # By default, \\server\username shares can be connected to by anyone

    # with access to the samba server.

    # Un-comment the following parameter to make sure that only "username"

    # can connect to \\server\username

    # This might need tweaking when using external authentication schemes

    ;   valid users = %S

    # Un-comment the following and create the netlogon directory for
    Domain Logons

    # (you need to configure Samba to act as a domain controller too.)

    ;[netlogon]

    ; comment = Network Logon Service

    ;   path = /home/samba/netlogon

    ;   guest ok = yes

    ;   read only = yes

    # Un-comment the following and create the profiles directory to store

    # users profiles (see the "logon path" option above)

    # (you need to configure Samba to act as a domain controller too.)

    # The path below should be writable by all users so that their

    # profile directory may be created the first time they log on

    ;[profiles]

    ; comment = Users profiles

    ;   path = /home/samba/profiles

    ;   guest ok = no

    ; browseable = no

    ; create mask = 0600

    ; directory mask = 0700

    [printers]

    comment = All Printers

    browseable = no

       path = /var/spool/samba

    printable = yes

       guest ok = no

       read only = yes

       create mask = 0700

    # Windows clients look for this share name as a source of downloadable

    # printer drivers

    [print$]

    comment = Printer Drivers

       path = /var/lib/samba/printers

    browseable = yes

       read only = yes

       guest ok = no

    # Uncomment to allow remote administration of Windows print drivers.

    # You may need to replace 'lpadmin' with the name of the group your

    # admin users are members of.

    # Please note that you also need to set appropriate Unix permissions

    # to the drivers directory for these users to have write rights in it

    ;   write list = root, @lpadmin

    [geoportale-lizmap]

    comment = Progetti QGIS per Lizmap

        path = /opt/shares/geoportale-lizmap

        read only = no

    inherit acls = yes

    -----------

    Content of /etc/samba/user.map

    !root = COM_SPOLETO\Adminserver

    -----------

    Installed packages, running: dpkg -l | egrep
    "samba|winbind|krb5|smb|acl|xattr"

    ii acl 2.2.52-3 amd64        Access control list utilities

    ii krb5-config                         2.3
                                     all Configuration files for
    Kerberos Version 5

    ii krb5-locales 1.13.2+dfsg-5ubuntu2 all         
    Internationalization support for MIT Kerberos

    ii krb5-user                1.13.2+dfsg-5ubuntu2 amd64       
    Basic programs to authenticate using MIT Kerberos

    ii libacl1:amd64 2.2.52-3 amd64        Access control list shared
    library

    ii libgssapi-krb5-2:amd64 1.13.2+dfsg-5ubuntu2 amd64        MIT
    Kerberos runtime libraries - krb5 GSS-API Mechanism

    ii libkrb5-26-heimdal:amd64 1.7~git20150920+dfsg-4ubuntu1.16.04.1
    amd64        Heimdal Kerberos - libraries

    ii libkrb5-3:amd64 1.13.2+dfsg-5ubuntu2 amd64        MIT Kerberos
    runtime libraries

    ii libkrb5support0:amd64 1.13.2+dfsg-5ubuntu2 amd64        MIT
    Kerberos runtime libraries - Support library

    ii libnss-winbind:amd64 2:4.3.11+dfsg-0ubuntu0.16.04.12
    amd64        Samba nameservice integration plugins

    ii libpam-winbind:amd64 2:4.3.11+dfsg-0ubuntu0.16.04.12           
    amd64        Windows domain authentication integration plugin

    ii libsmbclient:amd64 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    shared library for communication with SMB/CIFS servers

    ii libwbclient0:amd64 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    Samba winbind client library

    ii python-samba 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    Python bindings for Samba

    ii samba 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64        SMB/CIFS
    file, print, and login server for Unix

    ii samba-common 2:4.3.11+dfsg-0ubuntu0.16.04.12 all         
    common files used by both the Samba server and client

    ii samba-common-bin 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    Samba common files used by both the server and the client

    ii samba-dsdb-modules 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    Samba Directory Services Database

    ii samba-libs:amd64 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    Samba core libraries

    ii samba-vfs-modules 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    Samba Virtual FileSystem plugins

    ii smbclient 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64       
    command-line SMB/CIFS clients for Unix

    ii winbind 2:4.3.11+dfsg-0ubuntu0.16.04.12 amd64        service to
    resolve user and group information from Windows NT servers

    -----------

    Inviato da Posta <https://go.microsoft.com/fwlink/?LinkId=550986>
    per Windows 10

    *Da: *Claudio Nicora <mailto:nicorac@xxxxxxxxx>
    *Inviato: *lunedì 26 febbraio 2018 12:50
    *A: *Andrea Rossetti <mailto:andy.ros@xxxxxxxxx>;
    samba@xxxxxxxxxxxxxxx <mailto:samba@xxxxxxxxxxxxxxx>
    *Oggetto: *Re: [Samba] I: Missing 'security' tab

    How is the share path "/opt/shares/geoportale-lizmap" mounted?

    Is it mounted with "acl,user_xattr" options?

    Claudio



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba