Web lists-archives.com

Re: [Samba] chown: changing ownership of 'test': Invalid argument




Hi all,

I have been doing some additional tests. I am running the same command on
two different servers, both joined to the domain. Then checking the logs on
loglevel 20

Server 1 - Barebones machine, Debian 9, Samba 4.5 (Debian Repo)
$ getent passwd ianc

[2019/04/11 08:51:50.574086,  1, pid=3265271, effective(0, 0), real(0, 0)]
../librpc/ndr/ndr.c:468(ndr_print_function_debug)
       wbint_QueryUser: struct wbint_QueryUser
          out: struct wbint_QueryUser
              info                     : *
                  info: struct wbint_userinfo
                      acct_name                : *
                          acct_name                : 'ianc'
                      full_name                : *
                          full_name                : 'Ian Coetzee'
                      homedir                  : *
                          homedir                  : '/home/%D/%U'
                      shell                    : *
                          shell                    : '/bin/bash'
                      primary_gid              : 0x00000000ffffffff
(4294967295)
                      user_sid                 :
S-1-5-21-2093009959-3443338361-3281248646-1407
                      group_sid                :
S-1-5-21-2093009959-3443338361-3281248646-513
              result                   : NT_STATUS_OK

Server 2 - LXC Container, Debian 9, Samba 4.9 (Louis' Repo)
$ getent passwd ianc

[2019/04/11 06:55:26.719755,  1, pid=16957, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
       wbint_GetNssInfo: struct wbint_GetNssInfo
          in: struct wbint_GetNssInfo
              info                     : *
                  info: struct wbint_userinfo
                      domain_name              : *
                          domain_name              : 'JEOFFICE'
                      acct_name                : *
                          acct_name                : 'ianc'
                      full_name                : NULL
                      homedir                  : *
                          homedir                  : '/home/%D/%U'
                      shell                    : *
                          shell                    : '/bin/bash'
                      uid                      : 0x000000000030d97f
(3201407)
                      primary_gid              : 0x00000000ffffffff
(4294967295)
                      primary_group_name       : NULL
                      user_sid                 :
S-1-5-21-2093009959-3443338361-3281248646-1407
                      group_sid                :
S-1-5-21-2093009959-3443338361-3281248646-513
[2019/04/11 06:55:26.720941,  1, pid=16957, effective(0, 0), real(0, 0),
class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
       wbint_GetNssInfo: struct wbint_GetNssInfo
          out: struct wbint_GetNssInfo
              info                     : *
                  info: struct wbint_userinfo
                      domain_name              : *
                          domain_name              : 'JEOFFICE'
                      acct_name                : *
                          acct_name                : 'ianc'
                      full_name                : NULL
                      homedir                  : *
                          homedir                  : '/home/%D/%U'
                      shell                    : *
                          shell                    : '/bin/bash'
                      uid                      : 0x000000000030d97f
(3201407)
                      primary_gid              : 0x00000000ffffffff
(4294967295)
                      primary_group_name       : NULL
                      user_sid                 :
S-1-5-21-2093009959-3443338361-3281248646-1407
                      group_sid                :
S-1-5-21-2093009959-3443338361-3281248646-513
              result                   : NT_STATUS_REQUEST_NOT_ACCEPTED

On Server 1 I can log in using domain credentials and chown|chgrp files and
folders to domain users and groups. Server 2 is the server in this thread.

A few things that I notice, is that the primary_gid is always 4294967295
(weird, but ok, it works on Server 1)

On Server 2 the full_name is returned as NULL, but not on Server 1
(Possibly the issue?)

My next step is to actually migrate this LXC container to a proper QEMU vm
and test again, I can't help but shake the feeling that the apparmor on the
Hypervisor is causing this issue. Although Server 1 is the hypervisor
Server 2 is running on...

I will revert my findings.

Thank you for the advise so far.

Kind regards
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba