attempted fix on samba vfs
This commit is contained in:
Ludwig Lehnert
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1 +1,2 @@
|
|||||||
.env
|
.env
|
||||||
|
__pycache__/
|
||||||
|
|||||||
@@ -13,6 +13,7 @@ RUN apt-get update \
|
|||||||
libpam-winbind \
|
libpam-winbind \
|
||||||
python3 \
|
python3 \
|
||||||
samba \
|
samba \
|
||||||
|
samba-vfs-modules \
|
||||||
tini \
|
tini \
|
||||||
winbind \
|
winbind \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|||||||
16
README.md
16
README.md
@@ -210,6 +210,22 @@ docker compose exec samba sh -lc 'tail -n 200 /var/log/samba/log.*'
|
|||||||
docker compose exec samba cat /etc/samba/generated/shares.conf
|
docker compose exec samba cat /etc/samba/generated/shares.conf
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### `acl_xattr.so` or `full_audit.so` module load error
|
||||||
|
|
||||||
|
- If logs show `Error loading module .../vfs/acl_xattr.so` (or `full_audit.so`), your running image is missing Samba VFS modules.
|
||||||
|
- Rebuild and restart with the updated image:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker compose down
|
||||||
|
docker compose up -d --build
|
||||||
|
```
|
||||||
|
|
||||||
|
- Verify modules exist:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker compose exec samba sh -lc 'mods="$(smbd -b | sed -n "s/^ *MODULESDIR: //p" | head -n1)/vfs"; ls -1 "$mods"/acl_xattr.so "$mods"/full_audit.so'
|
||||||
|
```
|
||||||
|
|
||||||
### Permissions in Private share are incorrect
|
### Permissions in Private share are incorrect
|
||||||
|
|
||||||
- Re-run reconciliation to rebuild private directories and ACLs:
|
- Re-run reconciliation to rebuild private directories and ACLs:
|
||||||
|
|||||||
28
app/init.sh
28
app/init.sh
@@ -18,6 +18,33 @@ append_winbind_to_nss() {
|
|||||||
sed -ri '/^group:/ { /winbind/! s/$/ winbind/ }' /etc/nsswitch.conf
|
sed -ri '/^group:/ { /winbind/! s/$/ winbind/ }' /etc/nsswitch.conf
|
||||||
}
|
}
|
||||||
|
|
||||||
|
detect_modules_dir() {
|
||||||
|
smbd -b | sed -n 's/^ *MODULESDIR: //p' | head -n1
|
||||||
|
}
|
||||||
|
|
||||||
|
require_vfs_modules() {
|
||||||
|
local modules_dir=""
|
||||||
|
modules_dir="$(detect_modules_dir)"
|
||||||
|
if [[ -z "$modules_dir" ]]; then
|
||||||
|
printf '[init] ERROR: unable to detect Samba MODULESDIR via smbd -b\n' >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
local missing=0
|
||||||
|
local module
|
||||||
|
for module in acl_xattr full_audit; do
|
||||||
|
if [[ ! -f "$modules_dir/vfs/${module}.so" ]]; then
|
||||||
|
printf '[init] ERROR: missing VFS module %s at %s/vfs/%s.so\n' "$module" "$modules_dir" "$module" >&2
|
||||||
|
missing=1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
if [[ "$missing" -ne 0 ]]; then
|
||||||
|
printf '[init] Install package samba-vfs-modules and rebuild the image.\n' >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
derive_netbios_name() {
|
derive_netbios_name() {
|
||||||
local raw_name="${NETBIOS_NAME:-ADSAMBAFSRV}"
|
local raw_name="${NETBIOS_NAME:-ADSAMBAFSRV}"
|
||||||
local upper_name="${raw_name^^}"
|
local upper_name="${raw_name^^}"
|
||||||
@@ -205,6 +232,7 @@ mkdir -p /data/private /data/public /data/groups /state /etc/samba/generated /va
|
|||||||
touch /etc/samba/generated/shares.conf /var/log/reconcile.log
|
touch /etc/samba/generated/shares.conf /var/log/reconcile.log
|
||||||
|
|
||||||
append_winbind_to_nss
|
append_winbind_to_nss
|
||||||
|
require_vfs_modules
|
||||||
derive_netbios_name
|
derive_netbios_name
|
||||||
render_krb5_conf
|
render_krb5_conf
|
||||||
render_smb_conf
|
render_smb_conf
|
||||||
|
|||||||
Reference in New Issue
Block a user