On a fresh FreeBSD 11.2 Root-on-ZFS I get Python system-error on > samba-tool domain provision --use-rfc2307 --interactive during "self join" Detail > Setting up self join > ERROR(<type 'exceptions.SystemError'>): uncaught exception - error return without exception set > File "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run > return self.run(*args, **kwargs) > File "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py", line 500, in run > plaintext_secrets=plaintext_secrets) > File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 2275, in provision > skip_sysvolacl=skip_sysvolacl) > File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1891, in provision_fill > names.domaindn, lp, use_ntvfs) > File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1622, in setsysvolacl > set_simple_acl(file.name, 0755, gid) Same result on 12-ALPHA6 and either 4.7 or 4.8
Looks like a temporary dir is not created prior to the setacl? Added a print(file.name), and found this > Setting up self join > /var/db/samba4/sysvol/tmp8a1jmA > ERROR(<type 'exceptions.SystemError'>): uncaught exception - error return without exception set # ls -l /var/db/samba4/sysvol/tmp8a1jmA ls: /var/db/samba4/sysvol/tmp8a1jmA: No such file or directory Could've been cleaned up, dunno
Can easily reproduce here. No glue.
(In reply to Bernard Spil from comment #1) The tmpfile is deleted when the process dies. It is still there before calling smbd.set_simple_nfsv4_acl: (Pdb) b 1622 Breakpoint 1 at /usr/local/lib/python2.7/site-packages/samba/provision/__init__.py:1622 (Pdb) c > /usr/local/lib/python2.7/site-packages/samba/provision/__init__.py(1622)setsysvolacl() -> try: (Pdb) p file.name '/var/db/samba4/sysvol/tmpuTun7i' # ls -l /var/db/samba4/sysvol/tmpuTun7i -rw------- 1 root wheel 0 Oct 23 18:08 /var/db/samba4/sysvol/tmpuTun7i Debugging the shared library with the acl code is very hard.
I just came across this issue also, and have solved it by following the Samba4ZFS guide on the FreeBSD wiki: https://wiki.freebsd.org/Samba4ZFS "Enable NFSv4 ACLs in your ZFS volume" 1 sudo zfs set aclmode=passthrough zroot 2 sudo zfs set aclinherit=passthrough zroot "Setup UFS system volume" Samba's upgrade script is not smart enough (yet) to enable zfsacl automatically so it's simpler to have a POSIX ACL enabled UFS file system as sysvol. Toggle line numbers 1 sudo zfs create -V 2G zroot/samba4sysvol 2 sudo newfs /dev/zvol/zroot/samba4sysvol 3 4 # Add to /etc/fstab 5 sudo sh -c 'cat >>/etc/fstab' <<EOF 6 /dev/zvol/zroot/samba4sysvol /var/db/samba4/sysvol ufs rw,acls 0 0 7 EOF 8 9 sudo mkdir -p /var/db/samba4/sysvol 10 sudo mount /var/db/samba4/sysvol
Daniel - as the author of the Samba4ZFS FreeBSD wiki page, can you please explain a little further about the ZFSACL issue?
As far as I understand it the Samba 4 code doesn't like the type of ACLs ZFS uses but does like the UFS ones. Since ACLs are a core part of the system you can paper over it by using a UFS partition to hold the (small) sysvol. Although I have since discovered that fsck doesn't get run on these so if you get a power failure you have to manually fsck it :-/ (I haven't fully investigated that yet though)
It appears that this patch in the FreeBSD port is supposed to make Samba work with the ZFS ACLs: https://svnweb.freebsd.org/ports/head/net/samba48/files/0001-Zfs-provision-1.patch?view=markup Obviously, it isn't quite working as expected.
net/samba48 expired today, is this relevant for net/samba410?
(In reply to Rene Ladan from comment #8) I haven't tested... Unlikely that I'll get to it as I dropped the plan for using AD in stead of OpenLDAP
I guess we can close this and let someone file a new report if it's still broken on samba410 as samba48 is removed from ports?
I believe this was addressed somewhere in 4.10.