Univention Bugzilla – Bug 44305
samba-tool ntacl sysvolcheck traceback due to /var/lib/samba/netlogon
Last modified: 2018-09-03 13:56:36 CEST
On a UCS@school singlemaster samba-tool ntacl sysvolcheck aborts with a traceback while checking the NTACLs of /var/lib/samba/netlogon : === ERROR(<type 'exceptions.TypeError'>): uncaught exception - (61, 'No data available') File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run return self.run(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 270, in run lp) File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1732, in checksysvolacl fsacl = getntacl(lp, dir_path, direct_db_access=direct_db_access, service=SYSVOL_SERVICE) File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 82, in getntacl xattr.XATTR_NTACL_NAME) === We should patch samba-tool ntacl sysvolcheck to *only* check the sysvol
Seems to be ucs-school specific
Created attachment 9192 [details] 0001-Bug-44305-remove-netlogon-from-samba-tool-ntacl-sysv.patch This occurs, as ucs-school sets the UCR variable `samba/share/netlogon/path=/var/lib/samba/netlogon`. /var/lib/samba/netlogon does not have the xattr `security.NTACL` set, and the samba-tool function `provision.setsysvolacl()` (used in `samba-tool ntacl sysvolreset` and provisioning) does not set the NTACLs for the netlogon path, so sysvolcheck fails. This does not happen in a default UCS setup, as the UCR variable `samba/share/netlogon/path` is unset, and the netlogon path defaults to '/var/lib/samba/sysvol/<realm>/scripts' which is underneath the sysvol path and therefore recursively handled by `provision.setsysvolacl()`. The attached patch removes netlogon from sysvolcheck (committed as r17667) YAML: 8f751b9
OK - sysvolcheck (ignores netlogon) OK - samba.yaml
<http://errata.software-univention.de/ucs/4.2/165.html>