[DRBD-user] Samba can not access share on DRBD (8.3) mounted /home partition (Centos 5)

Steven Truong midair77 at gmail.com
Fri Feb 27 22:28:16 CET 2009

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.


Dear, all.  I am pulling my hair because I could not find any error
messsages that could point me to a fix to my problem.

The directory I want to share was mounted on /home with drbd and
heartbeat but then my users could not access any shares / their home
directories.  However, if I set up shares else where on my box like
share under /opt or /usr/local, then the same users would be able to
access these directories with out any error.

I ran strace and smbd seemed unable to access/stat the /home and
shares under /home.  I looked into the access log of the client machine
and found out that the error was share "does not exist or permission
denied".  I would say that from my investigation of this problem, it
is clear that smbd could not see /home and its share.  But from the commandline
as root, I was able to run stat:

[root at polaris2 etc]# stat /home
  File: `/home'
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: 9300h/37632d	Inode: 2           Links: 9
Access: (0770/drwxrwx---)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2009-02-27 10:24:23.000000000 -0800
Modify: 2009-02-26 14:45:20.000000000 -0800
Change: 2009-02-26 14:45:20.000000000 -0800
[root at polaris2 etc]# stat /home/share2
  File: `/home/share2'
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: 9300h/37632d	Inode: 24494081    Links: 2
Access: (0755/drwxr-xr-x)  Uid: (10024/masistin)   Gid: (20002/humanresource)
Access: 2009-02-27 04:02:05.000000000 -0800
Modify: 2009-02-26 14:46:10.000000000 -0800
Change: 2009-02-26 14:46:54.000000000 -0800


Even though I set up my samba server as a standalone and authenticate
all users directly to openldap directory but my users clearly have
been able to access share that are not under /home (that were mounted
on /opt or /usr/local).

For my drbd and heartbeat setup, things are working great and I could
not see any errors anywhere in the syslog indicating any problems.

I am running this box with selinux disabled.

drbd.conf
---------------------------
global {
    usage-count yes;
}

common {
    syncer {
        rate 10M;
        al-extents 257;
       #verify-alg "sha1";
      }

    protocol C;

    handlers{
        #pri-on-incon-degr "echo 'DRBD: primary requested but inconsistent!' | w
all; /etc/init.d/heartbeat stop"; #"halt -f";
        #pri-lost-after-sb  "echo 'DRBD: primary requested but inconsistent!' |
wall; /etc/init.d/heartbeat stop"; #"halt -f";

        pri-lost  "echo 'pri-lost. Have a look at the log files.' |
mail -s 'DRBD Alert' webmaster at mynetwork.com";
        split-brain "/usr/lib/drbd/notify-split-brain.sh
webmaster at mynetwork.com";
     }

    disk {
        on-io-error  detach;
     }

    startup {
        wfc-timeout 0; #drbd init script wait infinitely on resources
        degr-wfc-timeout  120; #2minutes
     }
}

resource home
{
  net {
   cram-hmac-alg "sha1";
   shared-secret "alskfjas;lfkaj; laskfja;fk";
   #ko-count 4;

   after-sb-0pri disconnect;
   after-sb-1pri disconnect;
   after-sb-2pri disconnect;
   rr-conflict disconnect;
   }
 startup {
     #become-primary-on polaris1.mynetwork.com;
   }

  device /dev/drbd0;
  disk /dev/md8;
  meta-disk internal;

  on polaris1.mynetwork.com{
    address 192.168.10.161:7788;
   }

  on polaris2.mynetwork.com {
    address 192.168.10.162:7788;
   }
}



---------------
[root at polaris2 home]# strace -f /etc/init.d/smb start

[pid  4646] geteuid32()                 = 10024
[pid  4646] stat64("/home/share2", 0xbfc79dc8) = -1 EACCES (Permission denied)
[pid  4646] time(NULL)                  = 1235688608
[pid  4646] stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2819, ...})
= 0
[pid  4646] geteuid32()                 = 10024
[pid  4646] write(22, "[2009/02/26 14:50:08,  0] smbd/s"..., 68) = 68
[pid  4646] geteuid32()                 = 10024
[pid  4646] write(22, "  \'/home/share2\' does not exist "..., 110) = 110

[root at polaris2 home]# tailf /var/log/samba/user-39.log
.....
[2009/02/26 14:50:08,  0] smbd/service.c:make_connection_snum(1078)
 Can't become connected user!
[2009/02/26 14:50:08,  0] smbd/service.c:make_connection_snum(1152)
 '/home/share2' does not exist or permission denied when connecting
to [share2] Error was Permission denied
...


[root at polaris2 samba]# testparm
Load smb config files from /usr/local/stow/samba-3.2.5/etc/samba/smb.conf
Processing section "[share1]"
Processing section "[share2]"
Processing section "[homes]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
       workgroup = MYNETWORK
       netbios name = POLARIS
       server string = polaris
       interfaces = lo, eth1
       bind interfaces only = Yes
       passdb backend = ldapsam:ldaps://ldapvm.mynetwork.com
       syslog = 4
       log file = /var/log/samba/%m.log
       max log size = 500
       name resolve order = wins bcast host
       deadtime = 10
       socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
       load printers = No
       printcap name = /etc/printcap
       disable spoolss = Yes
       show add printer wizard = No
       add user script = /usr/sbin/smbldap-useradd -m "%u"
       add group script = /usr/sbin/smbldap-groupadd -p "%g"
       add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
       delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
       set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
       add machine script = /usr/sbin/smbldap-useradd -w "%u"
       logon path = ""
       logon home = ""
       os level = 0
       local master = No
   domain master = No
       dns proxy = No
       ldap admin dn = cn=Manager,dc=mynetwork,dc=com
       ldap group suffix = ou=groups
       ldap passwd sync = Yes
       ldap suffix = dc=mynetwork,dc=com
       ldap user suffix = ou=people
       valid users = user1, user2, user3
       hosts allow = 127., 192.168.10.

[share1]
       comment = share1 on polaris
       path = /opt/QB
       read only = No
       create mask = 0664
       directory mask = 0775
       inherit permissions = Yes

[share2]
       comment = share2 on polaris
       path = /home/share2
       read only = No
       create mask = 0664
       directory mask = 0775
       inherit permissions = Yes

[homes]
       valid users = %S
       read only = No
       inherit permissions = Yes
       browseable = No
---------------------------------------------
[root at polaris2 samba]# df
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/md0               1524876    342648   1103516  24% /
/dev/md6               3049960    456616   2435916  16% /opt
/dev/md5                505508     10559    468850   3% /tmp
/dev/md3               6092288   2155656   3622168  38% /usr
/dev/md4              10153912    545084   9084716   6% /usr/local
/dev/md2               4061440    550224   3301576  15% /var
/dev/md1                256586     26682    216656  11% /boot
tmpfs                  1037772         0   1037772   0% /dev/shm
/dev/drbd0           212232684    191988 201259812   1% /home

[root at polaris2 samba]# mount
/dev/md0 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/md6 on /opt type ext3 (rw)
/dev/md5 on /tmp type ext3 (rw)
/dev/md3 on /usr type ext3 (rw)
/dev/md4 on /usr/local type ext3 (rw)
/dev/md2 on /var type ext3 (rw)
/dev/md1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
/dev/drbd0 on /home type ext3 (rw)

[root at polaris2 samba]# ls /home/
a   lost+found   share2  testuser
[root at polaris2 samba]# cd /home/
[root at polaris2 home]# !echo
echo "Hello world" > b
[root at polaris2 home]# ls
a  b   lost+found share2  testuser
[root at polaris2 home]# cat b
Hello world
[root at polaris2 home]# cd share2
[root at polaris2 share2]# ls
a
[root at polaris2 share2]# rm a
rm: remove regular empty file `a'? y
[root at polaris2 share2]# !echo
echo "Hello world" > b
[root at polaris2 share2]# echo "Hello world" > c
[root at polaris2 share2]# cat c
Hello world
[root at polaris2 home]# ls -laht share2
total 12K
drwxr-xr-x 2 masistin humanresource 4.0K Feb 26 14:46 .
-rw-r--r-- 1 masistin humanresource   12 Feb 26 14:46 c
drwxrwx--- 9 root     root          4.0K Feb 26 14:45 ..

Could somebody take help me to solve this problem?

Thank you in advance,
Steven.



More information about the drbd-user mailing list