Re: lug-bg: Samba --> /usr/sbin/useradd runing as nobody!
- Subject: Re: lug-bg: Samba --> /usr/sbin/useradd runing as nobody!
- From: Petar Nedyalkov <bu@xxxxxxxxxx>
- Date: Fri, 24 Feb 2006 10:45:05 +0200
- Delivered-to: lug-bg-list@xxxxxxxxxxxxxxxxxx
- Delivered-to: lug-bg@xxxxxxxxxxxxxxxxxx
On Friday 24 February 2006 10:26, Bojidar Penchev wrote:
> Çäðàâåéòå îòíîâî;)
Искаш ли да ти пратим покана за Gmail? Да не се мъчим да ти четем мейлите
сменяйки encodings просто.
>
> Îêàçà ñå, ÷å "nobody run 'add user script = ....' " å áúã íà Ñàìáàòà,
> çà êîéòî äîêîëêîòî ðàçáðàõ å ñúñ ñòàòóñ WONTFIXED, òîåñò never be fixed :(
> Çàòîâà ñå îïèòàõ äà ïîäêàðàì íåùàòà ñúñ Winbind, ÷åòîõ äîñòà òóê-òàì, íî
> íåùî íå óñïÿõ, èìàì äîñòà ïðîáëåìè... Èìàì ñëåäíàòà êîíôèãóðàöèÿ:
> Äèñòðî Fedora 4, Samba 3.0.21a
> DOM1 --> security = user --> PDC1
> DOM2 --> security = user --> PDC2
>
> PDC2 --trusting--> PDC1 (one-way trust), ñúîòâåòíî PDC1 å trusted íà PDC2
>
> Íÿêîé ùå ìîæå ëè äà ìè ïîìîãíå è äà ìè äàäå èëè ïîêàæå ïðèìåðíà
> êîíôèãóðàöèÿ íà Winbind çà êîíêðåòíèÿ ñëó÷àé îïèñàí ïî-ãîðå: comand line
> ...?
> äèðåêòèâè â smb.conf
> è ò.í...
>
> Ïðåäïîëàãàì ÷å â smb.conf íà PDC2 òðÿáâà äà èìà íåùî îò ðîäà íà:
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind uid = 10000-20000
> winbind gid = 10000-20000
> template shell = /bin/false
> template home dir = /home/wusers/%u
> winbind use default domain = yes
> winbind separator = /
> winbind enum users = yes
> winbind enum groups = yes
>
> Îïòàõ ñå äà íàïðàâÿ íåùî, íî ñòèãàì äî ìîìåíòà â êîéòî wbinfo -t å
> succeded, íî wbinfo -u/g ìè äàâà ãðåøêà:(
>
> Áëàãîäàðÿ âè ïðåäâàðèòåëíî!
>
> Bojidar Penchev <bladezrmx@xxxxxxxxx> wrote:
>
> Ivaylo Toshev <ivaylo.toshev@xxxxxxxxx> wrote: Àêî áåøå ïóñíàë äâóïîñî÷íî
> äîâåðèå - íÿìàøå äà èìàø òîçè ïðîáëåì. Àêî òðÿáâà äà îáÿñíÿâàì ïîâå÷å -
> ïèøè, â ìîìåíòà íå ìîãà äà îòäåëÿ âðåìå...
>
> Bojidar Penchev íàïèñà:
> > *Çäðàâåéòå;)
> >
> > Äèñòðî Ôåäîðà 4, 2 ñúðâúðà:
> > Server1 --> PDC1
> > Server2 --> PDC2
> >
> > PDC2 å trusting íà PDC1, ñúîòâåòíî PDC2 e trusted íà PDC2.
> > Join WinXP â PDC2, restart, login screen - âèæäàò ñå è äâàòà äîìåéíà
> > Ëîãâàì ñå â PDC2 áåç ïðîáëåì, íî â PDC1 íå ìîãà äà ñå ëîãíà, ïîíåæå â
> > /etc/passwd íà PDC2 íÿìà òàêúâ þçåð.
> > Çà öåëòà ðåäàêòèðàì smb.con íà PDC2, äîáàâÿì:
> >
> > add user script = /usr/sbin/useradd %u -g users -s /bin/false -d
> > /dev/null Îïèòâàì ñå îòíîâî äà ñå ëîãíà â PDC1 (ïðèìåðíî ñ þçåð ivan) è
> > îòíîâî
>
> & gt; íå ñå ïîëó÷àâà, â ëîãà íà PDC2 /var/log/samba/winxp.log ïèøå
ñëåäíîòî:
> > useradd: unable to lock password file
> > useradd ....gave 1
> >
> > Êîãàòî ñå îïèòàì äà access-âàì íÿêàêúâ share îò PDC2 ñ þçåð îò PDC1
> > (ïðèìåðíî ivan), useradd ñå èçïúëíÿâà è â /etc/passwd íà PDC2 ñå
> > äîáàâÿ ðåä ñ þçåðà ivan
> >
> > Óñòàíîâÿâàì, ÷å ïðè login ïðîöåñ "add user script = /usr/sbin/useradd
> > %u ......" ñå îïè òâa äà ñå èçïúëíÿâà ñ þçåðà nobody, òîé ðàçáèðà ñå
> > íÿìà ïðàâà äà èçïúëíÿâà êîìàíäàòà useradd, íå ñå ñúçäàâà þçåð
> > (ïðèìåðíî ivan), è åñòåñòâåíî íÿìà êàê äà ñå ëîãíà â PDC1
> >
> > È ñåãà âå÷å ïðàâÿ ñëåäíèÿ òåñò:
> > ðåäàêòèðàì â PDC2: visudo -f sudoers, êàòî äîáàâÿì ðåäà:
> > %nobody ALL=/usr/sbin/useradd
> > ðåäàêòèðàì è smb.conf íà PDC2
> > add user script = sudo -u root /usr/sbin/useradd %u ......
> > ....xexe ñåãà íåùàòà âúðâÿò, íî çàùî òðÿáâà äà å òàêà, õììì?
>
> & gt; Âúïðîñà ìè å - áúã ëè òîâà èëè íå? , çàùî ïðè "map network
> drive",
>
> > "add user script =.." ñå èçïúëíÿâà êàòî root, êàêòî ñè ìó å ðåäà è
> > êàêòî ñè ïèøå â man "smb.conf",
> > à ïðè ëîãèí ïðîöåñ "add user script = /usr/sbin/useradd..." ñå îïèòâà
> > äà ñå èçïúëíÿâà îò èìåòî íà þçåðà nobody, êîèòî ðàçáèðà ñå íÿìà
> > permissions çà òîâà ?
> >
> >
> > Àêî ãðåøà íÿêúäå ïîïðàâåòå ìå, äàéòå ìè íÿêàêâà èäåÿ èëè äðóãà
> > àëòåðíàòèâà!
> > Áëàãîäàðÿ âè ïðåäâàðèòåëíî;)
> > *
> >
> > ------------------------------------------------------------------------
> > Yahoo! Mail
> > Use Photomail
> >
> > to share photos without annoying attachments.
>
> Íàïðàâèõ äâïîñî÷íî äîâåðèå, íî çà ñúæàëåíèå ðåçóëòàòà å ñúùèÿ:
> useradd: unable to lock password file
> useradd ....gave 1
>
> îòíîâî þçåðà nobody ñå îïèòâà äà èçïúëíÿâà useradd:(
> Ñàìî âàðèàíòà ñúñ "sudo" ìè ïîìàãà, íî ò îâà íå å íîðìàëíî, nobody äà
> äîáàâÿ þçåðè, äðóãà èäåÿ íÿìàì çàñåãà:(
>
> PLs, help!
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
>
>
> ---------------------------------
> Yahoo! Mail
> Use Photomail to share photos without annoying attachments.
--
Cyberly yours,
Petar Nedyalkov
Devoted Orbitel Fan :-)
PGP ID: 7AE45436
PGP Public Key: http://bu.orbitel.bg/pgp/bu.asc
PGP Fingerprint: 7923 8D52 B145 02E8 6F63 8BDA 2D3F 7C0B 7AE4 5436
Attachment:
pgpUquDsgaApQ.pgp
Description: PGP signature
|