Samba+AD

Evgen787 · Непрочитанное сообщение **Evgen787** » 2009-03-12 9:42:25

Всем привет)
Стоит RHEL 5, пытаюсь сделать файловый сервер с NT acl.
Заходит на шару, но прав на запись нету, только чтение...и то заходит только в каталог /usr/home/ *. В другой каталог не заходит почему-то..
В winbindd.log

Код: Выделить всё

[2009/03/12 09:40:07, 3] nsswitch/winbindd_user.c:winbindd_getpwsid(209)
  Could not find domain for sid S-1-22-1-0

Код: Выделить всё


[global]
        auth methods = winbind
        local master = no
        os level = 8
        domain master = no
        workgroup = BP
        nt acl support = Yes
        security = ADS
        password server = BP.LOCAL
        encrypt passwords = Yes 
#       client NTLMv2 auth = Yes
        map acl inherit = Yes
#       allow trusted domains = Yes
#	 passdb backend	= tdbsam
#	 idmap backend = ad
        realm = BP.LOCAL
        netbios name = Test-files-sr
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        add user script = /usr/sbin/useradd %u
        add group script = /usr/sbin/groupadd %g
        delete user from group script = /usr/sbin/deluser %u %g
        delete group script = /usr/sbin/groupdel %g
        log level = 3
        log file = /var/log/samba/%m.%U.log
        max log size = 50000
        hosts allow = 192.168.1. 192.168.2.
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        winbind cache time= 10
        winbind use default domain = Yes
        template homedir = /usr/home/%D/%U
        template shell = /bin/bash
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind refresh tickets	= Yes 
         load printers   = No
	 show add printer wizard = No
	 case sensitive = No
	 guest account = nobody

[Temp]
	comment		= Test Share temp
	path		= /temp/dir1
	admin users	= BP\sev
	write list	= BP\sev
	read list	= BP\sev
	read only	= No
	locking		= No
#	inherit permissions = Yes
#	map acl inherit	= Yes
	read only	= No
#	inherit acls	= Yes
#	inherit owner	= Yes
#	directory mask	= 0777
#	create mask	= 0777

	
[test]
    comment             = Test
    path                = /usr/home/test
    valid users         = BP\sev
    read only           = no
    public              = yes
    writable            = yes
    create mask         = 0644
    browseable          = yes
    directory mask      = 0744

Хостинг HostFood.ru · **Хостинг HostFood.ru**

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

_Andy · Непрочитанное сообщение **_Andy** » 2009-03-12 10:28:12

Не удивительно, для того, что бы войти в директорию группе и остальным надо
directory mask = 755 иначе, ничего не выйдет. Кстати, от имени доменного пользователя
заходишь? Если да, тогда еще надо chown domain admin:domain users на директрию сделать.
Покажи

Код: Выделить всё

klist

Evgen787

Щас попробую с правами.
На счёт билетов, решил сделать smbclient -k -L \\host , ошибка. Сделал Kinit. Прошло. Билеты почему-то не обновились,
может потому-что стоял Yes вместо True в параметре winbind refresh tickets.

Код: Выделить всё

klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: sev@BP.LOCAL

Valid starting     Expires            Service principal
03/12/09 10:02:36  03/12/09 20:02:45  krbtgt/BP.LOCAL@BP.LOCAL
        renew until 03/13/09 10:02:36
03/12/09 10:05:29  03/12/09 20:02:45  cifs/test-files-sr.bp.local@BP.LOCAL
        renew until 03/13/09 10:02:36


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

Andy · Непрочитанное сообщение **Andy** » 2009-03-12 12:47:43

Evgen787 писал(а):Щас попробую с правами.
На счёт билетов, решил сделать smbclient -k -L \\host , ошибка. Сделал Kinit. Прошло. Билеты почему-то не обновились,

Не обновились потому, что обновление билетов самбой производится через включение pam модуля pam_winbind.

Код: Выделить всё

kinit --renew

в крон.

Evgen787

Ok

Собственно нужно сделать шару Temp свободную для доступа всем, но там будут лежать папки у которых доступ по пользователям и группам из AD.
Щас я могу заходить на Temp.
В каталоге /usr/home/test лежат папка1, папка2 и т.д.
# ls -la Папка1
[root@test-files-sr test]# ls -la
drwxr-xr-x 5 test1 test 4096 Мар 12 12:46 .
drwxrwxrwx 3 root root 4096 Мар 5 12:41 ..
drwx------ 2 test1 test 4096 Мар 12 12:45 Папка1
drwxr-xr-x 2 root root 4096 Мар 12 12:45 Папка2
drwxr-xr-x 2 root root 4096 Мар 12 12:46 Папка3

Сделал chown test1:test Папка1.
В Папка1 заходит только юзер test1 из группы test. Но писать туда не может почему-то. И как быть если группы на русском. Chown не воспринимает русский..И как сделать на одну папку несколько групп и пользователей.

Evgen787

По поводу нескольких пользователей и групп на папку, это через getfacl, setfacl.

Код: Выделить всё

setfacl -d -m g:"MYDOMAIN\mygroupname":rwx test
setfacl -d -m u:"MYDOMAIN\mygroupname":rwx test

Evgen787

чёт не получается права раздать на папку...

Может потому-что getent выдает без DOMAIN\user,а просто
user:*:10002:10000:user:/usr/home/BP/user:/bin/bash

_Andy · Непрочитанное сообщение **_Andy** » 2009-03-12 17:06:22

Evgen787 писал(а):чёт не получается права раздать на папку...
Может потому-что getent выдает без DOMAIN\user,а просто
user:*:10002:10000:user:/usr/home/BP/user:/bin/bash

Код: Выделить всё

wbinfo -g

Что говорит?

Код: Выделить всё

sheriff# ls -lahi
total 50
5063681 drwxr-xr-x   5 andy  wheel          512B Mar 11 08:34 .
5063680 drwxr-xr-x   4 root  wheel          512B Jun 14  2008 ..
5063682 -rw-r--r--   1 andy  1001           960B Oct  4 17:07 .cshrc
5063690 -rw-------   1 andy  1001           8.4K Mar 12 12:55 .history
5063708 -rw-------   1 andy  wheel          114B Feb 10 19:23 .lesshst
5063683 -rw-r--r--   1 andy  1001           248B Jun 13  2008 .login
5063684 -rw-r--r--   1 andy  1001           158B Jun 13  2008 .login_conf
5063688 -rw-------   1 andy  1001           373B Jun 13  2008 .mail_aliases
5063685 -rw-r--r--   1 andy  1001           331B Jun 13  2008 .mailrc
5063686 -rw-r--r--   1 andy  1001           766B Jun 13  2008 .profile
5063689 -rw-------   1 andy  1001           276B Jun 13  2008 .rhosts
5063687 -rw-r--r--   1 andy  1001           975B Jun 13  2008 .shrc
5888000 drwx------   2 andy  1001           512B Jun 20  2008 .ssh
5063693 drwxr-xr-x   3 andy  1001           512B Aug 21  2008 andy
5157962 drwxr-xr-x  85 andy  domain users   5.0K Feb 24 08:43 music
5063707 -r--r--r--   1 andy  1001           3.0K Mar  5 08:04 standard-supfile
sheriff#

Обратите внимание на директорию music.

Evgen787

Почему билеты не обновляются через параметр winbind refresh tickets = True ? (
smbclient -k -L не сработал, пришлось делать kinit и restart smb...

Код: Выделить всё

 wbinfo -g
даёт группы в формате:
ИМЯ ГРУППЫ

_Andy · Непрочитанное сообщение **_Andy** » 2009-03-13 12:59:59

Evgen787 писал(а):Почему билеты не обновляются через параметр winbind refresh tickets = True ? (

Потому, что для этого надо подключать pam winbindd.

Evgen787

Вон чё...а где можно почитать про PAM, или не подскажите как это сделать

_Andy · Непрочитанное сообщение **_Andy** » 2009-03-13 17:20:56

Evgen787 писал(а):Вон чё...а где можно почитать про PAM, или не подскажите как это сделать

Код: Выделить всё

man pam

и еще
http://www.freebsd.org.ua/doc/ru_RU.KOI ... index.html

Evgen787

Выставил права на папку через setfacl. Захожу через ssh пользователем AD, права работают на папку.
Если через винду, то не пашут...в чём причина

Andy · Непрочитанное сообщение **Andy** » 2009-03-16 20:18:49

Evgen787 писал(а):Выставил права на папку через setfacl. Захожу через ssh пользователем AD, права работают на папку.
Если через винду, то не пашут...в чём причина

owner - доменная учетная запись, группа - доменная учетная запись. Вы используете либо setfacl, либо виндовые галочки.
И рыбку съесть и на сосну залезть не получится. Убедитесь, что доменный админ, от которого Вы выдаете галочки,
является администратором шары.

Evgen787 · Непрочитанное сообщение **Evgen787** » 2009-03-17 9:36:41

При попытке в винде через галочки выставить права или добавить пользователя, группу в папку пишет - отказано в доступе.
sev - админские права.

Код: Выделить всё

[Temp3]
        path = /usr/home/test
 #       valid users = BP\sev
       admin users = BP\sev
 #      read list = BP\sev
 #       write list = BP\sev
        read only = No
        directory mask = 0770
        inherit acls = yes
        inherit owner = yes
        inherit permissions = yes
        map acl inherit = yes

Evgen787

Help...)

_Andy · Непрочитанное сообщение **_Andy** » 2009-03-17 17:56:33

Evgen787 писал(а):Help...)

Не на саму тест, права галочками выставляйте. А на созданные директории
внутри этой шары.

Evgen787

Не хочет...пишет отказано в доступе(. Может версию самбы другую, хотя наврятли, у меня 3.0.33.

Evgen787

Код: Выделить всё


[2009/03/19 16:40:24, 1] smbd/service.c:make_connection_snum(1033)
  192.168.1.14 (192.168.1.14) connect to service Temp initially as user BP\sev (uid=0, gid=10000) (pid 16048)
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:29, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:29, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file .
[2009/03/19 16:40:29, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file .
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file .
[2009/03/19 16:40:29, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file .
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:29, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:29, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:29, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file .
[2009/03/19 16:40:36, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file .
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file .
[2009/03/19 16:40:36, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file .
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:36, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:36, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:set_nt_acl(3337)
  set_nt_acl: called for file dir
[2009/03/19 16:40:36, 5] smbd/posix_acls.c:unpack_nt_owners(949)
  unpack_nt_owners: validating owner_sids.
[2009/03/19 16:40:36, 5] smbd/posix_acls.c:unpack_nt_owners(992)
  unpack_nt_owners: owner_sids validated.
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:create_canon_ace_lists(1486)
  create_canon_ace_lists: adding dir ACL:
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:check_owning_objs(1234)
  check_owning_objs: ACL had owning user/group entries.
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:check_owning_objs(1251)
  check_owning_objs: ACL is missing an owner entry.
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:check_owning_objs(1253)
  check_owning_objs: ACL is missing an owning group entry.
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - before merge
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - before merge
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - before deny
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - before deny
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - before valid
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - before valid
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - return
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - return
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms ---
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms ---
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:set_canon_ace_list(2353)
  set_canon_ace_list: setting ACL:
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:36, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:36, 2] smbd/posix_acls.c:set_canon_ace_list(2516)
  set_canon_ace_list: sys_acl_set_file type file failed for file dir (Отказано в доступе).
[2009/03/19 16:40:36, 3] smbd/posix_acls.c:set_nt_acl(3473)
  set_nt_acl: failed to set file acl on file dir (Отказано в доступе).
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file .
[2009/03/19 16:40:37, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file .
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file .
[2009/03/19 16:40:37, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file .
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:37, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:get_nt_acl(2766)
  get_nt_acl: called for file dir
[2009/03/19 16:40:37, 5] smbd/posix_acls.c:get_nt_acl(2803)
  get_nt_acl : file ACL present, directory ACL absent
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:load_inherited_info(470)
  load_inherited_info: ret = 4294967295 for file dir
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2244)
  canonicalise_acl: Access ace entries before arrange :
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:canonicalise_acl(2257)
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: canonicalise_acl: ace entries after arrange
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:map_canon_ace_perms(874)
  map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:set_nt_acl(3337)
  set_nt_acl: called for file dir
[2009/03/19 16:40:37, 5] smbd/posix_acls.c:unpack_nt_owners(949)
  unpack_nt_owners: validating owner_sids.
[2009/03/19 16:40:37, 5] smbd/posix_acls.c:unpack_nt_owners(992)
  unpack_nt_owners: owner_sids validated.
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:create_canon_ace_lists(1486)
  create_canon_ace_lists: adding dir ACL:
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:create_canon_ace_lists(1544)
  create_canon_ace_lists: adding file ACL:
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:check_owning_objs(1234)
  check_owning_objs: ACL had owning user/group entries.
[2009/03/19 16:40:37, 10] smbd/posix_acls.c:check_owning_objs(1251)
  check_owning_objs: ACL is missing an owner entry.
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:check_owning_objs(1253)
  check_owning_objs: ACL is missing an owning group entry.
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - before merge
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - before merge
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - before deny
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - before deny
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - before valid
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - before valid
  canon_ace index 0. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: file ace - return
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:print_canon_ace_list(598)
  print_canon_ace_list: dir ace - return
  canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms ---
  canon_ace index 1. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms ---
  canon_ace index 2. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:set_canon_ace_list(2353)
  set_canon_ace_list: setting ACL:
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 0. Type = allow SID = S-1-22-2-0 gid 0 (root) SMB_ACL_GROUP_OBJ perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 1. Type = allow SID = S-1-22-1-0 uid 0 (root) SMB_ACL_USER_OBJ perms rwx
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER perms r-x
[2009/03/19 16:40:38, 10] smbd/posix_acls.c:set_canon_ace_list(2453)
  canon_ace index 3. Type = allow SID = S-1-5-21-1386709073-2591640749-2997073345-7752 uid 10002 (sev) SMB_ACL_USER perms r-x
[2009/03/19 16:40:38, 2] smbd/posix_acls.c:set_canon_ace_list(2516)
  set_canon_ace_list: sys_acl_set_file type file failed for file dir (Отказано в доступе).
[2009/03/19 16:40:38, 3] smbd/posix_acls.c:set_nt_acl(3473)
  set_nt_acl: failed to set file acl on file dir (Отказано в доступе).

При попытка добавить пользвоателя в папку пишет отказано(...

forum.lissyara.su

Samba+AD

Samba+AD

Услуги хостинговой компании Host-Food.ru

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD

Re: Samba+AD