.%20%EC%A0%84%EA%B2%BD%EC%97%90%EC%84%9C%EB%8A%94%20%EA%B4%9C%EC%B0%AE%EC%9D%8C.png)
Samba 인스턴스(4.7.5)는 systemctl 데몬으로 실행될 때 사용자가 공유를 탐색하는 것을 허용하지 않지만 포그라운드 서비스로 실행될 때 제대로 작동합니다.
systemctl 서비스 단위의 내용:
# cat /usr/lib/systemd/system/smb.service
[Unit]
Description=Samba SMB Daemon
After=syslog.target network.target nmb.service winbind.service
[Service]
Environment=KRB5CCNAME=FILE:/run/samba/krb5cc_samba
Type=notify
NotifyAccess=all
PIDFile=/run/smbd.pid
LimitNOFILE=16384
EnvironmentFile=-/etc/sysconfig/samba
ExecStart=/usr/sbin/smbd -F --no-process-group $SMBDOPTIONS
ExecReload=/usr/bin/kill -HUP $MAINPID
LimitCORE=infinity
[Install]
WantedBy=multi-user.target
systemctl을 통해 실행할 때의 로그:
[2018/02/26 16:57:37.676020, 3, pid=2994] ../lib/util/access.c:365(allow_access)
Allowed connection from 192.168.247.72 (192.168.247.72)
[2018/02/26 16:57:37.676283, 3, pid=2994] ../source3/param/loadparm.c:3862(lp_load_ex)
lp_load_ex: refreshing parameters
[2018/02/26 16:57:37.676497, 3, pid=2994] ../source3/param/loadparm.c:549(init_globals)
Initialising global parameters
[2018/02/26 16:57:37.676661, 3, pid=2994] ../source3/param/loadparm.c:2776(lp_do_section)
Processing section "[global]"
[2018/02/26 16:57:37.676960, 2, pid=2994] ../source3/param/loadparm.c:2793(lp_do_section)
Processing section "[test]"
[2018/02/26 16:57:37.677137, 3, pid=2994] ../source3/param/loadparm.c:1611(lp_add_ipc)
adding IPC service
[2018/02/26 16:57:37.677433, 2, pid=2994] ../source3/lib/interface.c:345(add_interface)
added interface ens192 ip=192.168.247.71 bcast=192.168.247.255 netmask=255.255.255.0
[2018/02/26 16:57:37.677553, 3, pid=2994] ../source3/smbd/oplock.c:1340(init_oplocks)
init_oplocks: initializing messages.
[2018/02/26 16:57:37.677770, 3, pid=2994] ../source3/smbd/process.c:1959(process_smb)
Transaction 0 of length 216 (0 toread)
[2018/02/26 16:57:37.677874, 3, pid=2994] ../source3/smbd/process.c:1539(switch_message)
switch message SMBnegprot (pid 2994) conn 0x0
[2018/02/26 16:57:37.678639, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2018/02/26 16:57:37.678766, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [MICROSOFT NETWORKS 1.03]
[2018/02/26 16:57:37.678864, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [MICROSOFT NETWORKS 3.0]
[2018/02/26 16:57:37.678968, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [LANMAN1.0]
[2018/02/26 16:57:37.679071, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [LM1.2X002]
[2018/02/26 16:57:37.679183, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [DOS LANMAN2.1]
[2018/02/26 16:57:37.679280, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [LANMAN2.1]
[2018/02/26 16:57:37.679379, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [Samba]
[2018/02/26 16:57:37.679472, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [NT LANMAN 1.0]
[2018/02/26 16:57:37.679583, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [NT LM 0.12]
[2018/02/26 16:57:37.679693, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [SMB 2.002]
[2018/02/26 16:57:37.679809, 3, pid=2994] ../source3/smbd/negprot.c:612(reply_negprot)
Requested protocol [SMB 2.???]
[2018/02/26 16:57:37.679986, 3, pid=2994] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
Selected protocol SMB2_FF
[2018/02/26 16:57:37.680477, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_spnego' registered
[2018/02/26 16:57:37.680579, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_krb5' registered
[2018/02/26 16:57:37.680684, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'gssapi_krb5_sasl' registered
[2018/02/26 16:57:37.680797, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'spnego' registered
[2018/02/26 16:57:37.680882, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'schannel' registered
[2018/02/26 16:57:37.680984, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'naclrpc_as_system' registered
[2018/02/26 16:57:37.681089, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'sasl-EXTERNAL' registered
[2018/02/26 16:57:37.681191, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'ntlmssp' registered
[2018/02/26 16:57:37.681291, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'ntlmssp_resume_ccache' registered
[2018/02/26 16:57:37.681384, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_basic' registered
[2018/02/26 16:57:37.681489, 3, pid=2994] ../auth/gensec/gensec_start.c:977(gensec_register)
GENSEC backend 'http_ntlm' registered
[2018/02/26 16:57:37.682280, 3, pid=2994] ../source3/smbd/negprot.c:753(reply_negprot)
Selected protocol SMB 2.???
[2018/02/26 16:57:37.682741, 3, pid=2994] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
Selected protocol SMB3_11
[2018/02/26 16:57:37.686193, 3, pid=2994] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62088215
[2018/02/26 16:57:37.686799, 3, pid=2994] ../auth/ntlmssp/ntlmssp_server.c:454(ntlmssp_server_preauth)
Got user=[test] domain=[SAMBA] workstation=[THINKPAD-X270] len1=24 len2=330
[2018/02/26 16:57:37.686917, 3, pid=2994] ../source3/param/loadparm.c:3862(lp_load_ex)
lp_load_ex: refreshing parameters
[2018/02/26 16:57:37.687046, 3, pid=2994] ../source3/param/loadparm.c:549(init_globals)
Initialising global parameters
[2018/02/26 16:57:37.687198, 3, pid=2994] ../source3/param/loadparm.c:2776(lp_do_section)
Processing section "[global]"
[2018/02/26 16:57:37.687465, 2, pid=2994] ../source3/param/loadparm.c:2793(lp_do_section)
Processing section "[test]"
[2018/02/26 16:57:37.687611, 3, pid=2994] ../source3/param/loadparm.c:1611(lp_add_ipc)
adding IPC service
[2018/02/26 16:57:37.687742, 3, pid=2994] ../source3/auth/auth.c:189(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [SAMBA]\[test]@[THINKPAD-X270] with the new password interface
[2018/02/26 16:57:37.687838, 3, pid=2994] ../source3/auth/auth.c:192(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [SAMBA]\[test]@[THINKPAD-X270]
[2018/02/26 16:57:37.687998, 2, pid=2994] ../source3/lib/smbldap.c:841(smbldap_open_connection)
smbldap_open_connection: connection opened
[2018/02/26 16:57:37.696554, 3, pid=2994] ../source3/lib/smbldap.c:1063(smbldap_connect_system)
ldap_connect_system: successful connection to the LDAP server
[2018/02/26 16:57:37.699013, 2, pid=2994] ipa_sam.c:3216(init_sam_from_ldap)
init_sam_from_ldap: Entry found for user: test
[2018/02/26 16:57:37.700693, 3, pid=2994] ../source3/auth/auth.c:256(auth_check_ntlm_password)
auth_check_ntlm_password: sam authentication for user [test] succeeded
[2018/02/26 16:57:37.700736, 3, pid=2994] ../auth/auth_log.c:760(log_authentication_event_human_readable)
Auth: [SMB2,(null)] user [SAMBA]\[test] at [Mon, 26 Feb 2018 16:57:37.700721 GMT] with [NTLMv2] status [NT_STATUS_OK] workstation [THINKPAD-X270] remote host [ipv4:192.168.247.72:39014] became [domain.internal]\[test] [S-1-5-21-2460180081-1733199439-1879006710-1003]. local host [ipv4:192.168.247.71:445]
[2018/02/26 16:57:37.700769, 3, pid=2994] ../auth/auth_log.c:591(log_no_json)
log_no_json: JSON auth logs not available unless compiled with jansson
[2018/02/26 16:57:37.700780, 2, pid=2994] ../source3/auth/auth.c:314(auth_check_ntlm_password)
check_ntlm_password: authentication for user [test] -> [test] -> [test] succeeded
[2018/02/26 16:57:37.700798, 3, pid=2994] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
NTLMSSP Sign/Seal - Initialising with flags:
[2018/02/26 16:57:37.700807, 3, pid=2994] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62088215
[2018/02/26 16:57:37.700829, 3, pid=2994] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
NTLMSSP Sign/Seal - Initialising with flags:
[2018/02/26 16:57:37.700837, 3, pid=2994] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62088215
[2018/02/26 16:57:37.702460, 3, pid=2994] ../source3/smbd/password.c:130(register_homes_share)
Using static (or previously created) service for user 'test'; path = '/media/nas/test_dir'
[2018/02/26 16:57:37.703937, 3, pid=2994] ../lib/util/access.c:365(allow_access)
Allowed connection from 192.168.247.72 (192.168.247.72)
[2018/02/26 16:57:37.703995, 3, pid=2994] ../source3/smbd/service.c:595(make_connection_snum)
Connect path is '/tmp' for service [IPC$]
[2018/02/26 16:57:37.704019, 3, pid=2994] ../source3/smbd/vfs.c:113(vfs_init_default)
Initialising default vfs hooks
[2018/02/26 16:57:37.704039, 3, pid=2994] ../source3/smbd/vfs.c:139(vfs_init_custom)
Initialising custom vfs hooks from [/[Default VFS]/]
[2018/02/26 16:57:37.704093, 3, pid=2994] ../source3/smbd/service.c:841(make_connection_snum)
thinkpad-x270 (ipv4:192.168.247.72:39014) connect to service IPC$ initially as user test (uid=1368400003, gid=1368400003) (pid 2994)
[2018/02/26 16:57:37.704548, 3, pid=2994] ../source3/smbd/msdfs.c:1008(get_referred_path)
get_referred_path: |test| in dfs path \samba.domain.internal\test is not a dfs root.
[2018/02/26 16:57:37.704565, 3, pid=2994] ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_NOT_FOUND] || at ../source3/smbd/smb2_ioctl.c:309
[2018/02/26 16:57:37.704836, 3, pid=2994] ../source3/smbd/service.c:1120(close_cnum)
thinkpad-x270 (ipv4:192.168.247.72:39014) closed connection to service IPC$
[2018/02/26 16:57:37.705095, 3, pid=2994] ../lib/util/access.c:365(allow_access)
Allowed connection from 192.168.247.72 (192.168.247.72)
[2018/02/26 16:57:37.705117, 3, pid=2994] ../libcli/security/dom_sid.c:210(dom_sid_parse_endp)
string_to_sid: SID @ipausers is not in a valid format
[2018/02/26 16:57:37.705526, 3, pid=2994] ../source3/smbd/service.c:595(make_connection_snum)
Connect path is '/media/nas/test_dir' for service [test]
[2018/02/26 16:57:37.705633, 3, pid=2994] ../libcli/security/dom_sid.c:210(dom_sid_parse_endp)
string_to_sid: SID @ipausers is not in a valid format
[2018/02/26 16:57:37.705869, 3, pid=2994] ../source3/smbd/vfs.c:113(vfs_init_default)
Initialising default vfs hooks
[2018/02/26 16:57:37.705962, 3, pid=2994] ../source3/smbd/vfs.c:139(vfs_init_custom)
Initialising custom vfs hooks from [/[Default VFS]/]
[2018/02/26 16:57:37.706100, 3, pid=2994] ../libcli/security/dom_sid.c:210(dom_sid_parse_endp)
string_to_sid: SID @ipausers is not in a valid format
[2018/02/26 16:57:37.706386, 0, pid=2994] ../source3/smbd/service.c:774(make_connection_snum)
canonicalize_connect_path failed for service test, path /media/nas/test_dir
[2018/02/26 16:57:37.706955, 3, pid=2994] ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_BAD_NETWORK_NAME] || at ../source3/smbd/smb2_tcon.c:135
[2018/02/26 16:57:37.707412, 3, pid=2994] ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_NETWORK_NAME_DELETED] || at ../source3/smbd/smb2_server.c:2491
[2018/02/26 16:57:37.707871, 3, pid=2994] ../source3/smbd/server_exit.c:244(exit_server_common)
Server exit (NT_STATUS_END_OF_FILE)
[2018/02/26 16:57:37.712408, 3, pid=2948] ../source3/lib/util_procid.c:54(pid_to_procid)
pid_to_procid: messaging_dgm_get_unique failed: No such file or directory
포그라운드에서 실행하는 명령:
smbd -F
둘 다 동일한 구성 파일을 사용하고 있기 때문에 나는 이것에 대해 약간 길을 잃었습니다. /etc/sysconfig/samba도 빈 변수로 가득 차 있습니다.
참고할 몇 가지 사항:
- Samba가 LDAP 디렉토리 서버에 연결되어 있습니다.
- Samba는 Fedora 27에서 실행됩니다.
- Systemctl 및 전경 명령은 동일한 디렉토리 권한과 동일한 시스템 사용자를 사용합니다.
여기서 어디로 가야할지 힌트를 줄 수 있는 사람이 있나요? 해결 방법으로 화면에서 전경 명령을 실행하는 것을 좋아하지 않습니다!
답변1
같은 문제가 있었고 작동했습니다. 점검https://www.hiroom2.com/2017/12/03/fedora-27-samba-en
내 공유에 "sudo chcon -R -t samba_share_t /path_to_your_share"가 필요하고 smb.conf에 "valid user = youruser"가 필요했는데 작동했습니다.
"sudo setsebool -P samba_enable_home_dirs on"은 나에게는 작동하지 않았지만 chcon도 사용했습니다 ... 그리고 작동했습니다.