LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-02-2003, 06:20 PM   #1
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Rep: Reputation: 15
Question SAMBA - nobody account maps /home to "nobody"


I've read about what the guest account is. However, I don't understand why my Win98 clients are logging in under it.

I enter in their username and password, and the "net use S: /home" runs okay, but when you open my computer the S drive states: nobody on "servername".

Sometimes the process is listed as nobody nobody other times just connected to nobody. I don't have a nobody file in the homes directory. Sometimes it is connected to IPC$.

My config file, in relation to guest access, has only:
[global]
map to guest = never
domain admin group =
domain guest group =
guest account = nobody
guest only = No
guest ok = No

This is from a testparm dump

The actual config file is here:
[global]
netbios name = cap
workgroup = acorn
encrypt passwords = yes
wins support = yes
domain master = yes
local master = yes
preferred master = yes
os level = 65
security = user
domain logons = yes

logon path = \\%L\profiles\%u\%m
logon script = logon.bat
logon drive = S:
logon home = \\%L\%u\.win_profile\%m

time server = yes

add user script = /usr/sbin/useradd -d /dev/nu.. -g 100 -s /bin/false -M %u

[netlogon]
path = /usr/local/samba/lib/netlogon
writable = no
browsable = no

[profiles]
path = /ovs/samba-ntprof
browsable = no
writable = yes
create mask = 0600
directory mask = 0700

[homes]
read only = no
browsable = no
guest ok = no
map archive = yes

T.I.A.
 
Old 10-03-2003, 12:05 AM   #2
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
Add the "log file" directive to samva ans set "log level = 2". Restart samba, and do net use again. Post the contents of the log file.

Basically, replicate the situation, but this time you will have a log file so we can troubleshoot some more.

Even though it says nobody on "servername" is the directory the user's home directory?

Last edited by sidmark-2850; 10-03-2003 at 12:07 AM.
 
Old 10-03-2003, 02:02 AM   #3
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
will set up log file

I will do that and post if I can replicate.

I watched the described behavior happen, but could not replicate it myself.

Of course by then, after insuring that every one was, indeed, logged out, I killed all the orphan processes (some valid, others nobody) before I tried to replicate it.

I think that perhaps, for troubleshooting, I shouldn't have done that.

Anyway, I will do as you suggest and hope for the best.

I'd love to print some of this stuff out, but I can't for the life of me get my Jet Direct printer set up (and this through X) for the life of me. They want a port number. 9100 sure 'ain't it. <sigh>

It is hard being asked to implement a system (SAMBA) on top of another system (RH9) and you don't have any experience with either. On the other hand, I find I actually missed a command line interface, and X confuses the heck out of me. I'm using it mainly because I don't have the time to devote to learning the bash shell commands, but it seems rather daft to want a GUI that, sofar takes twice the steps to accomplish what one line would do in the shell.
I know I need to write scripts to handle the adding of symlinks for roving profiles and adding users and such, but I don't have time to learn Python now and so am doing it all manually. I look upon it as an opportunity to learn the commands as opposed to programing them once and never really getting to know them.
In short - I'm a sickko - because this is a heck of a lot of fun! <biggrin>
Now if I just didn't have users banging down the door for such things like, I dunno, server space. <smile>
 
Old 10-03-2003, 10:20 AM   #4
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
Well, if you can't replicate the behavior mentioned earler on, that is a good thing. Getting your printer up and runnin in X should be fairly trivial. What distro are you running? If it does not work right out of the box, you should look up on HP's site for the configuration page of the print server. What kind of printer/print server is it? Look through the docs for the port number. Your best bet it to "Cold Reset" the print server and reconfigure it from scratch. That way, you know what options are set and you can return it to the factory default state. In other cases, you may not want to do that. The print server may have a www interface to it.

As for scripting, I just use bash. I am looking to get a perl book, so that I can start reading. I am using bash scripts to create users and that sort and I think that I might be ready to move up to perl. I am not a bash guru but I can do a few things. Check out Advanced Bash-Scripting Guide.

Don't forget to mention what distro and printer/print server you are trying to configure.
 
Old 10-03-2003, 01:13 PM   #5
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
printing

Well color me stupid! To find the ip addy for my printer I used my Network Monitor map.. which was _out of date_ ! So when I went to work on the printer issue this morning I printed out a config page to verify my info... I've heard that the correct IP addy seems to make thing work better. <ahgods>

<very small voice> imprintingnow

On the bright side - I installed the logging and turned it on

On the annoying side - It's almost 11am here and no-one has logged in! Ah well, I have lots of symlinks to copy.

Will look into bash shell scripting. If the learning curve is less, I can use it as a stop gap tool.

More later today...
 
Old 10-03-2003, 02:14 PM   #6
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
Quote:
On the annoying side - It's almost 11am here and no-one has logged in! Ah well, I have lots of symlinks to copy.
What are you trying to do? Maybe there is an easier way to do what you are doing without all the symlinks.
 
Old 10-03-2003, 06:42 PM   #7
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
why symlinks

To enable roaming profiles for Win boxes.

"Using Samba" tells me to create a symlink for each computer that points to the corresponding os directory for Win to store app settings user.dat and soforth.

To accomplish this I created a directory for all the symlinks

I move the existing machine name profile to a Win98 directory in the user's .win_profile directory
I delete that machine name folder
I copy the symlinks to the users .win_profile directory
I chown the directory

fortunately, I only have 19 computers at this time (I'm only rolling out 1 lab) and under 150 students.

but my fingers are sore..

Over the weekend, I will try to write a Python program to execute the above steps with a passed variable of the student folder.

For now.. I trudge home. Have a good week-end.
 
Old 10-08-2003, 04:38 PM   #8
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
I have excerpts of the log file, but it is too long to post. Can I e-mail it? Or can you tell me what portions are relevant?

I am comparing it to a user that logged on successfully and I see no difference until it lists a connect to service entry. Then for my nobody it connects to nobody for studentname UID GID PID. Where as my successfull user is connect to service studentname as user studentname UID GID PID. Otherwise the entries are identical.

I have figured out how to temporarily band-aid it: have the user log out, kill the process and log back in.
 
Old 10-08-2003, 06:02 PM   #9
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
I sometimes have a nobody entry entry if I do a smbstatus. Is that what you are referring to? Come to think of it, your log file will be really big since you have so many machines and users. You sould set the log file to something like "log file = smblog-%m.txt". This will create a log file with a "-<machine_name>.txt suffix. You will now have 19 log files but each one will be a lot smaller.

What share connects as nobody?

Change the log file name to the newer version, restart samba and try to replicate the problem on the same or different machine, then post the log file of the appropriate machine. You should post the log file using the [code] tags.

What kind of client machines do you have 98? XP?
 
Old 10-08-2003, 06:27 PM   #10
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
Yes! That is precisely what I'm referring to! The problem with it is that the /home directory for the user is mapped to "nobody" instead of the user's home directory.

I'll make the log mods to smb.conf and post tomorrow.

These are all Win98se clients.

I don't know how to use the code tags, but I'll click on help here and go from there.

Have a good evening.
 
Old 10-09-2003, 11:54 AM   #11
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
log file

Here are excerpts of the log file:

[2003/10/08 20:40:58, 2] smbd/reply.c:reply_sesssetup_and_X(1007)
Defaulting to Lanman password for djbunch
[2003/10/08 20:40:58, 1] smbd/service.c:make_connection(636)
a08 (192.168.1.38) connect to service netlogon as user djbunch (uid=611, gid=700) (pid 5093)
[2003/10/08 20:40:58, 2] smbd/open.cpen_file(246)
DJBUNCH opened file logon.bat read=Yes write=No (numopen=1)
[2003/10/08 20:40:58, 2] smbd/close.c:close_normal_file(229)
djbunch closed file logon.bat (numopen=0)

Then the 246/229 dialog repeats 5 times - then:

[2003/10/08 20:40:59, 1] smbd/service.c:make_connection(636)
a08 (192.168.1.38) connect to service nobody as user djbunch (uid=611, gid=700) (pid 5093)
[2003/10/08 20:40:59, 2] smbd/open.cpen_file(246)
DJBUNCH opened file logon.bat read=Yes write=No (numopen=1)
[2003/10/08 20:40:59, 2] smbd/close.c:close_normal_file(229)
djbunch closed file logon.bat (numopen=0)

Then the 246/229 repeats 11 times - then:

[2003/10/08 20:41:02, 1] smbd/service.c:close_cnum(677)
a08 (192.168.1.38) closed connection to service netlogon
[2003/10/08 20:42:30, 1] smbd/service.c:close_cnum(677)
a08 (192.168.1.38) closed connection to service nobody

Session over. Then he logs back in and out trying to shake the nobody problem - to no avail - I'm not there to kill the process.q

My logon.bat has net use s: /home and the time sync command.

?
 
Old 10-09-2003, 02:31 PM   #12
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
Hmm. Interesting. When you browse your samba server, is there a Nobody share listed there? Can you post the ouput of the smbstatus command when this problem occurs? Do all of your users have home directories in the /etc/passwd field.

Does this happen with all your users or some of them. You should try putting "guest ok = no" in your global section of your config file. The nobody entry sometimes shows up connected to the IPC$ share of my machine sometimes.

Is the above smb.conf file your enti file or just the important parts?
 
Old 10-09-2003, 02:47 PM   #13
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
Oh, just looked at the guest part you had at the top. I am wondering if there is something with the way you created the users or if there is someting that I am missing. Does it happen to a particular machine or all machines? We need to try to isolate the problem and see what's causing it.

Do you image your machines with ghost or drive image or another tool?

Quote:
I enter in their username and password, and the "net use S: /home" runs okay, but when you open my computer the S drive states: nobody on "servername".
When you open uo the S drive does it open up the user's home directory or somewhere else on the filesystem?
 
Old 10-09-2003, 04:08 PM   #14
calabash
Member
 
Registered: Sep 2003
Distribution: FC11
Posts: 128

Original Poster
Rep: Reputation: 15
That file folder only shows up on the computer logged in as nobody. The folder does not exist on the server.

I do get IPC$ occasionally, but then with a user name, not "nobody".

Under smbstatus -b "nobody" shows up with a PID, nobody, machine-name, login time. If you look at the logfile for the machine, you can determine who the user actually is.

My etc/passwd file has home directories for everyone, but, there is this: nobody:x:99:99:Nobody:/:/sbin/nologin
I don't know what that means.

That is my entire smb configuration file.

And worse - there is no winnowing it down to a few computers, it happens randomly, to various users. A user in the morning will have the problem and then not have it for the rest of the day.

To create my users I: a) in x used the Red Hat User Manager - entered name/password/home directory b) edited said user to change from group "users" to group "student" c) opened up terminal window and executed smbpasswd -a studentname. That is it.

We do not ghost our machines. I can't talk them into keeping spare parts let alone ghosting. Personally, I'd ghost and then at the end of the year, fdisk and restore every one of the Lab machines. I've been told I'm silly.

The next time I see a "nobody" on the network, I'll save a file into this "nobody" directory and then see if I can find it on the SAMBA server.
 
Old 10-09-2003, 09:58 PM   #15
sidmark-2850
Member
 
Registered: Aug 2003
Posts: 133

Rep: Reputation: 15
Ghost is really cool, but it is also really expensive. The 10 user licence pack is $559.95. This is for the non corporate version, but it will allow you to ghost to and from a network server.

I noticed other posts about free ghost equivalent programs.
I need partition magic and ghost replacements - don't need too many features though

You can look at Partimage homepage. It looks promissing.

I never used any of those program so I can't comment on their use. You can try to implement an imaging solution for your labs. It will be much better than installing each workstation by hand.

Now, back to the main problem: I see entries like these when I do a smbstatus.
Code:
Samba version 2.2.8a
Service      uid      gid      pid     machine
----------------------------------------------
ipc$         nobody   nobody    1270   astro    (192.168.0.1) Thu Oct  9 19:16:18 2003
ipc$         nobody   nobody    1270   astro    (192.168.0.1) Thu Oct  9 19:16:17 2003
I use a combination of 98, 2k and xp workstations. The above entries are from the 2k or xp workstations as they authenticate themselves to the domain and before users log in.

Idea! Something just popped up. Why don't you change logon home = \\%L\%u\.win_profile\%m to logon home = \\Cap\Homes. You can try to change your logon script from net use s: /home to net use s: \\Cap\Homes /y. I have a strong feeling that the logon home = \\%L\%u\.win_profile\%m is the root of all evil.

What samba version are you running anyway?

Last edited by sidmark-2850; 10-09-2003 at 10:10 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Guest account in Ubuntu 5.10 "Breezy Badger" DaneM Ubuntu 7 11-11-2005 02:58 PM
UT2004 some maps give "ReadFile beyond EOF 0+4/0..." AC97Conquerer Linux - Games 1 03-25-2005 01:52 AM
[Redhat] make "admin" account same privledges as "root" Bi0haZarD Linux - Networking 20 01-12-2005 10:47 AM
after I created a new account , why system displays"I have no name!" larrylovelinux Linux - Security 3 05-08-2004 05:13 AM
Your account has expired " VEREY URGENT" khalidcsc Linux - General 4 10-12-2003 01:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration