group acl with winbind
Sven Schwedas
sven.schwedas at tao.at
Wed Apr 8 04:11:58 EDT 2015
On 2015-04-08 09:14, Luca Olivetti wrote:
> El 07/04/15 a les 18:10, Dan White ha escrit:
>> On 04/07/15 17:50 +0200, Luca Olivetti wrote:
>>> El 07/04/15 a les 17:31, Dan White ha escrit:
>>>
>>>>> localhost> sam m_sist group:m_sist lrw
>>>>> setaclmailbox: group:m_sist: lrw: Invalid identifier
>>>>> localhost>
>>>>
>>>> Could this be a permissions problem? Can the cyrus user successfully
>>>> execute the getent command?
>>>
>>> Yes, it can
>>>
>>> $ sudo su -s /bin/bash cyrus
>>> $ whoami
>>> cyrus
>>> $ getent group | grep m_sist
>>> m_sist:x:674:ojeda,luca,calmet,rafa,oscar
>>
>> I'm at a loss to explain that behavior. You may need to trace/debug
>> to get to the bottom of it:
>>
>> http://members.sange.fi/~atehwa/vc/packaging/cyrus-imapd/debian/README.Debian.debug
>
> Thank you, that was useful (duh, why didn't I think of it?).
> It turns out that the culprit was.....systemd (or better, the systemd
> unit file provided by my distro).
> Winbind uses a socket in /tmp/.winbindd but in the systemd unit file
> there's a
>
> PrivateTmp=true
>
> which effectively hides the socket from cyrus.
> Changing it to false solves the problem.
I think it would be better to change the "winbindd socket directory"
setting in the smb.conf, as your changes to the unit file will probably
be overwritten at some point (and PrivateTmp is useful for *actual* temp
files, which the socket isn't…).
>
> Bye
>
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20150408/4a3cc7ed/attachment.bin
More information about the Info-cyrus
mailing list