samba 3.0.28a and windows 7 are having a bad day. i've done all the usual registry tricks and uninstalled KB2536276. it is time. of course, i'm running ubuntu 8.04; so no amount of apt-get updating is going to bring samba to higher level. let's sort of roll our own, shall we? 3.4.4 is a nice, stable rev. pre-prep system. # apt-get update ; apt-get upgrade ; apt-get apt-get dist-upgrade what?! it is time. this system does nothing but samba anyway... and yes, i have backups. # apt-get install libldap2-dev libkrb5-dev uuid-dev libpam0g-dev zlib1g-dev build-essential # apt-get build-dep samba # cd ~/ # apt-get source samba # cat ~/samba-3.0.28a/debian/rules | less take note of all the switches, we're going to use them later. time to download the source. # mkdir -p /usr/local/src/samba # cd /usr/local/src/samba # wget http://samba.org/samba/ftp/stable/samba-3.4.4.tar.gz # tar zxvf samba-3.4.4.tar.gz # cd samba-3.4.4/source3 if you're working with windows server 2012, just download the samba-3.6.8.tar.gz and follow the same instructions... now, run configure using the os-specific switches: ./configure -–cache-file=./config.cache \ -–prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --with-privatedir=/etc/samba \ --with-piddir=/var/run/samba \ --with-fhs \ --enable-shared \ --enable-static \ --disable-pie \ --with-rootsbindir=/sbin \ --with-pammodulesdir=/lib/security \ --with-pam \ --with-syslog \ --with-utmp \ --with-readline \ --with-pam_smbpass \ --with-libsmbclient \ --with-winbind \ --with-shared-modules=idmap_rid,idmap_ad \ --with-automount \ --with-ldap \ --with-ads \ --with-dnsupdate \ --with-cifsmount \ <-- is not recognized in samba 3.6.8 (rev compat with win 2012) --with-acl-support \ --with-quotas take note: sometimes in the process of doing configure your system will bark. in my case, uuid.h . note apt-get command above only includes my missing packages; your mileage may vary. # apt-cache search uuid | grep -- -dev libblkid-dev - block device id library - headers and static libraries libossp-uuid-dev - OSSP uuid ISO-C and C++ - headers and static libraries uuid-dev - universally unique id library - headers and static libraries neat. it works. # make Using CFLAGS = -O -I. -I/root/samba-3.4.3/source3 -I/root/samba-3.4.3/source3/../lib/popt -I/root/samba-3.4.3/source3/iniparser/src -Iinclude -I./include -I. -I. -I./../lib/replace -I./../lib/talloc -I./../lib/tevent -I./../lib/tdb/include -I./libaddns -I./librpc -I./.. -DHAVE_CONFIG_H -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -Iinclude -I./include -I. -I. -I./../lib/replace -I./../lib/talloc -I./../lib/tevent -I./../lib/tdb/include -I./libaddns -I./librpc -I./.. -I./../lib/popt -DLDAP_DEPRECATED -I/root/samba-3.4.3/source3/lib -I.. -I../source4 -D_SAMBA_BUILD_=3 -D_SAMBA_BUILD_=3 ... snip ... that went okay. # make install neat. i just installed over my old binaries. take note: The binaries are installed. You may restore the old binaries (if there were any) using the command "make revert". You may uninstall the binaries using the command "make uninstallbin" or "make uninstall" to uninstall binaries, man pages and shell scripts. register samba libs. # echo "/etc/samba" > /etc/ld.so.conf.d/samba.conf # ldconfig make sure we've got all the handles for our windows clients set. to make those permanent, reboot. otherwise, command-line it. in "/etc/security/limits.conf" add line: * - nofile 16384 # ulimit -n 16384 then start the daemon. # /etc/init.d/samba start * Starting Samba daemons [ OK ] neat. it works. take note: you may need to re-add the system to your domain; as alluded to in spiffy messages such as the below: [2013/12/31 10:51:08.876223, 0] auth/auth_domain.c:212(connect_to_domain_password_server) connect_to_domain_password_server: could not fetch trust account password for domain 'DOMAIN' [2013/12/31 10:51:08.876964, 0] auth/auth_domain.c:292(domain_client_validate) domain_client_validate: Domain password server not available. whoops.
Tuesday, December 31, 2013
Wednesday, December 18, 2013
from here http://pg8873.blogspot.com/2011/02/solaris-ssh-is-offline.html
Solaris ssh is offline I'm sure you must have seen a situation like this, where for some reason ssh died and you cannot login to the server remotely. If you have console access to box, you see the ssh is offline. root@app1 # svcs -a | grep ssh offline 1:40:22 svc:/network/ssh:default svcs -d will tell us what other services depends on ssh root@app1 # svcs -d ssh STATE STIME FMRI online 1:40:19 svc:/network/loopback:default online 1:40:24 svc:/network/physical:default disable 1:41:04 svc:/system/cryptosvc:default online 1:41:16 svc:/system/filesystem/local:default online 1:42:44 svc:/system/filesystem/autofs:default online 1:42:43 svc:/system/utmp:default Offline means that the service is enabled, but something it depends on is missing, disable or in maintenance mode Here in our case crypto is disable. You might have a service with lots of dependencies that are disabled, or you might have dependencies disabled many levels deep. Do you want to walk through all those services, find out why they're not on, and enable every dependency by hand? Of course you don't. So svcadm has a "recursive enable" option that goes through and enables everything that your service depends on. # svcadm enable -r network/ssh #svcs network/ssh STATE STIME FMRI online 1:02:23 svc:/network/ssh:default #svcs -d network/ssh:default STATE STIME FMRI online 1:40:19 svc:/network/loopback:default online 1:40:24 svc:/network/physical:default disabled 1:41:04 svc:/system/cryptosvc:default online 1:41:16 svc:/system/filesystem/local:default online 1:42:44 svc:/system/filesystem/autofs:default online 1:42:43 svc:/system/utmp:default As you can see, we recursively enabled not only ssh, but everything it depended on, allowing it to come online. One last option of note for enable/disable is the "temporary" option. Say that you want to enable/disable a service just for this session, but have it revert to its previous state on reboot, in case there are problems. If ssh is disabled and you issue: #svcadm enable -t network/ssh The enable will only be temporary. If you reboot the machine, the service will once again be disabled. refresh Refresh serves two purposes. One is if you've changed any of the properties of your service, say that you've added a dependency or changed the timeout for starting, you refresh the service, and the properties become active. The other purpose is that there's an optional method, in addition to "start" and "stop", called "refresh" that you can define. If your daemon can be sent a HUP signal to re-read its configuration file, you put this in the refresh method, and when you refresh the service, this method is called. restart Restart is pretty self evident. Restarting a service means that you stop it and start it again. Where in the past you might have issued a /etc/init.d/sendmail stop followed by /etc/init.d/sendmail start, now you would use: #svcadm restart network/smtp:sendmail ... which will restart sendmail. mark (degraded | maintenance) Mark is used to force a service into a certain state. (The states are here if you've forgotten them) An administrator might want to force a service into the maintenance state to let other administrators know that there's something wrong with it that needs to be addressed before it's started again. You can force a service into either maintenance (which will shut the service down) or degraded (which will leave it running, but let others know that it's running in a degraded state). Keeping with our earlier example of ssh: #svcadm mark maintenance network/ssh #svcs network/ssh STATE STIME FMRI maintenance 1:12:47 svc:/network/ssh:default clear Clear is used to "reset" the state of a service, and have it be re-evaluated. For example, say that syslog is in maintenance: #svcs system/system-log STATE STIME FMRI maintenance 1:15:33 svc:/system/system-log:default You debug the problem, and realize that syslog failed to start because someone had accidentally deleted syslog.conf, which syslog needs to start. It attempted to start, saw that the conf file was missing, and fell into maintenance. You repair the file, and issue a clear: # svcadm clear system/system-log # svcs system/system-log STATE STIME FMRI online 1:25:07 svc:/system/system-log:default