SOLVED SAMBA Cifs service refuse to start - aarrrrg - pls help

[ghostwolf59]

A couple of days ago my system crashed while I worked on setting up proper permissions on my shares.

I opted for setting up windows shares that up until the crash seemed to worked fine.
I have setup linux accounts and groups linked/synced with my windows system.

However after the crash my windows owner acl show up as unknown resulting in problem accessing the shares.
The group acl is still recognized.
Trying to resolve this I decided to shut down my CIFS service and once done it refused to go back online again.
When I try I get this useless message at the top of the browser stating "The service could not be started."

Since then I trying long and hard to find posts and suggestions on
1. get the cifs service back online again
2. resolve the "Account Unknown" shown against the owner of the account from windows.

One suggestion were to execute the winacl where I ran the
winacl -a reset -O <primaryOwner> -G <groupOwner> -p /mnt/STORE04
Once done nothing changed where I then decided to shut down my CIFS Service - it now refused to come back online again.

I have now deleted all my old shares and recreated one new


This is the output from "/usr/local/sbin/smbd --interactive --debuglevel=3"

Code:

[root@freenas ~]# /usr/local/sbin/smbd --interactive --debuglevel=3
Maximum core file size limits now 0(soft) 0(hard)
smbd version 4.1.12 started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
uid=0 gid=0 euid=0 egid=0
lp_load_ex: refreshing parameters
Initialising global parameters
max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
params.c:pm_process() - Processing configuration file "/usr/local/etc/smb4.conf"
Processing section "[global]"
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
lp_load_ex: refreshing parameters
Initialising global parameters
max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
params.c:pm_process() - Processing configuration file "/usr/local/etc/smb4.conf"
Processing section "[global]"
Processing section "[LAN Shared Docs]"
adding IPC service
added interface lo0 ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
added interface nfe1 ip=192.168.2.15 bcast=192.168.2.255 netmask=255.255.255.0
loaded services
tdb(/var/db/samba4/registry.tdb): tdb_open_ex: could not open file /var/db/samba4/registry.tdb: No such file or directory
Could not open tdb: No such file or directory
Failed to fetch domain sid for WORKGROUP
Failed to fetch domain sid for WORKGROUP
Initialise the svcctl registry keys if needed.
Initialise the eventlog registry keys if needed.
waiting for connections
Could not find child 6856 -- ignoring
Could not find child 6857 -- ignoring
Could not find child 6858 -- ignoring
Could not find child 6886 -- ignoring
Could not find child 6916 -- ignoring
Could not find child 6917 -- ignoring
Server exit (termination signal)
Terminated: 15
[root@freenas ~]#

This is the ouput from running "testparm"

Code:

[root@freenas ~]# testparm |more
Load smb config files from /usr/local/etc/smb4.conf
max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
Processing section "[LAN Shared Docs]"
Loaded services file OK.
WARNING: lock directory /var/db/samba4 should have permissions 0755 for browsing to work
WARNING: state directory /var/db/samba4 should have permissions 0755 for browsing to work
WARNING: cache directory /var/db/samba4 should have permissions 0755 for browsing to work
WARNING: You have some share names that are longer than 12 characters.
These may not be accessible to some older clients.
(Eg. Windows9x, WindowsMe, and smbclient prior to Samba 3.0.)
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
dos charset = CP437
server string = FreeNAS Server
interfaces = 127.0.0.1, 192.168.2.15
bind interfaces only = Yes
server role = standalone server
map to guest = Bad User
obey pam restrictions = Yes
smb passwd file = /var/etc/private/smbpasswd
private dir = /var/etc/private
guest account = spap
syslog only = Yes
max log size = 51200
server max protocol = SMB2
time server = Yes
deadtime = 15
max open files = 11070
hostname lookups = Yes
load printers = No
printcap name = /dev/null
disable spoolss = Yes
dns proxy = No
pid directory = /var/run/samba
panic action = /usr/local/libexec/samba/samba-backtrace
idmap config *:range = 90000000-100000000
idmap config * : backend = tdb
acl allow execute always = Yes
create mask = 0660
directory mask = 0770
ea support = Yes
directory name cache size = 0
kernel change notify = No
store dos attributes = Yes
strict locking = No

[LAN Shared Docs]
path = /mnt/STORE01/AccountManagement/LAN Shared Docs
read only = No
guest ok = Yes
veto files = /.snap/.windows/.zfs/
vfs objects = recycle, zfsacl, streams_xattr, aio_pthread
zfsacl:acesort = dontcare
nfs4:chown = yes
nfs4:acedup = merge
nfs4:mode = special
recycle:subdir_mode = 0700
recycle:directory_mode = 0777
recycle:touch = yes
recycle:versions = yes
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .recycle/%U
[root@freenas ~]#

This is the output from "net getdomainsid"

Code:

[root@freenas ~]# net getdomainsid
Environment LOGNAME is not defined. Trying anonymous access.
SID for local machine FREENAS is: S-1-5-21-2940720287-2530725673-3119066908
Could not fetch domain SID
[root@freenas ~]#

Have tried to set the log level to debug inside CIFS services along with ticking the "Use syslog" but have no idea where this (if any) logging goes ?

Running freenas FreeNAS-9.2.1.8-RELEASE-x64 (e625626)
Windows 7 Ultimate x64
ZFS volumes throughout where STORE04 is where freenas writes its system datase to.

The Server minimum protocol is set to ---- and the Server maximum protocol is set to 'SMB2_10'
( I might have set this to 'SMB3_00' while trying to sort the acl issues - but now set it back to SMB2_10 and recreated a single share.


I have also attempted to delete "/usr/local/etc/smb4.conf"

The /var/db/ holds an empty samba folder and a samba4 folder linked to the .system dataset (.system/samba4/)

Now contemplating start all over again with a fresh embedded nas but wonder if ...
1. if its safe to delete the .system dataset stored on one of my volumes (any chance my volume would become corrupt by doing so?)


Seriously need some help with this as it drives me bonkers

cheers

 

[ghostwolf59]

Just changed the permission on the following being flagged

Code:

WARNING: lock directory /var/db/samba4 should have permissions 0755 for browsing to work 
WARNING: state directory /var/db/samba4 should have permissions 0755 for browsing to work 
WARNING: cache directory /var/db/samba4 should have permissions 0755 for browsing to work

And the service starts again - not sure why this permission got changed

So now I have the acl issue(s) to resolve

cheers

 

[ghostwolf59]

This is soooooo weird - followed what I just mapped out AND once changed the permissions on the samba4 folder/dataset(s) my acl also started to work
have no idea what's going on here - but for what it's worth I am back online again (for now) - my window/linux acl works and is properly recognized and now just need to set individual folders permission as I want them

don't expect this this provide any assistance to another poor creature running into similar issues, but it seem that permission seem to play a role in all of this
Also, NEVER attempt to chmod on folders with windows acl permission issues - from what I read this will screw up your acl
BUT in saying that, chmod on the samba4 folder and sub content seem to do the trick (for now at least) :)


cheers