search

crazy-max / docker-samba

Samba Docker image
MIT License
468 stars 49 forks source link

mkdir failed on directory /var/lib/samba/private/msg.sock: No such file or directory #48

Closed ryanmark closed 1 year ago

ryanmark commented 1 year ago

Behaviour

I've been using this docker image for a while and it has worked great. When I pulled the last update, the container no longer starts. I tried to revert to some previous versions of the container, but I'm experiencing the same issues.

I believe the problem is related to these lines in the entrypoint.sh. On the created container, these lines seem to symlink /data/lib to /var/lib/samba/lib when it appears the symlink should be to /var/lib/samba. However the commands themselves appear correct, so I'm not sure why this started happening.

Steps to reproduce this issue

  1. Follow setup instructions in readme for use with docker compose, using example docker compose and config.yml in the repo
  2. Make sure directories public, share, foo, foo-baz are present.
  3. Run docker-compose up

Expected behaviour

Tell me what should happen

Container should start samba and samba should run.

Actual behaviour

Tell me what happens instead

Samba does not start, failing with the message: 

directory_create_or_exist: mkdir failed on directory /var/lib/samba/private/msg.sock: No such file or directory

Configuration

I only used the files provided here: https://github.com/crazy-max/docker-samba/tree/master/examples/compose

Docker info

> Output of command `docker info`
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  compose: Docker Compose (Docker Inc., 2.15.1)

Server:
 Containers: 7
  Running: 6
  Paused: 0
  Stopped: 1
 Images: 8
 Server Version: 20.10.23
 Storage Driver: overlay2
  Backing Filesystem: zfs
  Supports d_type: true
  Native Overlay Diff: false
  userxattr: true
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 31aa4358a36870b21a992d3ad2bef29e1d693bec.m
 runc version:
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
  cgroupns
 Kernel Version: 5.15.83-1-pve
 Operating System: Arch Linux
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 8GiB
 Name: cubert
 ID: NZEN:TFZ2:AQOZ:PCJZ:B6UV:JHO7:2XXB:XVWK:UICP:DNLL:NYBH:N2UZ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Logs

> Container logs (set LOG_LEVEL to debug if applicable)
samba  | Setting global configuration
samba  | Creating user foo/foo (1000:1000)
samba  | Failed to open /var/lib/samba/private/secrets.tdb
samba  | Creating user baz/xxx (1100:1200)
samba  | addgroup: group 'xxx' in use
samba  | Failed to open /var/lib/samba/private/secrets.tdb
samba  | Add global option: force user = foo
samba  | Add global option: force group = foo
samba  | Creating share public
samba  | Creating share share
samba  | Creating share foo
samba  | Creating share foo-baz
samba  | Load smb config files from /etc/samba/smb.conf
samba  | Loaded services file OK.
samba  | Weak crypto is allowed
samba  |
samba  | WARNING: some services use vfs_fruit, others don't. Mounting them in conjunction on OS X clients results in undefined behaviour.
samba  |
samba  | Server role: ROLE_STANDALONE
samba  |
samba  | # Global parameters
samba  | [global]
samba  |        disable netbios = Yes
samba  |        disable spoolss = Yes
samba  |        dns proxy = No
samba  |        local master = No
samba  |        map to guest = Bad User
samba  |        pam password change = Yes
samba  |        printcap name = /dev/null
samba  |        security = USER
samba  |        server role = standalone server
samba  |        server services = s3fs, rpc, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
samba  |        server string = Docker Samba Server
samba  |        smb ports = 445
samba  |        unix extensions = No
samba  |        usershare allow guests = Yes
samba  |        winbind scan trusted domains = Yes
samba  |        fruit:time machine = yes
samba  |        fruit:delete_empty_adfiles = yes
samba  |        fruit:wipe_intentionally_left_blank_rfork = yes
samba  |        fruit:veto_appledouble = no
samba  |        fruit:posix_rename = yes
samba  |        fruit:model = MacSamba
samba  |        fruit:metadata = stream
samba  |        idmap config * : backend = tdb
samba  |        create mask = 0664
samba  |        directory mask = 0775
samba  |        force create mode = 0664
samba  |        force directory mode = 0775
samba  |        force group = foo
samba  |        force user = foo
samba  |        hosts allow = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
samba  |        hosts deny = 0.0.0.0/0
samba  |        printing = bsd
samba  |        strict locking = No
samba  |        vfs objects = fruit streams_xattr
samba  |        wide links = Yes
samba  |
samba  |
samba  | [public]
samba  |        comment = Public
samba  |        delete veto files = Yes
samba  |        guest ok = Yes
samba  |        path = /samba/public
samba  |        veto files = /._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
samba  |        vfs objects = recycle
samba  |        recycle:versions = yes
samba  |        recycle:keeptree = yes
samba  |        recycle:repository = .recycle
samba  |
samba  |
samba  | [share]
samba  |        delete veto files = Yes
samba  |        guest ok = Yes
samba  |        path = /samba/share
samba  |        read only = No
samba  |        veto files = /._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
samba  |        write list = foo
samba  |
samba  |
samba  | [foo]
samba  |        delete veto files = Yes
samba  |        hide files = /_*/
samba  |        path = /samba/foo
samba  |        read only = No
samba  |        valid users = foo
samba  |        veto files = /._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
samba  |        write list = foo
samba  |
samba  |
samba  | [foo-baz]
samba  |        delete veto files = Yes
samba  |        path = /samba/foo-baz
samba  |        read only = No
samba  |        valid users = foo baz
samba  |        veto files = /._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
samba  |        write list = foo baz
samba  | smbd version 4.16.8 started.
samba  | Copyright Andrew Tridgell and the Samba Team 1992-2022
samba  | directory_create_or_exist: mkdir failed on directory /var/lib/samba/private/msg.sock: No such file or directory
samba exited with code 1
ryanmark commented 1 year ago

Followup: When I get a shell in the container without running the entrypoint, I find it's impossible (somehow) to rm /var/lib/samba. I don't receive any error messages, the volume is not mounted read-only, lsattr and chattr just complains that the directory is not a tty, there is no @ to suggest some ACL is applied.

So if /var/lib/samba is somehow set to immutable, the entrypoint script would definitely accidentally create the /var/lib/samba/lib symlink.

I wonder if there was some recent selinux change on arch that I run these containers on that causes this break, since it seems to affect older versions of this container image that used to work for me.

crazy-max commented 1 year ago

Interesting, what's the output of ls -al /data/ && ls -al /var/lib/?

crazy-max commented 1 year ago

Btw do you use docker restart or docker compose restart? It might be the issue.

crazy-max commented 1 year ago

Was able to repro, will push a fix

crazy-max commented 1 year ago

@ryanmark Should be fixed with latest release, let me know it it looks good on your side.

ryanmark commented 1 year ago

@crazy-max thanks for the quick turnaround! I really appreciate it!

Unfortunately this doesn't fix the issue I reported in #48 for me. Instead, I had to make these changes to the entrypoint:

echo "Initializing files and folders"
mkdir -p /data/cache /data/lib
if [ -z "$(ls -A /data/lib)" ]; then
  cp -r /var/lib/samba/* /data/lib/
fi
rm -rf /var/lib/cache /var/lib/samba/*
ln -sf /data/cache /var/cache/samba
ln -sf /data/lib/* /var/lib/samba/

For some reason rm -rf /var/lib/samba does not remove the /var/lib/samba directory, although it removes everything in the directory.

I haven't been able to figure out the problem, but I suspect the root cause here has something to do with my environment - Running docker on an arch LXC container on ProxMox with a ZFS file system. Apparently this combination of stuff can create issues, overlay fs and zfs don't always get along and ProxMox folks don't recommend using Docker in an LXC.

Gonna use my work around until I can retest in a supported configuration.

Thanks again for your attention!

DavidMikeSimon commented 1 year ago

I am also experiencing this issue. I have the /data volume on a ZFS filesystem, but am not using ProxMox or LXC.

barsikus007 commented 11 months ago

+1 on that issue I moved docker folder to ZFS and started to experience that issues

I have directory_create_or_exist: mkdir failed on directory /var/lib/samba/private/msg.sock: No such file or directory line repeated in logs

I tried attach to container and create private directory but I have mkdir: cannot create directory ‘private’: Invalid argument error

I mounted whole /var/lib/samba/private/ dir info ZFS, and issue resolved

Finaly, I turned zfs docker driver and all started to work as intended

djcrawleravp commented 7 months ago

+1 on that issue I moved docker folder to ZFS and started to experience that issues

I have directory_create_or_exist: mkdir failed on directory /var/lib/samba/private/msg.sock: No such file or directory line repeated in logs

I tried attach to container and create private directory but I have mkdir: cannot create directory ‘private’: Invalid argument error

I mounted whole /var/lib/samba/private/ dir info ZFS, and issue resolved

Finaly, I turned zfs docker driver and all started to work as intended

Sorry can you explain how did you solve this? I have everything on the same boot drive with a simple raspberry pi 4 It wa working and after restarting the pi I'm having the same issue

barsikus007 commented 7 months ago

+1 on that issue I moved docker folder to ZFS and started to experience that issues I have directory_create_or_exist: mkdir failed on directory /var/lib/samba/private/msg.sock: No such file or directory line repeated in logs I tried attach to container and create private directory but I have mkdir: cannot create directory ‘private’: Invalid argument error I mounted whole /var/lib/samba/private/ dir info ZFS, and issue resolved Finaly, I turned zfs docker driver and all started to work as intended

Sorry can you explain how did you solve this? I have everything on the same boot drive with a simple raspberry pi 4 It wa working and after restarting the pi I'm having the same issue

if you use ZFS then enable driver in other case idk