Integración Unix AIX, Samba, Winbind, SSH y dominio Windows (1/8) - Instalación

Home del documento

En esta entrada se cubre la intalación de Samba sobre un sistema operativo AIX 5.3, mediante paquete binario precompilado descargado desde

http://us1.samba.org/samba/ftp/Binary_Packages/AIX/

La explicación se basa en la instalación de la versión 3.0.26a

En este caso, la instalación del paquete precompilado no incluye algunas opciones importantes, como por ejemplo la posibilidad de trabajar con PAM. Estas opciones se tratan más adelante en la instalación mediante compilación de código fuente:


- Gunzipeo y destareo:

# pwd
/usr/src/samba
# ls
README.htm
opt-samba-3.0.26a-AIX5.tar.gz
opt-samba-3.0.26a-AIX5.tar.asc
opt-samba-base.tar.asc
opt-samba-base.tar.gz
# ls *.gz
opt-samba-3.0.26a-AIX5.tar.gz opt-samba-base.tar.gz
# gunzip opt-samba-base.tar.gz
# gunzip opt-samba-3.0.26a-AIX5.tar.gz
# mkdir /tmp/samba
# cp -p opt-samba-base.tar opt-samba-base-AIX5.tar /tmp/samba
# cp -p opt-samba-3.0.26a-AIX5.tar /tmp/samba
# cd /tmp/samba
# ls
opt-samba-3.0.26a-AIX5.tar
opt-samba-base.tar
# tar -xf opt-samba-3.0.26a-AIX5.tar
# tar -xf opt-samba-base.tar


- Simulacro de instalación mediante installp -l:

# installp -lE -d.
*******************************************************************************
installp PREVIEW: installation will not actually occur.
*******************************************************************************

+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.

Selected Filesets
-----------------
pware.BerkeleyDB.4.4-NC.rte 4.4.20.4 # Patched Berkeley DB 4.4.20-NC
pware.MIT-krb5.rte 1.4.4.1 # MIT Kerberos 1.4.4
pware.base.rte 5.2.0.0 # pware base for AIX 5.2
pware.cyrus-sasl.rte 2.1.22.0 # Cyrus SASL 2.1.22
pware.gcc-shared-libs.rte 4.1.1.0 # gcc shared libs 4.1.1
pware.libiconv.rte 1.9.2.0 # libiconv 1.9.2
pware.openldap.rte 2.3.27.0 # OpenLDAP 2.3.27
pware.openssl.rte 0.9.8.3 # OpenSSL 0.9.8c
pware.popt.rte 1.7.0.0 # popt 1.7
pware.samba-3.0.26a.rte 3.0.26.1 # Samba 3.0.26a

<< End of Success Section >>

FILESET STATISTICS
------------------
10 Selected to be installed, of which:
10 Passed pre-installation verification
----
10 Total to be installed

RESOURCES
---------
Estimated system resource requirements for filesets being installed:
(All sizes are in 512-byte blocks)
Filesystem Needed Space Free Space
/usr 7837 28591976
/opt 557944 9631888
----- -------- ------
TOTAL: 565781 38223864

NOTE: "Needed Space" values are calculated from data available prior
to installation. These are the estimated resources required for the
entire operation. Further resource checks will be made during
installation to verify that these initial estimates are sufficient.
Use the option to extend filesystems (-X flag) to ensure that any
additional resources which may be needed are automatically allocated.

LICENSE AGREEMENTS
------------------
License agreement for:
pware.base.rte
pware.samba-3.0.26a.rte
pware.openldap.rte
pware.cyrus-sasl.rte
pware.gcc-shared-libs.rte
pware.libiconv.rte
pware.openssl.rte
pware.popt.rte
pware.samba-3.0.26a.rte
pware.BerkeleyDB.4.4-NC.rte
pware.MIT-krb5.rte

THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
...
are THE SOLE RESPONSIBILITY OF THE INSTALLER.

******************************************************************************
End of installp PREVIEW. No apply operation has actually occurred.
******************************************************************************


- Viendo que parece que no va a haber problemas, procedemos a instalar de verdad:

# installp -agYX -d. all
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

SUCCESSES
---------
Filesets listed in this section passed pre-installation verification
and will be installed.

Selected Filesets
-----------------
pware.BerkeleyDB.4.4-NC.rte 4.4.20.4 # Patched Berkeley DB 4.4.20-NC
pware.MIT-krb5.rte 1.4.4.1 # MIT Kerberos 1.4.4
pware.base.rte 5.2.0.0 # pware base for AIX 5.2
pware.cyrus-sasl.rte 2.1.22.0 # Cyrus SASL 2.1.22
pware.gcc-shared-libs.rte 4.1.1.0 # gcc shared libs 4.1.1
pware.libiconv.rte 1.9.2.0 # libiconv 1.9.2
pware.openldap.rte 2.3.27.0 # OpenLDAP 2.3.27
pware.openssl.rte 0.9.8.3 # OpenSSL 0.9.8c
pware.popt.rte 1.7.0.0 # popt 1.7
pware.samba-3.0.26a.rte 3.0.26.1 # Samba 3.0.26a

<< End of Success Section >>

FILESET STATISTICS
------------------
10 Selected to be installed, of which:
10 Passed pre-installation verification
----
10 Total to be installed

+-----------------------------------------------------------------------------+
Installing Software...
+-----------------------------------------------------------------------------+

installp: APPLYING software for:
pware.base.rte 5.2.0.0

Filesets processed: 1 of 10 (Total time: 2 secs).

installp: APPLYING software for:
pware.MIT-krb5.rte 1.4.4.1

Filesets processed: 2 of 10 (Total time: 6 secs).

installp: APPLYING software for:
pware.BerkeleyDB.4.4-NC.rte 4.4.20.4

Filesets processed: 3 of 10 (Total time: 33 secs).

installp: APPLYING software for:
pware.popt.rte 1.7.0.0

Filesets processed: 4 of 10 (Total time: 35 secs).

installp: APPLYING software for:
pware.openssl.rte 0.9.8.3

Filesets processed: 5 of 10 (Total time: 55 secs).

installp: APPLYING software for:
pware.libiconv.rte 1.9.2.0

Filesets processed: 6 of 10 (Total time: 58 secs).

installp: APPLYING software for:
pware.gcc-shared-libs.rte 4.1.1.0

Filesets processed: 7 of 10 (Total time: 1 mins 1 secs).

installp: APPLYING software for:
pware.cyrus-sasl.rte 2.1.22.0

Filesets processed: 8 of 10 (Total time: 1 mins 3 secs).

installp: APPLYING software for:
pware.openldap.rte 2.3.27.0

Filesets processed: 9 of 10 (Total time: 1 mins 9 secs).

installp: APPLYING software for:
pware.samba-3.0.26a.rte 3.0.26.1

Restoring files, please wait.
Finished processing all filesets. (Total time: 2 mins 3 secs).

+-----------------------------------------------------------------------------+
Summaries:
+-----------------------------------------------------------------------------+

Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
pware.base.rte 5.2.0.0 USR APPLY SUCCESS
pware.MIT-krb5.rte 1.4.4.1 USR APPLY SUCCESS
pware.BerkeleyDB.4.4-NC.rte 4.4.20.4 USR APPLY SUCCESS
pware.popt.rte 1.7.0.0 USR APPLY SUCCESS
pware.openssl.rte 0.9.8.3 USR APPLY SUCCESS
pware.libiconv.rte 1.9.2.0 USR APPLY SUCCESS
pware.gcc-shared-libs.rte 4.1.1.0 USR APPLY SUCCESS
pware.cyrus-sasl.rte 2.1.22.0 USR APPLY SUCCESS
pware.openldap.rte 2.3.27.0 USR APPLY SUCCESS
pware.samba-3.0.26a.rte 3.0.26.1 USR APPLY SUCCESS
#


- Hacemos limpieza:

# installp -u pware.*
+-----------------------------------------------------------------------------+
Pre-deinstall Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...

WARNINGS
--------
Problems described in this section are not likely to be the source of any
immediate or serious failures, but further actions may be necessary or
desired.

Not Installed
-------------
No software could be found on the system that could be deinstalled for the
following requests:

pware.BerkeleyDB.4.4-NC.4.4.20.4.bff
pware.MIT-krb5.1.4.4.1.bff
pware.base.5.2.0.0.bff
pware.cyrus-sasl.2.1.22.0.bff
pware.gcc-shared-libs.4.1.1.0.bff
pware.libiconv.1.9.2.0.bff
pware.openldap.2.3.27.0.bff
pware.openssl.0.9.8.3.bff
pware.popt.1.7.0.0.bff
pware.samba-3.0.26a.3.0.26.1.bff

(The fileset may not be currently installed, or you may have made a
typographical error.)

<< End of Warning Section >>

FILESET STATISTICS
------------------
10 Selected to be deinstalled, of which:
10 FAILED pre-deinstall verification
----
0 Total to be deinstalled


Pre-installation Failure/Warning Summary
----------------------------------------
Name Level Pre-installation Failure/Warning
-------------------------------------------------------------------------------
pware.BerkeleyDB.4.4-NC.4 Nothing by this name to deinstall
pware.MIT-krb5.1.4.4.1.bf Nothing by this name to deinstall
pware.base.5.2.0.0.bff Nothing by this name to deinstall
pware.cyrus-sasl.2.1.22.0 Nothing by this name to deinstall
pware.gcc-shared-libs.4.1 Nothing by this name to deinstall
pware.libiconv.1.9.2.0.bf Nothing by this name to deinstall
pware.openldap.2.3.27.0.b Nothing by this name to deinstall
pware.openssl.0.9.8.3.bff Nothing by this name to deinstall
pware.popt.1.7.0.0.bff Nothing by this name to deinstall
pware.samba-3.0.26a.3.0.2 Nothing by this name to deinstall


- Comprobamos mediante comando que se ha instalado Samba:

# lslpp -L all|grep samba
pware.samba-3.0.26a.rte 3.0.26.1 C F Samba 3.0.26a


- Como prueba, intento arrancar smbd y ver que pasa...

# /opt/pware/samba/3.0.26a/sbin/smbd -D
# echo $?
255


- Da error porque no sabe donde encontrar el fichero smb.conf, así que lo busco entre los filesystems:


# find / -name smb.conf -ls
33462 4 -rw-r--r-- 1 root system 3904 Jan 3 2006 /opt/pware/samba/3.0.26a/examples/LDAP/smbldap-tools-0.9.2/smb.conf
33570 4 -rw-r--r-- 1 root system 793 Feb 25 2005 /opt/pware/samba/3.0.26a/examples/dce-dfs/smb.conf
33763 4 -rw-r--r-- 1 root system 1924 Feb 25 2005 /opt/pware/samba/3.0.26a/examples/tridge/smb.conf


- Copio uno de ellos en /etc que sería su ubicación habitual en AIX. Otra posibilidad sería arrancar el smbd con el parámetro -s e indicarle a continuación un fichero de configuración (con su ruta completa si fuera necesario)


# cp -p /opt/pware/samba/3.0.26a/examples/dce-dfs/smb.conf /etc

... y tuneo el fichero de acuerdo a mis necesidades. Deberí­a quedar más o menos así­:

# cat /etc/smb.conf
[global]
workgroup = DOMINIO
netbios name = modsed
encrypt passwords = yes
security = domain
log file = /var/log/samba/samba.log

# separate domain and username with '\', like DOMAIN\username
winbind separator = \\

# use uids from 10000 to 20000 for domain users
idmap uid = 10000-20000

# use gids from 10000 to 20000 for domain groups
idmap gid = 10000-20000

# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes

[dosys]
comment = Testing Samba and Active Directory integration
path = /home/dosys
read only = no
public = no
writable = yes
printable = no


- Creo un directorio de log en la ruta que he definido en el fichero de antes...

# mkdir /var/log/samba


- Pero lo que hemos instalado espera el fichero smb.conf en la ruta /opt/pware/samba/3.0.26a/lib. Pues nada, linkamos en esa ruta el fichero que he copiado en el paso anterior...

# ln -s /etc/smb.conf /opt/pware/samba/3.0.26a/lib/smb.conf

... y tuneo el PATH en el /etc/profile:

# cat /etc/profile
...
export SAMBA_HOME=/opt/pware/samba/3.0.26a
export PATH=$PATH:$SAMBA_HOME/bin:$SAMBA_HOME/sbin

#


- Preparo, si no existe ya, la ruta del recurso compartido que he definido ([dosys])

# mkdir -p /home/dosys
# chown -R dosys:teson /home/dosys


- Vuelvo a arrancar, a ver que pasa ahora:

# smbd -D
# echo $?
0

# nmbd -D
# echo $?
0


Parece que ahora tira.


Home del documento

2 Comentarios:

hey hey rony dijo...

Tu manual me parece estupendo !!!!!!! asi como el Sr. Puertas que crea un S.O. "ventas"estuvo muy bna, me parti!!!!!!!!!!!!!!!!

Una consulta estoy con Ubuntu 8.04 quiero meter esta máquina a un dominio windows , e probado con "likewise" http://www.likewise.com/ , me lo e descargado con el Synaptic, lo e configurado para agregsar a mi dominio "bcrichs.net" y me va bien, agrego la máquina es mas me puedo validar como un usuario de dominio, el problema que al reiniciar el linux trato de validarme como usuario del dominio y me dice "error" y otra veces se queda colgado..................
Si puedes ayudarme , muchas gracias...................en todo caso cual seria la mejor manera de hacerlo..........

Pere Moltó Agut dijo...

Hola hey hey rony, gracias por tu comentario. No conocía el paquete likewise por lo que no me atrevo a opinar muy a fondo. Igual ya lo has mirado, lo primero que se me ocurre es que cuando el equipo arranca no suba el daemon correspondiente (/en etc/init.d sería lo normal). Como siempre en estos casos un log detallado es imprescindible. Intenta localizarlo y a ver que nos dice.