Package: samba
Version: 2:4.2.14+dfsg-0+deb8u12
Severity: normal
Hello,
When searching for information about users who have connected to a certain
share in our file sharing service, we realize that the Samba suite's
"service.c" module no longer registers this connection in the service logs
(/var/log/samba/log.smbd, in our configuration). In previous versions of
Debian, as well as in the currently stable (stretch), the Samba daemon recorded
the following message when a user connected to the share:
[2019/04/30 09:36:16.865504, 2]
../source3/smbd/service.c:841(make_connection_snum)
Computer_Name (Source IP Address:Port) connect to service share_name
initially as user username (uid=65534, gid=65534) (pid 6804)
And when the user disconnects from the share:
[2019/04/30 09:36:20.817461, 2] ../source3/smbd/service.c:1120(close_cnum)
Computer_Name (Source IP Address:Port) closed connection to service share_name
To reproduce the situation it is necessary to access a share, on the Samba file
server, with a valid user, as in the following example:
smbclient //192.168.1.10/sharename -U username -W DOMAINNAME
The messages previously displayed are no longer registered in the log file even
with the policy "log level = 2 auth:3".
Our Samba file service configuration in use is the following:
[global]
workgroup = DOMAINNAME
netbios name = SERVER
netbios aliases = SERVEROLD
passdb backend = ldapsam:"ldaps://ldap.server.name
ldaps://other.ldap.server.name"
ldap admin dn = uid=bind-account,ou=organization,dc=mydcname1,dc=mydcname2
ldap suffix = ou=organization,dc=mydcname1,dc=mydcname2
ldap passwd sync = no
ldap ssl = no
ldap timeout = 5
admin users = @smb-org-administrators
dns proxy = no
name resolve order = wins bcast
server string =
load printers = no
unix charset = utf8
nt acl support = yes
unix extensions = no
msdfs root = yes
max log size = 0
log level = 2 auth:3
wins support = yes
preferred master = Yes
local master = Yes
domain master = Yes
os level = 233
domain logons = yes
time server = yes
logon drive = u:
logon path =
logon home = \\archives\homes
logon script = %U.bat
guest account = nobody
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
lanman auth = yes
ntlm auth = yes
client lanman auth = yes
client ntlmv2 auth = yes
security = user
encrypt passwords = true
guest account = nobody
kernel oplocks = no
case sensitive = no
hide files = /lost+found/
veto files = /.DS_Store/._.DS_Store/.Trash-*/
load printers = No
printing = bsd
printcap name = /dev/null
disable spoolss = yes
socket options = TCP_NODELAY
vfs objects = full_audit
full_audit:facility = LOCAL5
full_audit:priority = NOTICE
full_audit:prefix = %u|%U|%I|%S
full_audit:success = mkdir rmdir open pwrite rename unlink
full_audit:failure = mkdir rmdir open pwrite rename unlink
[netlogon]
path = /etc/samba/netlogon
root preexec = /etc/samba/scripts/preset.sh %U
writeable = no
I believe that previous versions available in GNU/Debian 8 (jessie) are also
affected by this behavior. Since it brings a lot of relevant information to the
service administration, used since the Samba beginning, I believe that it would
be important to evaluate the problem and forward some correction, if possible.
Regards.
-- System Information:
Debian Release: 8.11
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages samba depends on:
ii adduser 3.113+nmu3
ii dpkg 1.17.27
ii libbsd0 0.7.0-2
ii libc6 2.19-18+deb8u10
ii libhdb9-heimdal [heimdal-hdb-api-8] 1.6~rc2+dfsg-9+deb8u1
ii libldb1 2:1.1.20-0+deb8u2
ii libpam-modules 1.1.8-3.1+deb8u2+b1
ii libpam-runtime 1.1.8-3.1+deb8u2
ii libpopt0 1.16-10
ii libpython2.7 2.7.9-2+deb8u2
ii libtalloc2 2.1.2-0+deb8u1
ii libtdb1 1.3.6-0+deb8u1
ii libtevent0 0.9.28-0+deb8u1
ii lsb-base 4.1+Debian13+nmu1
ii multiarch-support 2.19-18+deb8u10
ii procps 2:3.3.9-9+deb8u1
ii python 2.7.9-1
ii python-dnspython 1.12.0-1
ii python-ntdb 1.0-5
ii python-samba 2:4.2.14+dfsg-0+deb8u12
ii python2.7
