Re: [Samba] Permissions problem
Le 24/12/2012 17:33, Michael B. Trausch a écrit : On 12/20/2012 10:05 AM, Bruno MACADRE wrote: If I copy this file in command line the mode is 660 as expected, If I want to simulate the file explorer behaviour I must do a 'cp --preserve=mode' copy. Is there a way to forbid this behaviour ? Or is there something wrong in my configuration ? The only way that I could think of would be to write a Samba VFS module that prevented invocation of the chown(2) and chmod(2) system calls (and friends). Such a VFS module would need to return a suitable error code, which would more than likely then be passed back to the client. Or you could simply stub the chown/chmod (and friends!) system calls such that they return success but are effectively no-ops. Someone else with more intimate experience with Samba's code may have a better option, but that's the only one I can think of at the moment. HTH, Mike That was a really good idea, I've just write fake_chmod VFS module that intercept chmod (and friends) invocations and return 0 without do anything. This module works perfectly. I tested it with nautilus and the final rights on the file are like expected. I haven't tested on win7 yet but I think that it should be the same behaviour. Thanks for your idea, Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Permissions problem
Hi, I've got a strange behaviour on a share when I copy files with files explorers (like Thunar, Nautilus, ...). This is the share configuration : [share1] comment = Share 01 path = /home/shares/share1 valid users = +share1 force group = share1 read only = No create mask = 0660 force create mode = 0660 directory mask = 1770 force directory mode = 1770 browseable = No strict locking = Yes When I copy/paste a file from my computer (which has 444 mode) to the share the resultant file has 444 mode (instead of the 660 expected). I think the mode was changed by the file explorer 'cause when the file was created on the share (and during the copy process) the mode is 660 (like expected) it's just at the end of the copy that the mode was change to reflect mode of the source file. If I copy this file in command line the mode is 660 as expected, If I want to simulate the file explorer behaviour I must do a 'cp --preserve=mode' copy. Is there a way to forbid this behaviour ? Or is there something wrong in my configuration ? Thanx by advance, Regards Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba with ldap+TLS
Hi, No, you don't need CA certificate on win clients 'cause they don't connect directly to the LDAP. Only your Samba server need CA certificate to connect to the LDAP using TLS. Regards, Bruno Le 07/11/2011 18:18, steve a écrit : Hi I know Linux clients need a CA certificate to authenticate via LDAP using TLS. What about win 7 and XP clients using a Samba server? Thanks Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem adding Worstation
Hi ! I've got a server with Samba 3.5.3 with LDAP backend running on it. When I want to add a workstation I've got a strange result First there is the workstation LDAP account : dn: cn=TOTO$,ou=machines,o=ADM-SC,dc=univ-rouen,dc=fr objectClass: top objectClass: person objectClass: posixAccount objectClass: sambaSamAccount cn: TOTO$ sn: TOTO$ uid: TOTO$ uidNumber: 5037 gidNumber: 5000 loginShell: /bin/false homeDirectory: /dev/null gecos: Machine TOTO sambaSID: S-1-5-21-1597492338-1443626506-322857960-11074 When I do the 'smbpasswd -am TOTO' I've got no error but my workstation account becomes a user account !!! When I do 'pdbedit -v TOTO$' I've got this result : smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=ADM-SC))] smbldap_open_connection: connection opened init_sam_from_ldap: Entry found for user: TOTO$ init_group_from_ldap: Entry found for group: 5000 init_group_from_ldap: Entry found for group: 5000 init_group_from_ldap: Entry found for group: 5000 Unix username:TOTO$ NT username: TOTO$ Account Flags:[U ] User SID: S-1-5-21-1597492338-1443626506-322857960-11074 Primary Group SID:S-1-5-21-1597492338-1443626506-322857960-515 Full Name:TOTO$ Home Directory: \\cpd-adm-sc\toto_ HomeDir Drive:Z: Logon Script: toto_.bat Profile Path: \\cpd-adm-sc\profile\toto_ Domain: ADM-SC Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: never Kickoff time: never Password last set:Thu, 05 May 2011 16:12:37 CEST Password can change: Thu, 05 May 2011 16:12:37 CEST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FF -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Group permission
Hi, In your smb.conf you must use the 'force group' option for the share that you want like this : [share] ... force group = MyGroup With this option, all files created/modified by any valid user for this group will be in the 'MyGroup' group. Regards, Bruno. Le 09/12/2010 13:50, Rodolfo Barbosa a écrit : Hi Guys, I have a Debian Lenny that acts as the PDC server of my network. This server has some shares that are accessed for different groups of users. So, when an user creates or changes a folder/file inside that shares, the folder/file has its group changed to the primary group of the user that have made the changes on it. How can I determine to which group this folder/file will belong at the creation/modification time? Thank's -- Rodolfo Barbosa Lunar Consultoria barbosa.rodo...@lunarconsultoria.com.br CEL: +55 (35) 9132-0764 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Share Problem
Hi, Like explained in my precedent mail (Permission Problems), I want to do a share (called partinfo) with basic behaviour : * everybody in group 'info' can create file into the share. * everybody in group 'info' can modify file into the share (not only owned files) * only owner of a file can delete it/rename it ! I put a Sticky Bit on my share folder so I've got : drwxrwx--T rootinfo. partinfo It works fine localy, but when I want to use the share, it doesn't work at all, 'cause when I modify a file, some applications (like Gedit, Word, ...) try to change the owner of the file... So I can't write... Anybody have any ideas or any tips ? Thanks Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Share Problem
Le 06/12/2010 15:47, Chris Smith a écrit : On Mon, Dec 6, 2010 at 8:28 AM, Bruno MACADRE bruno.maca...@univ-rouen.fr wrote: Like explained in my precedent mail (Permission Problems), I want to do a share (called partinfo) with basic behaviour : * everybody in group 'info' can create file into the share. * everybody in group 'info' can modify file into the share (not only owned files) * only owner of a file can delete it/rename it ! I put a Sticky Bit on my share folder so I've got : drwxrwx--T rootinfo. partinfo It works fine localy, but when I want to use the share, it doesn't work at all, 'cause when I modify a file, some applications (like Gedit, Word, ...) try to change the owner of the file... So I can't write... Anybody have any ideas or any tips ? Try: chmod 1777 /path/to/partinfo [partinfo] ... ... valid users = +info read only = no force group = info force create mode = 764 force directory mode = 775 ... ... It looks like to works like I want ! Thanks a lot Chris ! -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Permissions problem
Well, I've searched on samba.org why these two versions don't have the same behaviour and I found that's a bug in 3.3.0. So now the problem is a little bit different : I'm on a SAMBA 3.5.6 Server with this share : [partinfo] path=/shares/partinfo valid users = +info force user = %U force group = info write list = +info public = No create mask = 0660 directory mask = 0770 and localy : drwxrwx--T 21 root info 4096 2009-01-17 08:38 partinfo Localy the behaviour is Ok : User FOO put a file in /shares/partinfo : -rw-rw 1 foo info 9 2010-12-03 11:00 foo_file If user BAR wants to delete it : Permission Denied If user BAR wants to modify it : Ok Remotely the behaviour is Bad : If user BAR mount this share and try to delete the file foo_file : Permission Denied (Nice !) If user BAR try to modify it : Permission Denied (Not Nice...) ! I've tried lot of modifications into my smb.conf but nothing works. I want my share works identicaly localy and remotely !! I want that all users in info group can modify all files (except these without 'w' rights) but can only delete files that they own... I'm sure it's possible with SAMBA, but how ? Le 01/12/2010 15:53, Bruno MACADRE a écrit : Permissions for the share are the same in 3.3.0 and 3.5.6, like this : drwxrwx--- 21 root info 4096 2009-01-17 08:38 partinfo thx, Le 01/12/2010 12:14, George Mamalakis a écrit : On 01/12/2010 11:38, Bruno MACADRE wrote: Hello all, I've got an old server running SAMBA 3.3.0. I've some shares on it. All shares looks like this : [partinfo] path=/shares/partinfo valid users = +info force user = %U force group = info read only = No create mask = 0660 directory mask = 0770 All works perfectly : When I create a file on this share other users in the info group can modify it but nobody can delete it (exactly that i want). But, it's time to change our server and to put a newer version of SAMBA (3.5.6). On the new server, the behaviour is totaly different (with the same smb.conf file) : When I create a new file, other users n the group info can modify it AND delete it (exactly that i don't want) !!! Worst ! When I put in this share (localy in root) a file like this : # echo Test /shares/partinfo/testfile # chown root.root /shares/partinfo/testfile # chmod 600 /shares/partinfo/testfile When I return to my share (like above) with my user (not admin user) I can delete the file 'testfile' without any problem !!! I think this behaviour is not the 'normal' behaviour. What can I've missed ? Does anyone have any tips ? Regards, Bruno. Please, show as the /shares/partinfo permissions (which is responsible for reading/writing content into it). Thanx, mamalos -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Permissions problem
Hello all, I've got an old server running SAMBA 3.3.0. I've some shares on it. All shares looks like this : [partinfo] path=/shares/partinfo valid users = +info force user = %U force group = info read only = No create mask = 0660 directory mask = 0770 All works perfectly : When I create a file on this share other users in the info group can modify it but nobody can delete it (exactly that i want). But, it's time to change our server and to put a newer version of SAMBA (3.5.6). On the new server, the behaviour is totaly different (with the same smb.conf file) : When I create a new file, other users n the group info can modify it AND delete it (exactly that i don't want) !!! Worst ! When I put in this share (localy in root) a file like this : # echo Test /shares/partinfo/testfile # chown root.root /shares/partinfo/testfile # chmod 600 /shares/partinfo/testfile When I return to my share (like above) with my user (not admin user) I can delete the file 'testfile' without any problem !!! I think this behaviour is not the 'normal' behaviour. What can I've missed ? Does anyone have any tips ? Regards, Bruno. -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Permissions problem
Permissions for the share are the same in 3.3.0 and 3.5.6, like this : drwxrwx--- 21 root info4096 2009-01-17 08:38 partinfo thx, Le 01/12/2010 12:14, George Mamalakis a écrit : On 01/12/2010 11:38, Bruno MACADRE wrote: Hello all, I've got an old server running SAMBA 3.3.0. I've some shares on it. All shares looks like this : [partinfo] path=/shares/partinfo valid users = +info force user = %U force group = info read only = No create mask = 0660 directory mask = 0770 All works perfectly : When I create a file on this share other users in the info group can modify it but nobody can delete it (exactly that i want). But, it's time to change our server and to put a newer version of SAMBA (3.5.6). On the new server, the behaviour is totaly different (with the same smb.conf file) : When I create a new file, other users n the group info can modify it AND delete it (exactly that i don't want) !!! Worst ! When I put in this share (localy in root) a file like this : # echo Test /shares/partinfo/testfile # chown root.root /shares/partinfo/testfile # chmod 600 /shares/partinfo/testfile When I return to my share (like above) with my user (not admin user) I can delete the file 'testfile' without any problem !!! I think this behaviour is not the 'normal' behaviour. What can I've missed ? Does anyone have any tips ? Regards, Bruno. Please, show as the /shares/partinfo permissions (which is responsible for reading/writing content into it). Thanx, mamalos -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] using ldap only idmap
I don't see any of the add ... script in your smb.conf (especially the add machine script in your case). I don't know if it's the problem but i think it would be usefull to tell smbd how to add machine if its name don't exist in the LDAP... Mariano Absatz a écrit : Can anyone help me on this? I'm really stuck... On Thu, Oct 15, 2009 at 16:58, Mariano Absatz el.b...@gmail.com wrote: Hi, I'm trying to make a pure ldap setup, whereas users, groups, id mappings and everything that is supported with LDAP be in the LDAP tree and managed directly by samba. That is, I'm using: ldapsam:trusted = yes ldapsam:editposix = yes And NOT using smbldap-*. My smb.conf is here: http://wiki.clueless.com.ar/SambaLdap/smb.conf-PDC I created the LDAP tree root (o=midominio) and all its branches (ou=people; ou=groups; ou= hosts and ou=idmap). I ran net sam provision to fill in the basic values. I stored the secrets in secrets.tdb: # smbpasswd -w ldap_admin_password # net idmap secret midominio ldap_admin_password # net idmap secret alloc ldap_admin_password I was able to join a samba server to the domain (net rpc join -S miserver -UAdministrator). However, when I try to join an XP host to the domain, I get an error (IIRC it's An attached device is not functionning) in the workstation and the samba logs show the following: [2009/10/15 11:17:47, 0] passdb/pdb_ldap.c:ldapsam_create_user(5119) ldapsam_create_user: Unable to allocate a new user id: bailing out! The user I'm using to bind to the LDAP server is the LDAP administrator and it does have permissions on all the tree (in particular, within ou=idmap,o=midominio)... I manually added an entry for the workstation's account posix data, then issued smbpasswd -a workstation$ THEN I could join the domain... Clearly, I have something misconfigured regarding ldap/idmap/alloc, but I can't find enough information to do it right. Any help REALLY appreciated... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Desiring to set up Windows Vista and Linux Fedora Core 4
Barry L. Bond a écrit : Hi Michael! Thank you for your fast reply! On Sat, Oct 03, 2009 at 04:35:50PM +0200, Michael Wood wrote: From what you say above, I assume that the Windows machine is on either 192.168.1.x or 192.168.2.x networks? Don't forget to use a full stop after them like: hosts allow 192.168.1. 192.168.2. or you could write it like: hosts allow 192.168.1.0/24 192.168.2.0/24 H... I have hosts allow = 192.168.1., 192.168.2., 127. I have a space between the IP address excerpts (I presume that's what you mean by the full stop), though I also have a comma. I'll remove the commas... What does your smb.conf look like? And what happens when you try to connect/print from the Windows machine? What errors to you get? Here is my current smb.conf file: # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2009/10/03 00:37:16 # Global parameters [global] server string = Windows in Linux - VMware interfaces = eth0, vmnet1, vmnet8 guest account = barry username map = /etc/samba/smbusers log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap preferred master = Yes dns proxy = No idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 guest ok = Yes hosts allow = 192.168.1. 192.168.2. 127. cups options = raw [homes] comment = Home Directories read only = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [HostFS] comment = VMware host filesystem path = / read only = No [barry] path = /home/barry valid users = barry read only = No [HP9110] comment = Hewlett-Packard OfficeJet 9110 path = /var/spool/samba read only = No printable = Yes printer name = HP9110 oplocks = No share modes = No There are a LOT of comments in my original smb.conf file, but since I tried to modify a couple of things using SWAT, I see it removed the comments. Much of what is in this file is what I had, years ago, when I had Windows 98 which I could access through VMware, which was running on my Linux system. (I want to do exactly what I did with that, be able to submit a print job or transfer a file either direction.) After I removed the comments in my hosts allow line, I typed service smb restart in my root window: [r...@barrycon samba]# service smb restart Shutting down SMB services:[ OK ] Shutting down NMB services:[ OK ] Starting SMB services: [ OK ] Starting NMB services: [ OK ] On the Windows computer, I clicked Start and then Network. I double-clicked OFFICE-WINDOWS. I double-clicked Add a Printer. Then an Add a printer came up near the top of my explorer, after Organize and Views. Clicking Add a printer, I choose Add a network, wireless or Bluetooth printer in the dialog box that comes up. (Add a local printer is the only other choice here.) It says Searching for available printers... After a delay, it says No printers were found. I click The printer that I want isn't listed and out of the three choices (Browse for a printer, Select a shared printer by name and Add a printer using a TCP/IP address or hostname), I choose the second one, as the printer is connected to my Linux system with a parallel port, and it does not have an IP address. I click in the text box and type \\barrycon\hp9110 The hostname is barrycon (and that is exactly what worked in the Windows 98/VMware I did years ago), and if I type lpstat -v the first line says device for HP9110:. Another dialog box says Connecting to hp9110 on barrycon and after a short delay it says Windows cannot connect to the printer. The server print spooler service is not running. Please restart the spooler on the server or restart the server machine. Michael, in the extremely limited time I've given this, I don't appear to be communicating at all. I thank you that you and others are trying to help me, so I believe I will just see if you or anyone else replies before I mess something up worse! :-) Thank you again! Barry Hi, Is your samba server a wins server (i don't see it in your smb.conf) ? Or have you a wins server on your network ? Have you try to put barrycon's IP address instead of its name ? (something like \\Barrycon_IP\HP9110) ? Bruno -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] problem with smbd
Bruno Steven a écrit : Ok , I fix but when started the smbd show other problem [2009/10/07 15:19:47, 1] passdb/pdb_ldap.c:pdb_init_ldapsam(5720) pdb_init_ldapsam: Resetting SID for domain AMBLIVRE.COM http://AMBLIVRE.COM based on pdb_ldap results S-1-5-21-755328524-3875606875-861347881 - S-1-5-21-1644746683-2480834100-52597 [2009/10/07 15:19:47, 1] passdb/pdb_ldap.c:pdb_init_ldapsam(5727) New global sam SID: S-1-5-21-1644746683-2480834100-52597 [2009/10/07 15:19:47, 0] services/services_db.c:svcctl_init_keys(420) svcctl_init_keys: key lookup failed! (WERR_ACCESS_DENIED) [2009/10/07 15:19:47, 0] smbd/server.c:main(1057) ERROR: failed to setup guest info. This problem have relation with SSL other thing ? On Wed, Oct 7, 2009 at 6:28 PM, Bruno MACADRE bruno.maca...@univ-rouen.fr mailto:bruno.maca...@univ-rouen.fr wrote: Hi, This message indicate that you have forget to tell your LDAP admin password to SAMBA You just need to give the password for the ldap admin user you specify in your smb.conf (ldap admin dn), using this command : # smbpasswd -w ldap_admin_password or if you prefer # smbpasswd -W (you'll be prompted for the ldap admin password twice) ! Regards, Bruno Bruno Steven a écrit : Hello I try intregate LDAP more SAMBA , when I start the process smbd -D show the message follow [2009/10/07 14:58:12, 0] lib/smbldap.c:smbldap_connect_system(942) ldap_connect_system: Failed to retrieve password from secrets.tdb [2009/10/07 14:58:12, 0] smbd/server.c:main(1057) ERROR: failed to setup guest info. Somebody can explain the message , I don´t understand this message. Thanks .. -- Bruno Steven - Administrador de sistemas. LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4 https://www.lpi.org/caf/Xamman/certification MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100 https://mcp.microsoft.com/authenticate/validatemcp.aspx Are you sure that the ldap admin dn you've supplied have full access over your LDAP ? -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX FRANCE Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] problem with smbd
Hi, This message indicate that you have forget to tell your LDAP admin password to SAMBA You just need to give the password for the ldap admin user you specify in your smb.conf (ldap admin dn), using this command : # smbpasswd -w ldap_admin_password or if you prefer # smbpasswd -W (you'll be prompted for the ldap admin password twice) ! Regards, Bruno Bruno Steven a écrit : Hello I try intregate LDAP more SAMBA , when I start the process smbd -D show the message follow [2009/10/07 14:58:12, 0] lib/smbldap.c:smbldap_connect_system(942) ldap_connect_system: Failed to retrieve password from secrets.tdb [2009/10/07 14:58:12, 0] smbd/server.c:main(1057) ERROR: failed to setup guest info. Somebody can explain the message , I don´t understand this message. Thanks .. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] MSH_SHUTDOWN
id : 0x0cb6 (3254) src: struct server_id id : 0x0cb6 (3254) buf : DATA_BLOB length=0 [2009/10/04 23:10:45, 10] smbd/process.c:667(smbd_idle_event_handler) smbd_idle_event_handler: idle_evt(deadtime) (nil) stopped [2009/10/04 23:10:45, 10] lib/messages_local.c:73(messaging_tdb_signal_handler) messaging_tdb_signal_handler: sig[10] count[1] msgs[1] [2009/10/04 23:10:45, 10] lib/messages_local.c:447(message_dispatch) message_dispatch: received_messages = 1 [2009/10/04 23:10:45, 10] lib/messages_local.c:196(messaging_tdb_fetch) messaging_tdb_fetch: [2009/10/04 23:10:45, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) result: struct messaging_array num_messages : 0x0001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x0002 (2) msg_type : MSG_SHUTDOWN (13) dest: struct server_id id : 0x0cb6 (3254) src: struct server_id id : 0x0cb6 (3254) buf : DATA_BLOB length=0 [2009/10/04 23:10:45, 3] smbd/server.c:146(msg_exit_server) got a SHUTDOWN message [2009/10/04 23:10:45, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/04 23:10:45, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/04 23:10:45, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/04 23:10:45, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2009/10/04 23:10:45, 3] smbd/connection.c:31(yield_connection) Yielding connection to [2009/10/04 23:10:45, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key B60C [2009/10/04 23:10:45, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb9b00ad8 [2009/10/04 23:10:45, 3] smbd/connection.c:42(yield_connection) deleting connection record returned NT_STATUS_NOT_FOUND [2009/10/04 23:10:45, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key B60C [2009/10/04 23:10:45, 3] smbd/server.c:845(exit_server_common) [2009/10/04 23:10:45, 6] param/loadparm.c:6994(lp_file_list_changed) lp_file_list_changed() file /etc/samba/smb.conf - /etc/samba/smb.conf last mod_time: Fri Oct 2 23:47:47 2009 [2009/10/04 23:10:45, 5] smbd/reply.c:498(reply_special) init msg_type=0x81 msg_flags=0x0 I've got 722 got a SHUTDOWN between 04-Oct-2009 at 21:43:28 and Today (05-Oct-2009) at 9:50:25... This server hasn't been used during this period. I don't know if there is a relation between this behavior and my problems (see smbd crash messages), but this servers have restarted this night (04-Oct at 23:00) at 00:00 his load average was 0.00 and Mem used : 190 Mb. This morning (9:50) his load average is 0.00 but Mem Used have growed to 2.37 Gb (without any activities). To be continued... Regards, Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] MSG_SHUTDOWN
Sorry for the mistyped subject, you must read MSG_SHUTDOWN instead of MSH_SHUTDOWN ! Sorry, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Can't compiling over CIFS Shares
Hi, My problems with Samba continue... I'm very disappointed, i've never had as problems with Samba before (on my old server with Gentoo/Samba 3.0.23...). So the new problem is : When a student want to compile a C program into his home (mounted in CIFS), the produced executable can't be executed ./tst: cannot execute binary file. Tried on ubuntu-9.04 with mount.cifs 3.2.3 and mount.cifs 3.4.2. How to reproduce : 1- Mount a CIFS share on a workstation : # mount -t cifs -ousername=toto //192.168.0.10/toto TMP 2- Go to this mount # cd TMP 3- Write a small C program # vi main.c int main(int argc, char *argv[]) { return 0; } 4- Try to compile and execute them : a- First way : # gcc -o tst main.c Compilation OK # ./tst ./tst: cannot execute binary file b- Second way : # gcc -c main.c Compilation OK # gcc -o tst main.o main.o: file not recognized: File format not recognized collect2: ld returned 1 exit status You can try to evaluate the type of file .o. When you compile on a local directory of the workstation : # file main.o main.o: ELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), not stripped But if you compile in a CIFS share # file main.o main.o: data Any idea ?? I've a simple configuration Samba (3.4.2) as PDC and smbpasswd as passdb backend (the bug #6771 of ldapsam obliges me to workaround with smbpasswd). My shares are physicaly on XFS Filesystem with acl activated. Actually my SAMBA works fine with Windows but it's totally unusable under Linux... To be continued... Regards, Bruno. PS : If something is interrested by this problem (i hope for), i can send my smb.conf and any log files (log level 10 activated) ! -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd Crash
Volker Lendecke a écrit : On Fri, Oct 02, 2009 at 04:33:39PM +0200, Bruno MACADRE wrote: Ok I will turn log to level 10 for the next restart of the server, when this crash happening i will send you all the lines requested :) Another clue, the crash appear only for user who connect under linux (so for user who mount their homes and shares in CIFS). Users using WinXP Pro Workstations have no problem (while server don't crash of course ^^). Oh, that is indeed a very good hint. What cifs version are you running, and what apps? Volker I've no more information about the crash evoked in my previous message, but last mail of Ralph Kutschera (Unknown panic action) points my reflexions about Why my server seems to be hang when a panic action ?? The answer is pretty simple, i've no panic action in my smb.conf, and in the man i can read Default: panic action =. But if i type the following command : # testparm -v | grep panic I've got : panic action = /bin/sleep 9 I don't know why in samba 3.4.2 the new default for panic action is /bin/sleep 9 but if i do a simple calcul, this means that my server sleep during 31 years when a crash appears 31 years... it's long, so i'm going to activate a REAL panic action in my smb.conf !! This can't resolv neither my ldapsam problem (bug #6771) nor my smbd crash when mounting some CIFS under linux (and even nor my problem of broken compilation over CIFS share), but i think my would be more efficient without sleeping 31 years !! Regards, Bruno. -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't compiling over CIFS Shares
Volker Lendecke a écrit : On Mon, Oct 05, 2009 at 04:30:41PM +0200, Bruno MACADRE wrote: Hi, My problems with Samba continue... I'm very disappointed, i've never had as problems with Samba before (on my old server with Gentoo/Samba 3.0.23...). So the new problem is : When a student want to compile a C program into his home (mounted in CIFS), the produced executable can't be executed ./tst: cannot execute binary file. Tried on ubuntu-9.04 with mount.cifs 3.2.3 and mount.cifs 3.4.2. Isn't this more a problem with linux cifs rather than Samba on the server? The mount.cifs version has only minor relevance on the behaviour of the in-kernel module. Volker Maybe, Actually my kernel is 2.6.28-15-generic (basic ubuntu-desktop kernel). I'll try another kernel and tell you what's happened Bruno. -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd Crash
Volker Lendecke a écrit : On Mon, Oct 05, 2009 at 04:42:00PM +0200, Bruno MACADRE wrote: I've got : panic action = /bin/sleep 9 I don't know why in samba 3.4.2 the new default for panic action is /bin/sleep 9 but if i do a simple calcul, this means that my server sleep during 31 years when a crash appears 31 years... it's long, so i'm going to activate a REAL panic action in my smb.conf !! We choose this default only if you compile with --enable-developer=yes. It is intended for developers which want to attach to the crashed process with gdb. This can't resolv neither my ldapsam problem (bug #6771) nor my smbd crash when mounting some CIFS under linux (and even nor my problem of broken compilation over CIFS share), but i think my would be more efficient without sleeping 31 years !! For the cifs mounting crash Jeremy Allison probably has a fix. This just sounds too similar to bug #6776. For #6771: You might want to look at ldapsam:editposix=yes. Volker Yes, i've compiled samba with --enable-debug and --enable-developper to use gdb and valgrind and forgot it (ouch... i think i need to sleep a little ^^) Thanks for your answers i will try this ASAP ! Regards, Bruno. -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't compiling over CIFS Shares
Jonathon Doran a écrit : Quoting Bruno MACADRE bruno.maca...@univ-rouen.fr: Volker Lendecke a écrit : On Mon, Oct 05, 2009 at 04:30:41PM +0200, Bruno MACADRE wrote: Hi, My problems with Samba continue... I'm very disappointed, i've never had as problems with Samba before (on my old server with Gentoo/Samba 3.0.23...). So the new problem is : When a student want to compile a C program into his home (mounted in CIFS), the produced executable can't be executed ./tst: cannot execute binary file. Tried on ubuntu-9.04 with mount.cifs 3.2.3 and mount.cifs 3.4.2. Isn't this more a problem with linux cifs rather than Samba on the server? The mount.cifs version has only minor relevance on the behaviour of the in-kernel module. Volker Maybe, Actually my kernel is 2.6.28-15-generic (basic ubuntu-desktop kernel). I'll try another kernel and tell you what's happened Another kernel seems overkill, and slow. This sounds like a problem with mounting options to me. What was the command-line or the fstab entry for this filesystem? Perhaps we can see something wrong there. Like described in my previous message, my mounting options are very simple : In my pam_mount.conf.xml the mount is like that : volume user=* fstype=cifs server=SERVER_IP path=%(USER) mountpoint=~ options=exec,nodev,nosuid,domain=MY-DOMAIN,charset=utf8,acl / But even if i do a simple mount like this : mount -t cifs -ousername=user //SERVER_IP/user REP and when i compile into REP files produced are corrupted... -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd Crash
Volker Lendecke a écrit : On Mon, Oct 05, 2009 at 04:58:22PM +0200, Volker Lendecke wrote: For #6771: You might want to look at ldapsam:editposix=yes. I meant ldapsam:trusted=yes Volker Even with ldapsam:trusted=yes, all the ldap user branch is scanned at the logon of any user... must I use idmap even if i don't use Winbind ? ('cause my LDAP doesn't have idmap branch for instance) -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd Crash
Jeremy Allison a écrit : On Fri, Oct 02, 2009 at 10:43:07AM +0200, Bruno MACADRE wrote: Hi, I don't stop to have problems with samba :s ... Now after having workaround the bug of scanning all LDAP users for each connexion... smbd crash very often. In some workstation log files i can see something like this : ... [2009/10/01 16:28:12, 2] smbd/open.c:580(open_file) baala opened file .profiles/firefox/cookies.sqlite-journal read=No write=No (numopen=20) [2009/10/01 16:28:12, 2] smbd/close.c:612(close_normal_file) baala closed file .profiles/firefox/cookies.sqlite-journal (numopen=19) NT_STATUS_OK *** glibc detected *** /usr/sbin/smbd: realloc(): invalid next size: 0x0955c5c8 *** === Backtrace: = /lib/tls/i686/cmov/libc.so.6[0xb7cca604] /lib/tls/i686/cmov/libc.so.6[0xb7cce1b1] /lib/tls/i686/cmov/libc.so.6(realloc+0x106)[0xb7cceee6] /usr/sbin/smbd(Realloc+0x7d)[0x834326d] /usr/sbin/smbd(brl_lock+0x4a3)[0x82d1f23] /usr/sbin/smbd(do_lock+0x147)[0x82cc517] /usr/sbin/smbd[0x8120467] /usr/sbin/smbd[0x8121e7a] /usr/sbin/smbd(reply_trans2+0x6ef)[0x8123b5f] /usr/sbin/smbd[0x8145848] /usr/sbin/smbd[0x81481ad] /usr/sbin/smbd[0x8148bd2] /usr/sbin/smbd(run_events+0x13c)[0x8353cac] /usr/sbin/smbd(smbd_process+0x791)[0x8147cd1] /usr/sbin/smbd[0x8623a25] /usr/sbin/smbd(run_events+0x13c)[0x8353cac] /usr/sbin/smbd[0x8353f4e] /usr/sbin/smbd(_tevent_loop_once+0x9b)[0x835458b] /usr/sbin/smbd(main+0xc12)[0x8624732] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7c71775] /usr/sbin/smbd[0x80c3e91] === Memory map: This is almost certainly bug 6776 which I just committed a fix for. I'm planning a back-port, what specific Samba version do you need the fix for ? Jeremy. Thanks for this fix, i've patched my Samba 3.4.2 with your fix and the locktest2 works fine... Actualy i can't say if this fix solve my problem, i've disabled mounting CIFS on my linux boxes because my student can't compile on CIFS share (cf my message related to this problem), so for instance i've tranformed my CIFS shares in NFS shares it's less secure but it works... But the bug 6776 describe a behavior really near of my problem. I will tell you if i can re-enabled CIFS on my linux boxes a day ! Thanks for your fix ! Bruno -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbd Crash
Hi, I don't stop to have problems with samba :s ... Now after having workaround the bug of scanning all LDAP users for each connexion... smbd crash very often. In some workstation log files i can see something like this : ... [2009/10/01 16:28:12, 2] smbd/open.c:580(open_file) baala opened file .profiles/firefox/cookies.sqlite-journal read=No write=No (numopen=20) [2009/10/01 16:28:12, 2] smbd/close.c:612(close_normal_file) baala closed file .profiles/firefox/cookies.sqlite-journal (numopen=19) NT_STATUS_OK *** glibc detected *** /usr/sbin/smbd: realloc(): invalid next size: 0x0955c5c8 *** === Backtrace: = /lib/tls/i686/cmov/libc.so.6[0xb7cca604] /lib/tls/i686/cmov/libc.so.6[0xb7cce1b1] /lib/tls/i686/cmov/libc.so.6(realloc+0x106)[0xb7cceee6] /usr/sbin/smbd(Realloc+0x7d)[0x834326d] /usr/sbin/smbd(brl_lock+0x4a3)[0x82d1f23] /usr/sbin/smbd(do_lock+0x147)[0x82cc517] /usr/sbin/smbd[0x8120467] /usr/sbin/smbd[0x8121e7a] /usr/sbin/smbd(reply_trans2+0x6ef)[0x8123b5f] /usr/sbin/smbd[0x8145848] /usr/sbin/smbd[0x81481ad] /usr/sbin/smbd[0x8148bd2] /usr/sbin/smbd(run_events+0x13c)[0x8353cac] /usr/sbin/smbd(smbd_process+0x791)[0x8147cd1] /usr/sbin/smbd[0x8623a25] /usr/sbin/smbd(run_events+0x13c)[0x8353cac] /usr/sbin/smbd[0x8353f4e] /usr/sbin/smbd(_tevent_loop_once+0x9b)[0x835458b] /usr/sbin/smbd(main+0xc12)[0x8624732] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7c71775] /usr/sbin/smbd[0x80c3e91] === Memory map: ... The problem is when this event appear, the smbd of the user crash and put the smbd service in a unusable state... All users already connected can continue to work but no more connexion are allowed, and i see lot of smbd defunct process apprearing. At this time the samba 3.4.1 (and 3.4.2) are unusable at all beacause this behavior appears many dozens time per day... I've tested all the hardware of the server and no problem. The server was equiped with 2 QuadCore E5430 @ 2.66 and 4Gb of memory. I've got 64 Workstations into the domain (all workstation have dual-boot WinXP Pro / Ubuntu 9.04), and about 600 users. Any idea ? Regards, Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd Crash
Bruno MACADRE a écrit : Hi, I don't stop to have problems with samba :s ... Now after having workaround the bug of scanning all LDAP users for each connexion... smbd crash very often. In some workstation log files i can see something like this : ... [2009/10/01 16:28:12, 2] smbd/open.c:580(open_file) baala opened file .profiles/firefox/cookies.sqlite-journal read=No write=No (numopen=20) [2009/10/01 16:28:12, 2] smbd/close.c:612(close_normal_file) baala closed file .profiles/firefox/cookies.sqlite-journal (numopen=19) NT_STATUS_OK *** glibc detected *** /usr/sbin/smbd: realloc(): invalid next size: 0x0955c5c8 *** === Backtrace: = /lib/tls/i686/cmov/libc.so.6[0xb7cca604] /lib/tls/i686/cmov/libc.so.6[0xb7cce1b1] /lib/tls/i686/cmov/libc.so.6(realloc+0x106)[0xb7cceee6] /usr/sbin/smbd(Realloc+0x7d)[0x834326d] /usr/sbin/smbd(brl_lock+0x4a3)[0x82d1f23] /usr/sbin/smbd(do_lock+0x147)[0x82cc517] /usr/sbin/smbd[0x8120467] /usr/sbin/smbd[0x8121e7a] /usr/sbin/smbd(reply_trans2+0x6ef)[0x8123b5f] /usr/sbin/smbd[0x8145848] /usr/sbin/smbd[0x81481ad] /usr/sbin/smbd[0x8148bd2] /usr/sbin/smbd(run_events+0x13c)[0x8353cac] /usr/sbin/smbd(smbd_process+0x791)[0x8147cd1] /usr/sbin/smbd[0x8623a25] /usr/sbin/smbd(run_events+0x13c)[0x8353cac] /usr/sbin/smbd[0x8353f4e] /usr/sbin/smbd(_tevent_loop_once+0x9b)[0x835458b] /usr/sbin/smbd(main+0xc12)[0x8624732] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7c71775] /usr/sbin/smbd[0x80c3e91] === Memory map: ... The problem is when this event appear, the smbd of the user crash and put the smbd service in a unusable state... All users already connected can continue to work but no more connexion are allowed, and i see lot of smbd defunct process apprearing. At this time the samba 3.4.1 (and 3.4.2) are unusable at all beacause this behavior appears many dozens time per day... I've tested all the hardware of the server and no problem. The server was equiped with 2 QuadCore E5430 @ 2.66 and 4Gb of memory. I've got 64 Workstations into the domain (all workstation have dual-boot WinXP Pro / Ubuntu 9.04), and about 600 users. Any idea ? Regards, Bruno So, I've recompiled my samba 3.4.2 and ran through valgrind to show what happening : - First thing, through valgrind i don't see any crash with memory dump (see my previous message) during last 2 hours - When i analyse de valgrind logfile produced i see a lot of error messages like these : ==12818== Invalid read of size 1 ==12818==at 0x53C93F0: _nss_files_setnetgrent (in /lib/tls/i686/cmov/libnss_files-2.9.so) ==12818== ... ==12818== ... ==12818==by 0x41975B: run_events (events.c:126) ==12818== Address 0x4f0f887 is 1 bytes before a block of size 120 alloc'd ==12818==at 0x4826FDE: malloc (vg_replace_malloc.c:207) ==12818==by 0x4B92737: getdelim (in /lib/tls/i686/cmov/libc-2.9.so) ==12818== ... ==12818== ... ==12818==by 0x20FE37: switch_message (process.c:1377) ==12818==by 0x2127EC: process_smb (process.c:1408) I don't know if this kind of allocation errors is normal (if any samba developper team read this ^^), but i think it's a clue for the crash of smbd (with the realloc errors like in my previous message). see you later for further informations... i return checking memory leaks of samba ^^ Regards, Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] smbd Crash
Volker Lendecke a écrit : On Fri, Oct 02, 2009 at 02:54:24PM +0200, Bruno MACADRE wrote: You might try to replace your valid users = @somegroup with valid users = +somegroup. These fixes seem normal, although it would help a lot if you did not cut 90% of the stack trace. Volker Hi Volker, Thanks for this tips, i will try it ASAP... Following the entire stack trace for one process : ==12818== Invalid read of size 1 ==12818==at 0x53C93F0: _nss_files_setnetgrent (in /lib/tls/i686/cmov/libnss_files-2.9.so) ==12818==by 0x4C37B7D: innetgr (in /lib/tls/i686/cmov/libc-2.9.so) ==12818==by 0x1A8151: user_in_netgroup (password.c:409) ==12818==by 0x1AAA11: token_contains_name_in_list (share_access.c:131) ==12818==by 0x1EEBC9: change_to_user (uid.c:134) ==12818==by 0x214F6D: make_connection_snum (service.c:930) ==12818==by 0x216990: make_connection (service.c:1204) ==12818==by 0x1CCF67: reply_tcon_and_X (reply.c:677) ==12818==by 0x20FE37: switch_message (process.c:1377) ==12818==by 0x2127EC: process_smb (process.c:1408) ==12818==by 0x213241: smbd_server_connection_handler (process.c:1887) ==12818==by 0x41975B: run_events (events.c:126) ==12818== Address 0x4f0f887 is 1 bytes before a block of size 120 alloc'd ==12818==at 0x4826FDE: malloc (vg_replace_malloc.c:207) ==12818==by 0x4B92737: getdelim (in /lib/tls/i686/cmov/libc-2.9.so) ==12818==by 0x53C93D3: _nss_files_setnetgrent (in /lib/tls/i686/cmov/libnss_files-2.9.so) ==12818==by 0x4C37B7D: innetgr (in /lib/tls/i686/cmov/libc-2.9.so) ==12818==by 0x1A8151: user_in_netgroup (password.c:409) ==12818==by 0x1AAA11: token_contains_name_in_list (share_access.c:131) ==12818==by 0x1EEBC9: change_to_user (uid.c:134) ==12818==by 0x214F6D: make_connection_snum (service.c:930) ==12818==by 0x216990: make_connection (service.c:1204) ==12818==by 0x1CCF67: reply_tcon_and_X (reply.c:677) ==12818==by 0x20FE37: switch_message (process.c:1377) ==12818==by 0x2127EC: process_smb (process.c:1408) ==12818== ==12818== Invalid read of size 1 ==12818==at 0x53C93F0: _nss_files_setnetgrent (in /lib/tls/i686/cmov/libnss_files-2.9.so) ==12818==by 0x4C37B7D: innetgr (in /lib/tls/i686/cmov/libc-2.9.so) ==12818==by 0x1A8254: user_in_netgroup (password.c:425) ==12818==by 0x1AAA11: token_contains_name_in_list (share_access.c:131) ==12818==by 0x1EEBC9: change_to_user (uid.c:134) ==12818==by 0x214F6D: make_connection_snum (service.c:930) ==12818==by 0x216990: make_connection (service.c:1204) ==12818==by 0x1CCF67: reply_tcon_and_X (reply.c:677) ==12818==by 0x20FE37: switch_message (process.c:1377) ==12818==by 0x2127EC: process_smb (process.c:1408) ==12818==by 0x213241: smbd_server_connection_handler (process.c:1887) ==12818==by 0x41975B: run_events (events.c:126) ==12818== Address 0x4f0fb37 is 1 bytes before a block of size 120 alloc'd ==12818==at 0x4826FDE: malloc (vg_replace_malloc.c:207) ==12818==by 0x4B92737: getdelim (in /lib/tls/i686/cmov/libc-2.9.so) ==12818==by 0x53C93D3: _nss_files_setnetgrent (in /lib/tls/i686/cmov/libnss_files-2.9.so) ==12818==by 0x4C37B7D: innetgr (in /lib/tls/i686/cmov/libc-2.9.so) ==12818==by 0x1A8254: user_in_netgroup (password.c:425) ==12818==by 0x1AAA11: token_contains_name_in_list (share_access.c:131) ==12818==by 0x1EEBC9: change_to_user (uid.c:134) ==12818==by 0x214F6D: make_connection_snum (service.c:930) ==12818==by 0x216990: make_connection (service.c:1204) ==12818==by 0x1CCF67: reply_tcon_and_X (reply.c:677) ==12818==by 0x20FE37: switch_message (process.c:1377) ==12818==by 0x2127EC: process_smb (process.c:1408) ==12818== ==12818== ERROR SUMMARY: 8 errors from 2 contexts (suppressed: 81 from 3) ==12818== malloc/free: in use at exit: 444,418 bytes in 890 blocks. ==12818== malloc/free: 12,782 allocs, 11,892 frees, 1,456,092 bytes allocated. ==12818== For counts of detected errors, rerun with: -v ==12818== searching for pointers to 890 not-freed blocks. ==12818== checked 740,432 bytes. Best regards, Bruno -- Bruno MACADRE --- Ingénieur Systèmes et Réseau | Systems and Network Engineer Département Informatique | Department of computer science Responsable Réseau et Téléphonie | Telecom and Network Manager Université de Rouen | University of Rouen --- Coordonnées / Contact : Université de Rouen Faculté des Sciences et Techniques - Madrillet Avenue de l'Université - BP12 76801 St Etienne du Rouvray CEDEX Tél : +33 (0)2-32-95-51-86 Fax : +33 (0)2-32-95-51-87 --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org
Re: [Samba] Rename Computer In Samba Domain: Access Is Denied
Hi, I've had a similar behavior in compiling 3.4.2 from scratch, not for the library path (--prefix works correctly on ./configure), but for the confdir. I proceed like this : ./configure --prefix=/usr --sysconfdir=/etc/samba --libdir=/usr/lib (other options) make make install But when I launch any tools compiled (testparm, pdbedit, smbd, nmbd, ...) all are searching smb.conf into /usr/lib. After a few research, it appears that Mafefile contain CONFIGDIR=/usr/lib (and not /etc/samba like it must...) after changing CONFIGDIR in the Makefile and make, all works fine. Maybe your problem resides into the Makefile ? Have you try to to use some options into your configure (like --libdir) ? Regards, Bruno m a écrit : Ah, thanks. I tested 3.3.8 and 3.4.2. On 3.3.8 the computer rename still fails with the same log symptoms, but on 3.4.2 the rename actually succeeds. I reckon this is a bug in the 3.2 and 3.3 series. As an aside, in compiling these versions from scratch I am puzzled by if the install scripts (make install) are expected to handle setting up shared library locations. i.e., the shared libraries are installed into /usr/local/samba/lib but the script doesn't appear to do any configuration to enable these to be found when the binaries are loaded. Is this intended to be beyond the scope of the makefiles? Looking around, things like Chapter 42 of the Samba How To (How to Compile Samba) talk about doing a make install and subsequently running the daemons as if there's no other steps to be dealt with. (I did manually set up my ld.so.conf to search the samba/lib directory but don't know if this should've been necessary.) On Thu, Oct 1, 2009 at 5:22 PM, Jeremy Allison j...@samba.org wrote: On Thu, Oct 01, 2009 at 05:09:00PM -0700, m wrote: It still doesn't work and I tried the same on a different Samba installation which is version 3.3.2 and it behaved the same way. (Thus covering versions 3.2.3 and 3.3.2). I didn't mention before, this is with passdb backend = tdbsam. I've been continuing to study the issue and I think the relevant error line is [2009/10/01 16:59:35, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(246) _samr_SetUserInfo: ACCESS DENIED (granted: 0x000d04e4; required: 0x00b0) Ah. Please upgrade to the latest 3.3.8 relesae which had some work in this area (or 3.4.2). Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Too much init_sam_from_ldap...
Bruno MACADRE a écrit : Hi ! I'm working in a educational administration, i've made a domain with a Samba 3.4.1 PDC with a LDAP backend. When a user log into an XP Workstation, i see in the log file a lot of init_sam_from_ldap. In fact, instead of scanning only the user who try to connect, a lot of them are scanned. I've got about 600 account into the LDAP so the time needed by the user to connect into the workstation is a little increased. The problem is also more important when i've pratices sessions because i've between 16 and 64 users that try to log onto the domain at the same time. I see init_sam_from_ldap into all of workstation log files (on the samba server) and the load average of the LDAP server increase dramatically... On a practice session with only 16 users connecting at the same time, the elapsed time before the user can use his workstation is between 5 and 10 minutes !!! When only 1 user try to connect (from the same workstation) the time is lesser than 20 seconds... How can I stop (or limit) all of this init_sam_from_ldap..., to let all of my students working properly ?? Thanks by advance, Bruno Following : Usefull informations * Sample of workstation SAMBA logfile : [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: benoijod [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/09/29 19:13:34, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(102) : conn_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (12268, 1) - sec_ctx_stack_ndx = 0 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(12268, 1) : sec_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(102) : conn_ctx_stack_ndx = 0 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(102) : conn_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: chevamic ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: delapmic ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: demarjoh ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: ouldbahm ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: molinste ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: baerrud ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: brihifay ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: chomacam ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: colomben ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: ducroant ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: ouldmyou ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: mokadabd ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: antiomar ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: andrirad ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: aprilame ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: duperjon ... ... ... * The LDAP Server : DELL PowerEdge 2950 with 2x QuadCore and 4Gb Memory * The SAMBA PDC : DELL PowerEdge 1950 with 2x QuadCore and 4Gb Memory PS: Sorry for my poor english :-) I investigate a little more since my last mail : I've downgraded my SAMBA 3.4.1 to SAMBA 3.3.7 the problem is the same
Re: [Samba] Too much init_sam_from_ldap...
Finally i've opened a bug on samba.org (Bug #6771). At this time i've made a workaround using pdbedit during the night to translate an ldapsam backend into smbpasswd backend : # pdbedit -i ldapsam:ldap://ldapserver/; -e smbpasswd:/var/lib/samba/private/smbpasswd It's a really bad workaround but i can't stop my production anymore... With this workaround the time needed for 1 user to log into any workstation is lesser than 5 seconds (it's amazing ^^) I hope that somebody find something better than my workaround, i don't like this kind of poor work... regards, Bruno -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Too much init_sam_from_ldap...
Hi ! I'm working in a educational administration, i've made a domain with a Samba 3.4.1 PDC with a LDAP backend. When a user log into an XP Workstation, i see in the log file a lot of init_sam_from_ldap. In fact, instead of scanning only the user who try to connect, a lot of them are scanned. I've got about 600 account into the LDAP so the time needed by the user to connect into the workstation is a little increased. The problem is also more important when i've pratices sessions because i've between 16 and 64 users that try to log onto the domain at the same time. I see init_sam_from_ldap into all of workstation log files (on the samba server) and the load average of the LDAP server increase dramatically... On a practice session with only 16 users connecting at the same time, the elapsed time before the user can use his workstation is between 5 and 10 minutes !!! When only 1 user try to connect (from the same workstation) the time is lesser than 20 seconds... How can I stop (or limit) all of this init_sam_from_ldap..., to let all of my students working properly ?? Thanks by advance, Bruno Following : Usefull informations * Sample of workstation SAMBA logfile : [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: benoijod [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/09/29 19:13:34, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(102) : conn_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (12268, 1) - sec_ctx_stack_ndx = 0 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(12268, 1) : sec_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(102) : conn_ctx_stack_ndx = 0 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(102) : conn_ctx_stack_ndx = 1 [2009/09/29 19:13:34, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: chevamic ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: delapmic ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: demarjoh ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: ouldbahm ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: molinste ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: baerrud ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: brihifay ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: chomacam ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: colomben ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: ducroant ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: ouldmyou ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: mokadabd ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: antiomar ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: andrirad ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: aprilame ... [2009/09/29 19:13:34, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: duperjon ... ... ... * The LDAP Server : DELL PowerEdge 2950 with 2x QuadCore and 4Gb Memory * The SAMBA PDC : DELL PowerEdge 1950 with 2x QuadCore and 4Gb Memory PS: Sorry for my poor english :-) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba