Re: [Samba] Samba is still crashing
On Sun, Oct 13, 2013 at 11:11:29PM -0600, Wayne Andersen wrote: > I have had a problem for a couple of weeks now. I get very regular > crashes on two of my three Domain Controllers. > > I just updated to 4.1.0 and I am still getting the same problem. This looks like https://bugzilla.samba.org/show_bug.cgi?id=10052 Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] using samba 4 as plugin replacement for samba 3
On Mon, Oct 14, 2013 at 08:22:35AM +0200, Daniel Müller wrote: > THIS WILL NOT WORK: can I simply give samba 4 a copy of the old smb.conf > file? With the usual caveats that came with every 3.x to 3.y upgrade, yes. Nothing special when going from 3.6 to 4.0 that would not in principle have hit you from 3.5 to 3.6. Read the WHATSNEW and release notes about changed parameters. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] getent group by name fails
On Fri, Oct 11, 2013 at 10:16:48AM -0400, Lee Allen wrote: > Samba 3.6.17 joined to Samba 4.2.0 AD domain, using winbind > > 'wbinfo -g' and 'getent group' successfully list all groups. > 'getent group 10006' returns: > domain users:x:10006: > 'getent group "domain users"' fails with return code 2 > > partial log.winbind after above command: > > [2013/10/11 10:01:31.288199, 3] > winbindd/winbindd_misc.c:384(winbindd_interface_version) > [31911]: request interface version > [2013/10/11 10:01:31.288288, 3] > winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir) > [31911]: request location of privileged pipe > [2013/10/11 10:01:31.288421, 3] > winbindd/winbindd_getgrnam.c:56(winbindd_getgrnam_send) > getgrnam domain users > [2013/10/11 10:01:31.288520, 3] > winbindd/winbindd_msrpc.c:252(msrpc_name_to_sid) > msrpc_name_to_sid: name=DOMAIN\USERS > [2013/10/11 10:01:31.288547, 3] > winbindd/winbindd_msrpc.c:266(msrpc_name_to_sid) > name_to_sid [rpc] DOMAIN\USERS for domain DOMAIN > > if I specify the domain name, ie: 'getent group "ALLENLAN\\domain users"' > it still fails... > > [2013/10/11 10:02:18.280728, 3] > winbindd/winbindd_misc.c:384(winbindd_interface_version) > [31925]: request interface version > [2013/10/11 10:02:18.280823, 3] > winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir) > [31925]: request location of privileged pipe > [2013/10/11 10:02:18.280940, 3] > winbindd/winbindd_getgrnam.c:56(winbindd_getgrnam_send) > getgrnam ALLENLAN\domain users > [2013/10/11 10:02:18.281033, 3] > winbindd/winbindd_msrpc.c:252(msrpc_name_to_sid) > msrpc_name_to_sid: name=ALLENLAN\DOMAIN\USERS > [2013/10/11 10:02:18.281060, 3] > winbindd/winbindd_msrpc.c:266(msrpc_name_to_sid) > name_to_sid [rpc] ALLENLAN\DOMAIN\USERS for domain ALLENLAN\DOMAIN > > Note the missing space in "DOMAIN\USERS" in the logs. I don't know whether > this is relevant. > > 'getent passwd' does not have any such problems - it can query by UID or > username > > > smb.conf: > > [global] > workgroup = ALLENLAN > realm = allenlan.net > password server = 192.168.0.13 > preferred master = no > server string = zone-samba3 > security = ads > encrypt passwords = yes > log level = 3 > log file = /var/log/samba/%m > max log size = 50 > printcap name = cups > printing = cups > winbind enum users = yes > winbind enum groups = yes > winbind use default domain = yes Please try without "winbind use default domain = yes" > winbind nested groups = yes > winbind separator = \ Just a wild guess: Can you try removing this line? \ is default. If that does not help, please send us full debug level 10 logs of that command together with the output of strace -ttT -s 1000 -o /tmp/getent.out getent group "domain users" Regards, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] URGENT - production server stops working (v3.6)
On Wed, Oct 09, 2013 at 10:07:52AM +0200, Andreas Grabner wrote: > Hello, > > i need some help. A samba3 (3.6.9-151.el6_4.1) ADS member (WIN 2008 > AD Master) Server did his work for years. Since hours some Clients > can not connect to the name (\\fileserver) > connecting to \\192... sometimes work. > > Log say: > 2013/10/09 09:54:27.735101, 3] smbd/sesssetup.c:660(reply_spnego_negotiate) > reply_spnego_negotiate: Got secblob of size 1638 > [2013/10/09 09:54:27.735423, 3] > libads/kerberos_verify.c:435(ads_secrets_verify_ticket) > libads/kerberos_verify.c:435: enc type [23] failed to decrypt with > error Decrypt integrity check failed > [2013/10/09 09:54:27.757589, 3] > libads/kerberos_verify.c:638(ads_verify_ticket) > libads/kerberos_verify.c:638: krb5_rd_req with auth failed (Bad > encryption type) > [2013/10/09 09:54:27.757792, 1] smbd/sesssetup.c:342(reply_spnego_kerberos) > Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! > > > Any hints are wellcome? Try re-joining (net ads join). Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] create_local_nt_token_from_info3 not pulling supplementary UNIX groups
On Thu, Oct 03, 2013 at 10:37:07AM -0400, Brian H. Nelson wrote: > Can anyone with knowledge about this issue offer any comment? > Somebody has to have an idea about it, good or bad. The general idea is that we 100% rely on what the Domain Controller tells us. username map is an explicit override by which you tell Samba that you do not want to listen to the domain. If you happen to run with winbind, you might want to create local groups and add members to those. (net sam createlocalgroup, addmem and so on). With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] name mangling makes 8.3 unreadable unlike Windows fileserver
On Fri, Oct 04, 2013 at 08:34:24AM +0200, Klaus Hartnegg wrote: > On 04.10.2013 01:14, Kevin Field wrote: > >"The minimum value is 1 and the maximum value is 6. > > > >"mangle prefix is effective only when mangling method is hash2." > > > >This does exactly what we want! > > Be warned that this will produce duplicate filenames. > Windows prevents duplicates, Samba does not. True. The main difference is that Windows stores the short name on disk, Samba just fakes them on the fly. In theory, we could store the short names in an xattr, but this would be really, really expensive. And as applications that really depend on short names are rare these days, I'm not sure if it would be worth the effort and speed penalty anymore. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4.0.9 Build Error
On Wed, Sep 25, 2013 at 10:00:02AM +0200, Thomas Zeitinger wrote:
> Hi there,
>
> I tried to build samba 4.0.9 on a Debian Wheezy 7.1 x86 fresh install
> and got this error:
>
> [2717/3935] Compiling source3/smbd/scavenger.c
> ../source3/smbd/scavenger.c: In function ‘scavenger_timer’:
> ../source3/smbd/scavenger.c:482:3: error: format ‘%lu’ expects argument
> of type ‘long unsigned int’, but argument 3 has type ‘uint64_t’
> [-Werror=format]
> ../source3/smbd/scavenger.c:490:3: error: format ‘%lu’ expects argument
> of type ‘long unsigned int’, but argument 3 has type ‘uint64_t’
> [-Werror=format]
> cc1: some warnings being treated as errors
> Waf: Leaving directory `/root/samba-4.0.9/bin'
> Build failed: -> task failed (err #1):
> {task: cc scavenger.c -> scavenger_92.o}
> make: *** [all] Fehler 1
>
> Never got this befor. Is there something I can do? I need a samba4 on
> this machine.
Does the attached patch help? If it does, please open a bug
at bugzilla.samba.org and attach it, so that it will get
fixed in the next Samba release.
Thanks,
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
*
visit us on it-sa:IT security exhibitions in Nürnberg, Germany
October 8th - 10th 2013, hall 12, booth 333
free tickets available via code 270691 on: www.it-sa.de/gutschein
**
>From a075eb64952d58749660a87049bb7e3d326c5968 Mon Sep 17 00:00:00 2001
From: Volker Lendecke
Date: Wed, 25 Sep 2013 06:24:19 -0700
Subject: [PATCH] smbd: Fix a 64-bit warning
---
source3/smbd/scavenger.c |8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/source3/smbd/scavenger.c b/source3/smbd/scavenger.c
index fe4e56e..0ca18c8 100644
--- a/source3/smbd/scavenger.c
+++ b/source3/smbd/scavenger.c
@@ -480,16 +480,16 @@ static void scavenger_timer(struct tevent_context *ev,
ctx->msg.open_persistent_id);
if (!ok) {
DEBUG(2, ("Failed to cleanup share modes and byte range locks "
- "for file %s open %lu\n",
+ "for file %s open %llu\n",
file_id_string_tos(&ctx->msg.file_id),
- ctx->msg.open_persistent_id));
+ (unsigned long long)ctx->msg.open_persistent_id));
}
status = smbXsrv_open_cleanup(ctx->msg.open_persistent_id);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(2, ("Failed to cleanup open global for file %s open %lu:"
+ DEBUG(2, ("Failed to cleanup open global for file %s open %llu:"
" %s\n", file_id_string_tos(&ctx->msg.file_id),
- ctx->msg.open_persistent_id, nt_errstr(status)));
+ (unsigned long long)ctx->msg.open_persistent_id,
nt_errstr(status)));
}
}
--
1.7.9.5
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] usershare
On Thu, Sep 12, 2013 at 08:50:10AM +0200, Pascal Legrand wrote: > >Try setting > > > >usershare path = > > > >in smb.conf > > > >Volker > > > Hello, > since i made the change, it seems there is no more message. > Then "usershare path =" seems to be the solution.Could you tell me > what was the problem ? > is it a bug ? It's probably "just" a configuration problem that I would need to look deeper into. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] usershare
On Wed, Sep 11, 2013 at 08:24:20AM +0200, Pascal Legrand wrote: > > Well, you might post your smb.conf. And you might post a > > debug level 10 log of smbd leading up to this message > > somewhere. Then, we might need to see the permissions of the > > directories leading up to /var/lib/samba/usershares/. > > > > Volker > > > > > hello, > here is my smb.conf : http://pastebin.fr/28690 > As you can see there is no "usershares" defined Try setting usershare path = in smb.conf Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Conversion error: Illegal multibyte sequence
On Tue, Sep 10, 2013 at 09:48:57AM -0700, Jeremy Allison wrote: > It's an old, old check back from when SJIS and EUC were > common multi-byte systems. > > SJIS especially has the property that the second byte > can contain a value <127 as part of the 2-byte char > set. So if CH_UNIX is set to a char set with such a > property we can't walk it as bytes, but must see if > a pair of values [0] (> 0x80) [1] (any value) can be > converted into a valid multi-byte char, in which case > we ignore it (otherwise we might look at the second > byte value of ':' or something and consider it invalid). > > I thought about removing this and re-writing it, but > it made my brain hurt (and might break some very old > systems :-). So moving to next_codepoint() which checks > the next char len without causing the conversion error > messages seemed the simplest fix :-). Thanks! +1 from me. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Conversion error: Illegal multibyte sequence
Hi, Jeremy!
On Mon, Sep 09, 2013 at 03:40:06PM -0700, Jeremy Allison wrote:
> Ok, here is a fix for 3.6.x. Can you test this and see
> if it fixes the problem ? If so, I'll get this fixed
> in master and back-ported to all releases.
>
> Thanks !
>
> Jeremy.
> diff --git a/source3/smbd/mangle_hash2.c b/source3/smbd/mangle_hash2.c
> index 5aafe2f..e1aedf1 100644
> --- a/source3/smbd/mangle_hash2.c
> +++ b/source3/smbd/mangle_hash2.c
> @@ -626,7 +626,8 @@ static bool is_legal_name(const char *name)
> while (*name) {
> if (((unsigned int)name[0]) > 128 && (name[1] != 0)) {
> /* Possible start of mb character. */
> - char mbc[2];
> + size_t size = 0;
> + (void)next_codepoint(name, &size);
> /*
>* Note that if CH_UNIX is utf8 a string may be 3
>* bytes, but this is ok as mb utf8 characters don't
> @@ -634,7 +635,7 @@ static bool is_legal_name(const char *name)
>* for mb UNIX asian characters like Japanese (SJIS)
> here.
>* JRA.
>*/
> - if (convert_string(CH_UNIX, CH_UTF16LE, name, 2, mbc,
> 2, False) == 2) {
> + if (size == 2) {
> /* Was a good mb string. */
> name += 2;
> continue;
Can you explain what this check is supposed to do at all? I
don't get it ... :-)
Thanks,
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
*
visit us on it-sa:IT security exhibitions in Nürnberg, Germany
October 8th - 10th 2013, hall 12, booth 333
free tickets available via code 270691 on: www.it-sa.de/gutschein
**
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] usershare
On Mon, Sep 09, 2013 at 04:30:46PM +0200, Pascal Legrand wrote: > Hello, > i' got some strange message in samb log file : > Sep 9 15:04:10 samba smbd[1018]: [2013/09/09 15:04:10.621264, 0] > param/loadparm.c:9114(process_usershare_file) > Sep 9 15:04:10 samba smbd[1018]: process_usershare_file: stat of > /var/lib/samba/usershares/blabla failed. Permission non accordée > > But i havent usershares defined. > Somebody could told me what could be the way to solve this problem. > Is there a way to detect where these messages come from ? > > thank you for your help Well, you might post your smb.conf. And you might post a debug level 10 log of smbd leading up to this message somewhere. Then, we might need to see the permissions of the directories leading up to /var/lib/samba/usershares/. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How do I lock a shared file?
On Thu, Sep 05, 2013 at 02:23:10PM +0200, steve wrote: > It's a pity that we'll have to work around it. Surely Samba knows if a > file is open or not doesn't it? What's all this oplock stuff? It would Samba certainly knows if a file is open. But it is by no way safe that an application really opens a file that is being edited exactly once. It is perfectly valid for an application to load a file into memory, close it and then let the user edit it. When the user presses a "save" button, the file can be opened again, saved and closed immediately. Perfectly valid, I'm sure there are many applications out there that do exactly that. This will make it impossible for Samba to protect applications against each other. Did you 100% check that each and every of your applications does open a file exactly once and never twice? I definitely know that for example the pretty popular Microsoft Excel application fails in this regard. > I realise that it's not for everybody. Would that be hard to implement? Feel free to submit a patch for this. Sorry for not doing it myself, I highly doubt that this will work across all clients, and I also highly doubt that it will help you in even the majority of your cases. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How do I lock a shared file?
On Thu, Sep 05, 2013 at 02:08:27PM +0200, steve wrote: > > This is a feature of the SMB protocol that a client can > > explicitly request. It's called share modes. There is no > > option where you can enable this for all open files. This > > would not make sense, as very often a single client opens a > > file more than once simultaneously. > > > > What is your exact use case for this feature? > > > School classes often have projects with files that many students will > need to edit. We are surprised that there is no way for a user to find > out if a file is already open. It causes chaos for us unless we do all > our work in LibreOffice. Your clients are Linux? Well, indeed there is no good support for locking files across applications. If your clients are Windows then that should work fine, Windows traditionally was better at that. Linux programs like vim do it on their own, like many editors do. But many programs don't do that well. That's why version control systems like git and all the other ones exist. Certainly overkill for 6-year-olds, but it allows more parallel work. Also, nobody forces applications to keep files open while they are edited. For example even some Windows native editor (I don't remember which) loads files into memory and closes the file until saving. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How do I lock a shared file?
On Thu, Sep 05, 2013 at 01:23:14PM +0200, steve wrote: > On Thu, 2013-09-05 at 11:51 +0200, Volker Lendecke wrote: > > On Thu, Sep 05, 2013 at 10:30:56AM +0200, steve wrote: > > > 4.0.9 as a file server > > > Hi > > > We have a rw folder where we can share files. If a user opens a file, I > > > would like it to be locked so the other users can't open and edit it at > > > the same time. > > > > > > Is this possible? > > > > Open the file with a smb client with value 0 for the > > sharing argument. This will block access for other SMB > > clients. > > > > Volker > > > Hi > Could you give me pointer as to how to do that? Is it an option in > smb.conf? Surely, we would want to do this with all files on a network > no? > > I noticed that LibreOffice does it by producing a lock file. Is there > anything in Samba that will do that with all files, not just office? This is a feature of the SMB protocol that a client can explicitly request. It's called share modes. There is no option where you can enable this for all open files. This would not make sense, as very often a single client opens a file more than once simultaneously. What is your exact use case for this feature? With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How do I lock a shared file?
On Thu, Sep 05, 2013 at 10:30:56AM +0200, steve wrote: > 4.0.9 as a file server > Hi > We have a rw folder where we can share files. If a user opens a file, I > would like it to be locked so the other users can't open and edit it at > the same time. > > Is this possible? Open the file with a smb client with value 0 for the sharing argument. This will block access for other SMB clients. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] oplocks for Access DB
On Thu, Sep 05, 2013 at 11:07:17AM +1200, sond wrote: > [DB_BE] > path = /home/DATA2/DB_BE > write list = +db-users > force group = +db-users > force create mode = 0770 > force directory mode = 0770 > oplocks = no > level2 oplocks = no > veto oplock files = /*.mdb/ With oplocks=no you don't need the other two. > Any suggestions to improve this config would be welcome. Well, the only suggestion is to use a real database engine. Sorry, but a shared file multi-user database is just a very, very bad idea both performance- and integritywise. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] oplocks for Access DB
Hi! On Tue, Sep 03, 2013 at 09:10:18AM +1200, sond wrote: > Hi Folks > > First time poster here.. > > I have a Samba 3.4.7 ( will upgrade soon ) in a workgroup enviroment, > This server has a share containing various Access DB backends.. > > Wondering about the .ldb lock files that the client front-ends > produce.. and if the oplocks and veto options are still current ? > as various combinations i have tried don't seem to work.. > > Would be keen to hear how others handle Access back ends on Samba shares.. We believe that we handle oplocks and the real locks correctly. But as those files are typically shared, oplocks are usually lost quickly. So it should be okay to not grant oplock files at all on those shared files. What fails exactly? With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de * visit us on it-sa:IT security exhibitions in Nürnberg, Germany October 8th - 10th 2013, hall 12, booth 333 free tickets available via code 270691 on: www.it-sa.de/gutschein ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NDR decoding
On Thu, Aug 01, 2013 at 08:00:06PM +0100, Markus Moeller wrote: > Apologies if this is off topic. I'd like to decode the Kerberos PAC > which is NDR decoded and I know Samba has all the code to decode a > PAC. I looked at > http://msdn.microsoft.com/en-us/library/cc237933.aspx as an example > and read the opengroup document, but I am still lost. Is there a > good book, link, course about NDR endocding/decoding ? http://pubs.opengroup.org/onlinepubs/9629399/chap14.htm#tagcjh_19 and possibly http://msdn.microsoft.com/en-us/library/cc243560.aspx No tutorial, basic specs. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4.0.7 PANIC invalid lock_order
On Wed, Jul 24, 2013 at 09:53:06AM +, bruno.meneuvr...@ioxar.fr wrote: > Dear all, > I'm struggling to get samba 4.0.7 working as a file > server. I'm using mac osx 10.8.4 with Excel for Mac 2011 > (14.3.6). > I'm able to create a new Spreadsheet and to save it with a > new name. I'm also able to read it. When I open it and > change a few cells, I cant't save it. I have to save it > with a new name. > I found these lines in log file: > 2013/07/23 15:27:12.407416, 0] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) > lock order: 1:/usr/local/samba/var/lock/locking.tdb 2: 3: > [2013/07/23 15:27:12.407600, 0] ../source3/lib/util.c:810(smb_panic_s3) > PANIC (pid 31203): invalid lock_order > > Maybe, it's the root cause… > > You will find attached conf and log files. Unfortunately the attachments were dropped. Can you re-send debug level 10 logs of smbd directly to me? Thanks, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Slow FIND_FIRST2 response
On Tue, Jul 30, 2013 at 12:56:18PM -0400, Ryan Bair wrote: > I'm running Samba 4.0.7 on CentOS 6.4 running double duty as DC and file > server. > > OS X clients are taking a _long_ time to list long directories. One > directory with 10K entries is taking 3-4 minutes to display the entries in > Finder. > > I captured a few seconds worth of packets and noticed that it's doing three > requests per file: > 1. NTCreateAndX - just opens the file > 2. Close > 3. FIND_FIRST2 - to look for the resource fork > > The first two happen extremely fast, the 3rd one is the kicker. Samba is > taking about 0.025 seconds to return a response to the client (usually no > such file status). Multiple that by 10K requests and you have a few minutes > on your hands. Can you do an strace -ttT -o smbd.strace -p of the smbd serving the client while it's doing that? You can find out the smbd pid with the smbstatus command. Please upload the smbd.strace somewhere for inspection. Thanks, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SMB throughput inquiry, Jeremy, and James' bow tie
On Tue, Jul 30, 2013 at 02:26:42AM -0500, Stan Hoeppner wrote: > I went to the site to subscribe again and ended up watching some of > Jeremy's Google interviews. I particularly enjoyed the interview with > James and the bow tie lesson at the end. :) > > So anyway, I recently upgraded my home network to end-to-end GbE. My > clients are Windows XP SP3 w/hot fixes, and my Samba server is 3.5.6 > atop vanilla kernel.org Linux 3.2.6 and Debian 6.0.6. > > With FDX fast ethernet steady SMB throughput was ~8.5MB/s. FTP and HTTP > throughput were ~11.5MB/s. With GbE steady SMB throughput is ~23MB/s, > nearly a 3x improvement, making large file copies such as ISOs much > speedier. However ProFTPd and Lighttpd throughput are both a steady > ~48MB/s, just over double the SMB throughput. > > I've tweaked the various Windows TCP stack registry settings, > WindowScaling ON, Timestamps OFF, 256KB TcpWindowSize, etc. Between two > Windows machines SMB throughput is ~45MB/s. You can see from the > remarks below the various smb.conf options I've tried. No tweaking thus > far of either Windows or Samba has yielded any improvement, at all. It > seems that regardless of tweaking I'm stuck at ~23MB/s. > > [global] > # max xmit=65536 > # socket options=TCP_NODELAY IPTOS_LOWDELAY > # read raw=yes > # large readwrite=yes > # aio read size=8192 > nt acl support=no > fstype=Samba > client signing=disabled > smb encrypt=disabled > # smb ports=139 > smb ports=445 > > The Linux server has an Intel PRO/1000GT NIC, the clients motherboard > embedded RealTek 8111/8169, the latter being the reason I'm limited to > ~50MB/s over the wire. > > I run nmbd via the standard init script at startup but I run smbd via > inetd. This doesn't appear to affect throughput. I effect config > changes with kill -HUP of inetd and killing smbd. > > I have Wireshark installed on one of the Windows XP machines, though I'm > a complete novice with it. I assume a packet trace may be necessary to > figure out where the SMB request/reply latency is hiding. > > ~23MB/s is a marked improvement and I'm not intending to complain here. > It just seems rather low given FTP/HTTP throughput. I'm wondering how > much of that ~48MB/s I'm leaving on the table, that could be coaxed out > of Windows or smbd, the kernel, etc with some tweaking. The main question is -- does your client issue multiple requests in parallel? If not, you are effectively limited to a TCP Window size of roughly 60k, because the higher level only issues requests of that size sequentially. If you have a properly multi-threaded or async copy program on the client, I think even XP would be able to do multi-issue. With newer clients like Windows 7 the situation is even better: The SMB2 client is a lot better performance-wise than XP ever was. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Errors in parse_share_modes Testing CTDB 2.3 and Samba 4.0.7
On Mon, Jul 22, 2013 at 03:43:21PM -0500, John P Janosik wrote: > I'm working on building a CTDB/Samba cluster on AIX 7.1 with the latest > levels to replace an older one running CTDB 1.0.113 and Samba 3.6.1. I > have the new servers up and running and they seem to work, but I'm worried > about some messages in the logs. I run with log level 1 on the servers so > that the connection details are logged. On the old cluster there were > only connection/closed connection, and client time-out messages in the > logs. On the new cluster I see the following messages very often: > > > [2013/07/22 15:09:02.594483, 1, pid=9437314] > ../librpc/ndr/ndr.c:412(ndr_pull_error) > ndr_pull_error(11): Pull bytes 4 (../librpc/ndr/ndr_basic.c:148) > [2013/07/22 15:09:02.594636, 1, pid=9437314] > locking/share_mode_lock.c:136(parse_share_modes) > ndr_pull_share_mode_lock failed Very likely that's bug 10008. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Mon, Jul 22, 2013 at 11:12:00AM +0200, Helmut Hullen wrote: > Hallo, Volker, > > Du meintest am 22.07.13: > > >> So is there ANY way to provide access to a share, with only a > >> password, not caring about a username? Or must I pick a name (e.g., > >> "root") and tell all clients to log in under that username? If I do > >> the latter, and root isn't listed in smbpasswd, will it just do > >> ordinary Unix authentication, demanding a password that matches the > >> local root password? Is the purpose of an SMB password to allow a > >> client to be assigned a different password, without having to reveal > >> the local Unix one? Or MUST I list "root" in smbpasswd with the same > >> password as the local Unix one? > > > There is also the "username map" parameter, using which you > > can for example say > > > username map = /etc/samba/usermap > > > and then open a file named /etc/samba/username with a single > > line containing > > /etc/samba/usermap > (looks like a c&p error ...) Thanks :-) Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Mon, Jul 22, 2013 at 01:24:52AM -0700, Paul D. DeRocco wrote: > > From: Volker Lendecke [mailto:volker.lende...@sernet.de] > > > > There is also the "username map" parameter, using which you > > can for example say > > > > username map = /etc/samba/usermap > > > > and then open a file named /etc/samba/username with a single > > line containing > > > > root = * > > That looks like just the ticket. But I still need to know which of the > following three things is true: > > 1) I can rely on Unix authentication and not even bother with SMB passwords, > if I don't mind telling the clients the local root password. > > 2) I can use smbpasswd to assign a different client password, so I can keep > the local root password secret from the clients. > > 3) I must use smbpasswd and assign the same password as the local root > password. 2) is correct. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Mon, Jul 22, 2013 at 01:07:34AM -0700, Paul D. DeRocco wrote: > > From: Volker Lendecke [mailto:volker.lende...@sernet.de] > > > > "force user" happens after any user authentication. Samba > > uses the client provided username to find the entry in the > > smbpasswd file. After that succeeded, when connecting to the > > share, it will switch back to root for accessing files. But > > the local user must exist for Samba to let the user in at > > all. > > So is there ANY way to provide access to a share, with only a password, not > caring about a username? Or must I pick a name (e.g., "root") and tell all > clients to log in under that username? If I do the latter, and root isn't > listed in smbpasswd, will it just do ordinary Unix authentication, demanding > a password that matches the local root password? Is the purpose of an SMB > password to allow a client to be assigned a different password, without > having to reveal the local Unix one? Or MUST I list "root" in smbpasswd with > the same password as the local Unix one? There is also the "username map" parameter, using which you can for example say username map = /etc/samba/usermap and then open a file named /etc/samba/username with a single line containing root = * With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Sun, Jul 21, 2013 at 11:41:17AM -0700, Paul D. DeRocco wrote: > (This is an embedded box, so, short of taking a screwdriver and opening the > unit, there is no other access besides this share.) > > Thanks for taking the time to try to explain this. The fog is starting to > lift a little. > > I assume "force user = root" means "ignore the username provided by the > client, and pretend all clients are username root instead". So what password > does the client need to provide? The root Unix password, or some password > entered into the SMB password database by the smbpasswd command? Does Samba > use an SMB password if it finds an appropriate username in its own database, > and fall back to using the Unix password if it doesn't find the username in > its own database? If so, is the purpose of the SMB password to provide an > alternate namespace, so that one can use a different password (and perhaps > username) than has no analog among local user accounts? "force user" happens after any user authentication. Samba uses the client provided username to find the entry in the smbpasswd file. After that succeeded, when connecting to the share, it will switch back to root for accessing files. But the local user must exist for Samba to let the user in at all. > For instance, if my root account has the password "blahblah", can I invent > an arbitrary username like "foobar" that doesn't correspond to any local > Unix user account, put that into the SMB password database with the password > "yadayada", and then put "force user = foobar" in smb.conf? Will all > external clients then be able to log in with any username and "yadayada", so > I don't need to reveal "blahblah" to anyone? Or will Samba be unable (or > unwilling) to access the files owned by root without somehow being given the > "blahblah" password? No, Samba will require a local user foobar. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Sun, Jul 21, 2013 at 01:34:23AM -0700, Paul D. DeRocco wrote: > You completely misunderstood my question. I'm asking something much simpler > and more basic than all that. What's an SMB password for, and how does it > relate to a Unix password? With the Samba password stored on the server a client can convince the Samba server about it's identity. That's called authentication. The Samba password has no relationship at all to the unix password, it is a completely separate thing. > Here's the situation. I have a directory on a machine, and the files in it > are created by a service which runs as root, so the files are owned by root > and only locally accessible to root. I need to make this directory You could set up a normal Samba server, and for this particular share use "force user = root". Be aware this option is pretty dangerous, but it is made for that situation. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can someone explain SMB passwords?
On Sat, Jul 20, 2013 at 10:41:31PM -0700, Paul D. DeRocco wrote: > I've read what I can find about SMB passwords, but I don't get what they > are. Are they Unix passwords or an alternative to them? If I have a file > share, and the underlying file system requires some sort of credentials to > access it, what is the relationship between that and an SMB password? > > If a client tries to access the share, using a user account that is listed > in the smbpasswd file, does the client have to provide a password that > matches the SMB password in order for the server to allow the access, and > having done that, does it then not need to know the Unix password? Or is the > SMB password the Unix password that the server will use to access the share, > so that the client doesn't have to supply a password at all? > > I don't even understand if the SMB server runs as root, and can therefore > access anything, or if it can't access local files unless it is given a > password somehow. The smbpasswd(5) and smbpasswd(8) man pages, and > everything else I've read, seem to assume that whoever is reading them > already knows the answers to these questions. The Samba server never sees the plaintext password. The Samba password is a one-way hashed version of the plaintext password, that is all Samba needs to do its challenge-response authentication. If Samba is a domain member, it does not even have the hash, it has nothing but trusts the domain controller to have it and check it properly. What file system is this? If it happens to be AFS, then there's the fake_kaserver functionality. The basic trick is that this makes the file server the KDC. A blatant violation of any security policy, but that's the only way. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba limitation to concurrent open files
On Fri, Jul 12, 2013 at 04:25:05PM +0530, Santosh Patnaik wrote: > Can Samba handle in the range of 1million to 3 millions concurrently open > files? If so, then from which Samba version onwards? Is this per connection? How many clients connect to that system? If you are using SMB1, the protocol has a 16-bit field for file IDs, this effectively limits the maximum number of files to 65536. In the real world it will be a bit less. With SMB2, there's no such limitation, but I don't know where people have pushed this so far. > Does it have any benchmarking results on maximum number of open files that > Samba can have concurrently? Not really. Do you have a bit more information about your workload, so that we can test this and lift limits? Thanks, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba limitation to concurrent open files
On Fri, Jul 12, 2013 at 01:05:24PM +0200, Luuk wrote: > On 12-07-2013 12:55, Santosh Patnaik wrote: > >Can Samba handle in the range of 1million to 3 millions concurrently open > >files? If so, then from which Samba version onwards? > >Does it have any benchmarking results on maximum number of open files that > >Samba can have concurrently? > > > >Any reply to this question is highly appreciated. > > > >Thanks in Advance > >Santosh > > > > http://www.samba.org/samba/docs/using_samba/ch11.html > says: > max open files > numeric > Limits number of open files to be below Unix limits. > 1 > Global > > > If the default value is 1 and you want it to be 100-300 times bigger? > > I see nothing mentioned in de docs about bigger values, just that is > need to be below 'unix limits' ;) Well, your ulimit should be high enough ;-) Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UTF-8 output for wmic
On Sun, Jul 07, 2013 at 10:35:09AM +0200, Bjoern Meier wrote: > hi, > > 2013/7/7 Ning Jiang : > > Hi, > > > > I have a question on wmic, the linux wmi client, which uses samba. Is this > > mailing list the right place to ask? or there is a better forum or mailing > > list to ask? > > > > Basically, I want to ask if wmic supports UTF-8 for its output or not. If > > yes, how to turn it on? By default, it doesn't return UTF-8 for extended > > ascii characters. I tried to put "unix charset = UTF8" in a config file and > > use -s option to give it to wmic, but that didn't work either. > > > there is no WMIC with UTF-8 support. I also believe WMIC doesn't use > samba. Is there even a GPL-Version? There used to be one a while ago in Samba, but it was not developed fully. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Digitially Signed Communications
On Tue, Jun 25, 2013 at 10:05:20AM +, Shaun Glass - Business Connexion wrote: > samba-3.0.33-3.39.el5_8 > samba-common-3.0.33-3.39.el5_8 Please make that a RedHat support case. 3.0.33 is out of official Samba support since 2009. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [PATCH] Workaround very slow nss_winbind, fix crash on the AD DC (particularly for backups)
On Tue, Jun 18, 2013 at 12:49:37PM +1000, Andrew Bartlett wrote: > This patch attempts to address an issue some have reported where our > nss_winbind is even slower than it's simple non-caching implementation > needs to be. > > I think this comes from us not handling the BUILTIN domain properly, and > so we constantly attempt to contact the DC, and then fail an internal > validation step, throwing away that connection. > > I think this is also the cause of crashes folks have seen. > > Can I get some confirmation that this helps, so I can merge this into > master (and then 4.0.x)? If you add the Signed-off-by-line, consider this reviewed-by me. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Backup samba4 using LVM snapshot
On Mon, Jun 17, 2013 at 08:59:28PM +1000, Andrew Bartlett wrote: > On Fri, 2013-06-14 at 23:34 +0400, Alexey Balekhov wrote: > > Hi all! Is it possible to lock databases in private dir to make consistent > > LVM snapshot? I know about tdbbackup, but LVM snapshot is preferred way for > > me, cause it's already used for MySQL backup. > > Just as with MySQL, you need to ensure the backup is consistent. So, > just as you must shut down or freeze mysql, you must do the same with > Samba. tdbbackup is how you get a frozen database out of a running > Samba, so run that script, then run your lvm backup. Alternatively, if someone does not want to do tdbbackup, it should be possible to take the allrecord lock in tdb using tdbtool. I don't know how to integrate this into taking the lvm snapshot, but this should also guarantee a consistent database. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Microsoft Hyper-V over SMB 3.0
On Fri, Jun 07, 2013 at 12:24:29PM +0800, Chunbo Song wrote: > We have a project about Microsoft Hyper-V by using our storage. We want to > use Samba to share our storage to Hyper-V. > > > > And we know from Microsoft homepage hyper-v(windows 2012) only support > smb3.0 protocol, but right now the newest version of Samba don’t’ fully > support SMB3.0 protocol. I tried the version of Samba4.0.6, Samba3.6.9, > but both failed to create virtual hosts using Hyper-V. > > > > So,is it possibly to use Samba to share our storage to Hyper-V? Any > suggestion for us? We don't support that yet. It is being worked on, but it will take a bit. Sorry, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need help with file corruption issue
On Mon, Jun 03, 2013 at 06:41:33PM -0400, David Coppit wrote:
> > So you are creating files on the server side, access it from
> > the client side, remove it on the server side again and
> > create a new file server side under the same name?
>
> No, This is much more serious. Please see the strace.txt log. Let me
> step you through the last bit:
>
> 1) Here, I create a file SdLajo6RXt on the share. I read it from the
> raw disk location and also read it from the mounted location, and it
> matches.
>
> Same!
> /grid/samba_stress_test/SdLajo6RXt :
> 0.5406506065286610.5406506065286610.5406506065286610.5406506065286610.540650606528661
> /root/grid/samba_stress_test/SdLajo6RXt:
> 0.5406506065286610.5406506065286610.5406506065286610.5406506065286610.540650606528661
>
> 2) Next I delete it
>
> unlink("/grid/samba_stress_test/SdLajo6RXt") = 0
>
> 3) Next I create a new file **with a different name**, write to it
> directly on disk, and read it from the samba mount:
>
> Different!
> /grid/samba_stress_test/85fsYXTNhJ :
> 0.9504576548397450.9504576548397450.9504576548397450.9504576548397450.950457654839745
> /root/grid/samba_stress_test/85fsYXTNhJ:
> 0.5406506065286610.5406506065286610.5406506065286610.5406506065286610.540650606528661
>
> **Note that the NEW file has incorrect content. It matches the OLD,
> DELETED file.** I double-checked the trace, and the filenames in the
> trace are all unique.
Could it be that the inode numbers are the same for the
deleted and the newly created file? Possibly the caching on
the Linux client depends on them.
> I mounted the share using "forcedirectio" and couldn't get it to repro.
>
> I would think that the file name is a part of the key used for
> caching! Is there some way to get visibility into the caching, so see
> why it's apparently returning invalid data for a brand new file that
> it should have *no* data for?
If it's the same inode number and caching depends on that,
this could be possible I guess. One factor could also be
that under Unix due to hard links the filename:file
relationship is not 1:1, so it is entirely possible for
files with different names to have the same content.
You can check inode numbers with ls -li.
> > Does the same also happen if you do the file
> > creation/deletion via Samba as well?
>
> It does not.
>
> For fun, I self-mapped the share twice and wrote to one mapped share
> while reading from the other, to simulate 1 client writing and another
> reading. I was able to repro the issue.
Same problem possibly. If your file system gives you the
same inode number, this might fool the linux client.
> I also went ahead and implemented a test where I used winexe to fetch
> the file from a Windows machine that had the samba share mounted. I
> was *not* able to repro it. So it's possible that there's something
> wrong in the Linux cifs module, or it's a race condition and the
> latencies of doing the remote command to "type
> C:\path\to\mount\samba_stress_test\random_file" mean I can't repro it.
> (It's possible that the corrupt files we saw on Windows before were
> due to something else.)
Good.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need help with file corruption issue
On Fri, May 31, 2013 at 12:51:40PM -0400, David Coppit wrote: > Hey Volker, thanks for the reply. > > > Can you explain for really stupid people what this does and where the > > problem is? > > Here's what the perl code is doing: > > 1) In a loop... > 1.1) Write a file to the local disk, using a random filename and 5 > random floats followed by a newline as the content. > 1.2) chown the file so that the samba mount user can read it > 1.3) Read that file from a cifs mount of that very same local disk > location, hosted by samba > 1.4) Compare the written content versus the read content, exiting if > they are different. > 1.5) Delete the temp file So you are creating files on the server side, access it from the client side, remove it on the server side again and create a new file server side under the same name? I would really think this is a caching issue, the client does not notice the file changed. The wireshark trace you sent does not contain any file related operations, so this time the client did not even ask the server to close and open the file again. Does the same also happen if you do the file creation/deletion via Samba as well? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need help with file corruption issue
On Thu, May 30, 2013 at 11:20:24AM -0400, David Coppit wrote: > Hi all, > > I've run into an issue and am wondering if folks can give some advice > on how to resolve it. > > Basically Samba appears to be getting confused, providing some other > file's contents. > > Initially I saw this on a Windows host that has mounted a share from > CentOs, but I've been able to repro it on the CentOs host using a > self-mount. Sorry, I don't know perl enough to actually see the sequence of events exactly enough. Can you explain for really stupid people what this does and where the problem is? It might help if you could send us an strace of that script producing the error together with a network trace. Also, I am a little confused about the scenario: You are saying that you saw this on a Windows host that has mounted a CentOs share? This means that the cifs kernel module is not involved at all here? With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind does not update groups
On Wed, May 29, 2013 at 04:17:33PM +, Michael Schmitz wrote: > I setup winbind as an authentication method on my Ubuntu > server and the only issue I have is when I change a user's > group in Active Director it doesn't update after a > relogin. It shows up with a wbinfo -G but when I use the > groups command or try to operate as a member. The only > groups I am in are the ones that I was in when I first > logged into the server. Does anyone know of why this is > and if there is a work around. I am on samba 3.6 on Ubuntu > 12.04.2 Are you running nscd? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [samba4] smbd processes never die after logoff
On Fri, May 24, 2013 at 03:15:03AM +0200, François Lafont wrote: > Hello, > > I'm using Samba 4.0.5 in Debian Wheezy as a member server of a DC (in Debian > Wheezy too with Samba 4.0.5) and the clients are Windows7 Pro. The users use > shares in the member server. > > Sometimes, after the logoff of the users in the Win7 clients, there are > connections with the member server whiches never stop. I can see it with the > "smbstatus" command which point PID out to me and indeed with the « ps aux | > grep smbd » I can see smbd processes whiches never die. > > I have try this in the smb.conf file : > >deadtime = 10 >socket options = TCP_NODELAY SO_KEEPALIVE Can you try to add the socket options TCP_KEEPIDLE=120 TCP_KEEPINTVL=10 TCP_KEEPCNT=5 This should make the sessions go away more quickly in case the clients just go away. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] frequent tdb corruption
On Thu, May 16, 2013 at 11:15:51AM +0100, Adam Thorn wrote: > Hi Andrew, > > > Can you please clarify: > > > > - Is the filesystem on this disk in any way shared? > > - Is the block device involved in any way shared? > > I'm not 100% sure what you mean by "shared" in this context, but the > filesystem where the tdbs are stored is: pair of local disks => mirrored > together via zfs => zfs filesystem. > > In case it's relevant: the samba config files are stored on a different > filesystem. There are a set of multiple disks which are mirrored over > the network with FreeBSD's HAST (pretty much equivalent to DRBD), and > the HAST devices are then combined into a RAIDZ2 pool. I have recently > had some disk problems with the filesystem where the samba config files > are stored (but no problems with the filesystem which stores the tdbs) - > is there any mechanism whereby e.g. a timeout in smbd trying to read > it's config file could cause problems with the tdbs? > > > - Has the server ever had a unexpected poweroff? > > No; I installed a different version of FreeBSD (downgraded from 9.1 to > 9.0) a week ago to see if it made any difference. The OS partitions were > totally wiped and reinstalled, and since then the server has been > powered-up and stable, and still exhibiting corrupt tdbs. > > > - Do Samba processes ever crash? > > No. > > > If the answer is no to all these, then I would strongly suspect a > > hardware or OS/kernel issue. > > I'd have said the same, but I've seen this problem on two (nominally) > identical pieces of hardware (whilst that doesn't rule out hardware, I > think it reduces the likelihood). I do plan to run memtest etc when I > can, though. Also, I'm running the same OS/kernel on another server > which is *almost* identical hardware, and that's been completely > trouble-free for over a year. > > > Could you put your TDB files on a different file system, to rule in our > > out ZFS (or the glue between FreeBSD and ZFS)? > > I can certainly give that a go! "use mmap = no" might provide another data point. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3 - smb2 cpu usage
On Mon, May 13, 2013 at 12:52:56PM +0200, Danny wrote: > Hi all, > > At the moment we are running Debian squeeze with stock samba 3.5.6. > and are testing some new samba installations from ubuntu 12.04, > centos 6.4 and debian wheezy. All running in a VM on a XenServer. > The samba servers are member of a 2008R2 domain, using smb1 protocol > all are running fine and we get a constant 90MB/s (big file > transfer) on our 1GB network. > We would like to enable smb2 protocol for performance reasons, but > when we do enable SMB2 (max protocol = SMB2) file transfer speed > drops to 50-60MB/s (one big file) instead of the 80-90MB/s we used > to get before. We noticed when this happens the cpu is at its max > instead of 60-70% when using smb1. > iostat doesn't show any serious load and our raid 10 setup isn't > experience any difficulties. > Using the packages (3.6.13) from EnterpriseSamba we get simular results. > > Is it known enabling smb2 requires a faster cpu and our cpu is > simply not powerfull enough or is there another problem which we > should look into? (Or should we just stick to smb1, because smb2 > isn't worth the trouble?) You should definitely use SMB2. The higher CPU is suprising. You should be able to max out a 1GB network with SMB2 easily. Does Debian support the perf utility to find out what the process does? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Reg License
On Sun, May 12, 2013 at 12:38:09AM +0200, Germ van Ek wrote: > Any update on this. I have not received any details about this. You were saying you have a free App. Is this "free" as in "Free Software"? Any chance to put this under a GPL-compatible license? With best regards, Volker Lendecke > > Thanks > G.L.Narsimhan > > On Tue, 30 Apr 2013 15:24:03 +0530 <laks...@zohocorp.com> wrote > > > > Hi > > We are developing a iPhone app which is a free App and this app will make > connection with windows server and enumerate services. This app uses samba > library. Since the samba library comes under GPL license,We would like to > know how to bundle this library. > > Are there a chance that samba c library will be licensed under LGPL? Or could > someone give use permission to link samba library. > > Thanks, > G. L. Narasimhan > > Product Manager, Free Tools, > www. manageengine.com > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] SAMBA implementation for DOS ?
On Wed, May 08, 2013 at 09:50:30AM +0200, czezz wrote: > Hi, > thank you all for answers. > > @Ged and Neal, > yes - I considered using DOSBox and/or DOSEMU. This is solution that I will > keep away from. > The true is that with DOSBox I dont even need to care about network > configuration and there is enough memory to run required application. > The thing is that my Clipper/dBase application is located on Linux server and > shared with SAMBA. > 8 nodes (PCs/workstations) are connected to that share. If I use DOSbox, then > DOSbox node will always overwrite its changes over dBase/database. Which will > erase changes done by other nodes. > > VirtualBox: as I have written - I have 8 nodes (PCs/workstations). Each of > them needs to communicate to Linux/Samba server where application is shared. > DOS must have samba client. VB wont help that way. > However I do my tests with FreeDOS inside of VirtualBox. > > @Marc - yes, Im playing around that. > So far, on the FreeDOS I have managed to get 485KB of free conventional > memory. Application I need to run requires little bit above 500KB. > MS Client take most of it... nightmare :( > > One last chance might be NFS client for DOS... > But I was just hoping that there is some old/discontinued Samba project for > DOS. Is mars_nwe still alive? The Novell client uses less memory than the MSClient thingy. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Latest winbind creating fault
Hi! Maybe you want to take a look at https://bugzilla.samba.org/show_bug.cgi?id=9854 which sounds pretty similar. Thanks, Volker On Tue, May 07, 2013 at 08:04:08AM -0500, Taylor, Jonn wrote: > On 05/02/2013 04:05 AM, Bjoern Baumbach wrote: > >Dear Dimitri, > > > >thank you for reporting this issue. > > > >Unfortunately your posted backtrace does not include the needed debug > >symbols. To get these information you can install the SerNet > >samba3-debuginfo package on your system. After the installation you can > >run the following to get a full backtrace: > > > >gdb /usr/sbin/winbindd var/log/samba/cores/winbindd > >(gdb) bt full > > > >Best regards, > >Björn Baumbach > > > >On 05/01/2013 02:24 PM, Dimitri Yioulos wrote: > >>All, > >> > >>Yesterday morning, I updated samba from samba3-3.6.13-45 to > >>samba3-3.6.14-45 (obtained from sernet) on a couple of > >>CentOS 5.9 boxes. As soon as users started access these > >>boxes, one of my sensors detected a winbind error, as in: > >> > >>Apr 30 08:19:36 norwell winbindd[13283]: INTERNAL ERROR: > >>Signal 11 in pid 13283 (3.6.14) > >> > >>Here's what appears in syslog: > >> > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.667710, 0] lib/fault.c:47(fault_report) > >>Apr 30 08:19:36 norwell winbindd[8938]: > >>=== > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.670612, 0] lib/fault.c:48(fault_report) > >>Apr 30 08:19:36 norwell winbindd[8938]: INTERNAL ERROR: > >>Signal 11 in pid 8938 (3.6.14) > >>Apr 30 08:19:36 norwell winbindd[8938]: Please read the > >>Trouble-Shooting section of the Samba3-HOWTO > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.671113, 0] lib/fault.c:50(fault_report) > >>Apr 30 08:19:36 norwell winbindd[8938]: > >>Apr 30 08:19:36 norwell winbindd[8938]: From: > >>http://www.samba.org/samba/docs/Samba3-HOWTO.pdf > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.671456, 0] lib/fault.c:51(fault_report) > >>Apr 30 08:19:36 norwell winbindd[8938]: > >>=== > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.671683, 0] lib/util.c:1117(smb_panic) > >>Apr 30 08:19:36 norwell winbindd[8938]: PANIC (pid 8938): > >>internal error > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.675330, 0] lib/util.c:1221(log_stack_trace) > >>Apr 30 08:19:36 norwell winbindd[8938]: BACKTRACE: 17 > >>stack frames: > >>Apr 30 08:19:36 norwell winbindd[8938]:#0 > >>winbindd(log_stack_trace+0x2d) [0x31b655] > >>Apr 30 08:19:36 norwell winbindd[8938]:#1 > >>winbindd(smb_panic+0x7c) [0x31b787] > >>Apr 30 08:19:36 norwell winbindd[8938]:#2 winbindd > >>[0x30b8ce] > >>Apr 30 08:19:36 norwell winbindd[8938]:#3 [0xd39420] > >>Apr 30 08:19:36 norwell winbindd[8938]:#4 winbindd > >>[0x23a080] > >>Apr 30 08:19:36 norwell winbindd[8938]:#5 > >>winbindd(_wbint_LookupRids+0x8a) [0x258d08] > >>Apr 30 08:19:36 norwell winbindd[8938]:#6 winbindd > >>[0x263596] > >>Apr 30 08:19:36 norwell winbindd[8938]:#7 > >>winbindd(winbindd_dual_ndrcmd+0x13a) [0x257a42] > >>Apr 30 08:19:36 norwell winbindd[8938]:#8 winbindd > >>[0x256a0c] > >>Apr 30 08:19:36 norwell winbindd[8938]:#9 winbindd > >>[0x32e432] > >>Apr 30 08:19:36 norwell winbindd[8938]:#10 > >>winbindd(tevent_common_loop_immediate+0x111) [0x32ceed] > >>Apr 30 08:19:36 norwell winbindd[8938]:#11 > >>winbindd(run_events_poll+0x3e) [0x32b095] > >>Apr 30 08:19:36 norwell winbindd[8938]:#12 winbindd > >>[0x32b80f] > >>Apr 30 08:19:36 norwell winbindd[8938]:#13 > >>winbindd(_tevent_loop_once+0x9d) [0x32bd2d] > >>Apr 30 08:19:36 norwell winbindd[8938]:#14 > >>winbindd(main+0xd32) [0x22e303] > >>Apr 30 08:19:36 norwell winbindd[8938]: > >>#15 /lib/libc.so.6(__libc_start_main+0xdc) [0xdc0ebc] > >>Apr 30 08:19:36 norwell winbindd[8938]:#16 winbindd > >>[0x22b111] > >>Apr 30 08:19:36 norwell winbindd[8938]: [2013/04/30 > >>08:19:36.677068, 0] lib/fault.c:372(dump_core) > >>Apr 30 08:19:36 norwell winbindd[8938]: dumping core > >>in /var/log/samba/cores/winbindd > >>Apr 30 08:19:36 norwell winbindd[8938]: > >> > >>Unfortunately, I was unable to do any further debugging. > >> > >>This morning, I rolled back installation to > >>samba3-3.6.13-45, and the problem has gone away. > >> > >>Bug in latest version on sernet? > >> > >>Dimitri > >> > I am having the same problem, CentOS 5.9 x86_64. There is no debug > out, even with the package installed. > > May 5 09:42:24 pdc winbindd[31423]: [2013/05/05 09:42:24.846767, 0] > lib/fault.c:47(fault_report) > May 5 09:42:24 pdc winbindd[31423]: > === > May 5 09:42:24 pdc winbindd[31423]: [2013/05/05 09:42:24.847073, 0] > lib/fault.c:48(fault_report) > May 5 09:42:24 pdc winbindd[31423]: INTERNAL ERROR: Signal 11 in > pid 31423
Re: [Samba] Ask For Help About SMB3
Hi! "Secure data transfer with SMB encryption" works, everything else is being worked on. With best regards, Volker Lendecke On Wed, Apr 03, 2013 at 02:21:27PM +0800, Yan Lei wrote: > Hi, > > Sorry for troubling you, but I got a question and need your help. > Now Samba 4.0 has been released, and it supports SMB3 protocol. > SMB3 has several new features, such as > SMB Scale Out > SMB Direct (RDMA) > SMB Multichannel > Transparent Failover > VSS for SMB file shares > Secure data transfer with SMB encryption > Faster access to documents over high latency networks with SMB > Directory Leasing > SMB Ecosystem > > I wonder which of these new features have been implemented on > Samba 4.0. Waiting for your reply, thanks a lot. > > Best Regards. > Yan > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WARNING to those running Samba on OpenIndiana or other Illumos based systems with > 16 groups
On Wed, Apr 24, 2013 at 10:31:20AM +1000, Andrew Bartlett wrote: > Just a heads-up, because this bug took me absolutely ages to chase down, > and I want to save others the same pain. Yep, same here. A customer ran into this and we stared at that for ages. Björn Jacke figured this out together with someone from Oracle. It is a Solaris issue as well, fixed with current Solaris patchsets. It's one of the very, very rare cases where we actually have a kernel bug. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Pruning embedded samba 3.6 installation
Start with only smbd and depending on your configuration the VFS modules. Depending on whether you need NetBIOS, you might also need nmbd. Please try to avoid security=share if at all possible. If you have just a fixed password, you can prepare a smbpasswd file externally, so that you can also ditch the smbpasswd binary. Hope that helps, Volker On Wed, Apr 10, 2013 at 10:18:01PM -0700, Paul D. DeRocco wrote: > I'm using the Yocto Project to build an embedded distro, to which I'm adding > Samba 3.6 from OpenEmbedded. Doing so increases my root file system from > about 63MB to 175MB. I seem to be building a large Samba server with a small > ancillary operating system tacked onto it. > > I listed the files in my file system image, and see that lots of the > commands are quite large. I understand that Samba 4 is better behaved in > this way, but writing my own bitbake recipe to include such a large complex > system is waaay beyond me, so I have to wait until someone else does it. I > can, however, figure out how to prune various unneeded files from the image > to make it smaller. > > But what's unneeded? I'd like to know what commands will NEVER be used if I > don't explicitly invoke them myself. That is, commands that aren't invoked > from init scripts, or by smbd and nmbd, or by other commands. (And what > shared libraries won't be used, although they're typically a lot smaller.) > I'm running a simple standalone server with a single file share using share > level security, and one password for anonymous access. It assumes a remote > DHCP server, and needs to appear on Windows systems under a particular name, > and be browsable. I don't need a client, it won't be part of a domain, it > won't be a WINS server, and so on. Its configuration will never change, > other than possibly the machine name, the workgroup name, and the single > password used to access the share. > > These are most of the files, and their sizes. I'm not sure all of these are > really part of Samba, but they all got added as a result of adding the OE > Samba package. They add up to about 83MB, and if I could cut that in half, > that would be a big win. Any guidance as to what I could prune would be > greatly appreciated. > > 1800096 usr/bin/eventlogadm >4607 usr/bin/findsmb > 8351180 usr/bin/net > 1526820 usr/bin/nmblookup > 1826880 usr/bin/pdbedit > 1465348 usr/bin/profiles > 7457348 usr/bin/rpcclient > 1440772 usr/bin/sharesec > 5946532 usr/bin/smbcacls > 5979364 usr/bin/smbclient > 1465604 usr/bin/smbcontrol > 5942436 usr/bin/smbcquotas > 6200476 usr/bin/smbget > 5966980 usr/bin/smbpasswd > 3284036 usr/bin/smbspool > 1514500 usr/bin/smbstatus >4910 usr/bin/smbtar > 1440736 usr/bin/smbta-util > 5872800 usr/bin/smbtree > 30216 usr/bin/tdbbackup > 26064 usr/bin/tdbdump > 30180 usr/bin/tdbrestore > 34600 usr/bin/tdbtool > 1444868 usr/bin/testparm > 166092 usr/bin/udevadm >1024 usr/lib/auth >9476 usr/lib/auth/script.so >1024 usr/lib/charset >5356 usr/lib/charset/CP437.so >5356 usr/lib/charset/CP850.so > 15 usr/lib/libtdb.so.1 > 87516 usr/lib/libtdb.so.1.2.9 > 62908 usr/lib/libwbclient.so.0 > 131072 usr/lib/lowcase.dat > 131072 usr/lib/upcase.dat > 65536 usr/lib/valid.dat >1024 usr/lib/vfs > 30704 usr/lib/vfs/acl_tdb.so > 26612 usr/lib/vfs/acl_xattr.so > 18256 usr/lib/vfs/aio_fork.so > 10052 usr/lib/vfs/audit.so > 18316 usr/lib/vfs/cap.so > 18320 usr/lib/vfs/catia.so >5908 usr/lib/vfs/crossrename.so >5848 usr/lib/vfs/default_quota.so > 1 usr/lib/vfs/dirsort.so > 10004 usr/lib/vfs/expand_msdfs.so > 14184 usr/lib/vfs/extd_audit.so >5844 usr/lib/vfs/fake_perms.so > 47432 usr/lib/vfs/full_audit.so >9976 usr/lib/vfs/linux_xfs_sgid.so > 14160 usr/lib/vfs/netatalk.so > 10064 usr/lib/vfs/preopen.so >9972 usr/lib/vfs/readahead.so > 18244 usr/lib/vfs/readonly.so > 22384 usr/lib/vfs/recycle.so > 26516 usr/lib/vfs/scannedonly.so > 30676 usr/lib/vfs/shadow_copy2.so > 10004 usr/lib/vfs/shadow_copy.so > 22460 usr/lib/vfs/smb_traffic_analyzer.so > 18296 usr/lib/vfs/streams_depot.so > 22424 usr/lib/vfs/streams_xattr.so > 10032 usr/lib/vfs/syncops.so > 43188 usr/lib/vfs/time_audit.so > 22388 usr/lib/vfs/xattr_tdb.so >7288 usr/sbin/genl-ctrl-list > 10668 usr/sbin/nl-class-add >9428 usr/sbin/nl-class-delete >7376 usr/sbin/nl-classid-lookup >8824 usr/sbin/nl-class-list > 10596 usr/sbin/nl-cls-add >9920 usr/sbin/nl-cls-delete >9516 usr/sbin/nl-cls-list >8760 usr/sbin/nl-link-list >8628 usr/sbin/nl-pktloc-lookup >9972 usr/sbin/nl-qdisc-add >9572 usr/sbin/nl-qdisc-delete > 10028 usr/sbin/nl-qdisc-list > 3488896 usr/sbin/nmbd > 9822288 usr/sbin/smbd > > -- > > Ciao, Paul D. DeRocco > Paulmailto:pdero...@ix.netcom.com > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba crash (while logging in as administrator?)
On Wed, Apr 10, 2013 at 09:26:45PM -0500, Nick Semenkovich wrote: > I just had samba4 (git 69b3d19 from yesterday) crash while logging in as > administrator. > > The login stalled, and on the samba4 AD DC, winbind stopped responding -- > "getent passwd" stopped showing the domain entries, and commands that > showed some samba users (e.g. "ls" in a directory with domain owners, > "htop", etc.) would hang. > > > dmesg shows: > > traps: samba[3728] trap invalid opcode ip:7fbaaff2e780 sp:7fff6859f158 > error:0 in libservice.so[7fbaaff29000+7000] > > > I'll follow up if I can reproduce this, just wanted to start a thread in > case anyone else sees this. Is there any way we can get a backtrace from this? Also, which platform are you running on? "invalid opcode", that kindof sounds like a compiler bug. I know that usually all compiler "bugs" turn out to be just plain program defects, so would it be possible that you run it under valgrind, just to make sure we don't overwrite memory we are not supposed to overwrite? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] stat between reads
On Fri, Mar 22, 2013 at 02:28:34PM -0700, Jeremy Allison wrote: > On Fri, Mar 22, 2013 at 02:07:29PM -0700, Jeremy Allison wrote: > > On Fri, Mar 22, 2013 at 05:24:20PM +0100, Volker Lendecke wrote: > > > If I see it right, we could avoid most of those calls. > > > First, they are only relevant to see whether we can do > > > sendfile. That choice is racy, we first look and have to > > > deal with the mess if we have a short read afterwards > > > anyway. > > > > > > Jeremy, what do you think? Only do that stat call in the > > > sendfile if-branch, and there only if the read call in > > > question would go beyond what we currently have in > > > st.st_ex_size? > > > > Yes we could certainly make that change. It's not > > relevent in the non-sendfile read path but we'd have to be > > careful about not doing it by checking the existing > > fsp->fsp_name->st.st_ex_size, as I don't think we > > update that on an ftruncate call. > > > > My worry would be (to one single smbd): > > > > open 1mb file > > ftruncate to 10k > > readX of 50k at offset 0. > > > > Unless the ftruncate call updates fsp->fsp_name->st.st_ex_size > > then we'll return 10k of real data + 40k of zeros if > > sendfile is turned on, rather than a correct short read of > > 10k. > > > > Let me look at the code some and revisit this. > > Yep, I was right. This would be a problem (ftruncate > and other file-size changing calls don't automatically > update the st_ex_size on an fsp). > > > Moving the fstat and ISREG check to the use_sendfile() > > path is an obviously correct no brainer though. > > And here is that patch. Should apply cleanly to > 4.0.x and 3.6.x (with a few offsets). I'm testing > here and will propose as an official optimization > if 'make test' passes locally. >From a quick glance this looks exactly like what I had in mind. Thanks! Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] stat between reads
On Fri, Mar 22, 2013 at 03:18:53PM +0100, Frank Kautz wrote: > Hello, > > when re-exporting the parallel (network) file-system FhGFS, I noticed a > significantly reduced read performance. In the output of strace, I see a > stat call between the reads of the blocks of a file. In a network based > file system a stat could be expensive. I looked into the source code and > I think the stat is done in the method send_file_readX() (file: > source3/smbd/reply.c) which calls fsp_stat(). What is the reason for > this stat? Is it possible to disable this stat by a configuration option > or just avoid it in the code? If I see it right, we could avoid most of those calls. First, they are only relevant to see whether we can do sendfile. That choice is racy, we first look and have to deal with the mess if we have a short read afterwards anyway. Jeremy, what do you think? Only do that stat call in the sendfile if-branch, and there only if the read call in question would go beyond what we currently have in st.st_ex_size? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windbindd / AD / DNS Updates
On Thu, Mar 21, 2013 at 10:18:01AM +0100, Michael Arndt wrote: > Hello * > > Volker, thank you for your fast help / answer :-) !!! > > different question: > > is there a (nonzero possibility, that an vendor provided samba ( SLES11 SP1 ) > could try to trigger DNS Updates, in spite of the server role cited below: > > testparm > Load smb config files from /etc/samba//smb.conf > Server role: ROLE_DOMAIN_MEMBER > > even if no DNS related config is done, and thus > /etc/resolv.conf configuration is the used method > > Or can this possibility completely be rejected and i talk nonsense ? Yes, that is possible. I think net ads join will try to do that. Winbind won't. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] windbindd / AD / machine password
On Thu, Mar 21, 2013 at 09:04:10AM +0100, Michael Arndt wrote: > would samba / winbindd try to refresh the machine password > in an AD / Kerberos Environment ? Yes. See the "machine password timeout" parameter. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Slow navigation on samba share
On Mon, Mar 18, 2013 at 11:31:37AM +0100, johannes.r...@wirthwein.de wrote: > hi all, > > I have a problem with some windows 7 pro (64) clients navigating on samba > shares. The user wants to open a folder and then it takes a long time > until it opens. "hide unreadable = yes" might be a problem. Try if it's faster without that. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba panics frequently after being configured for AD authentication
On Fri, Mar 15, 2013 at 10:25:07AM -0600, Chris Kukuchka wrote: > #7 0x7f023cb61844 in _wkssvc_NetWkstaEnumUsers (p=, > r=) > at rpc_server/wkssvc/srv_wkssvc_nt.c:591 Thanks, that helped. See https://bugzilla.samba.org/show_bug.cgi?id=9727 for a patch. Just curious -- what client apps are you using, and can you send a network trace of the app enumerating users? (not required, just informational..) Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba3.5 + OpenLDAP config/install problem
On Mon, Feb 11, 2013 at 05:55:22PM -0800, Wes Modes wrote: > System Summary: > > centos 6.2 > samba 3.5 > smbldap-tools 0.9.6 > openldap 2.4.23 > > Hello, > > I am installing smb 3.5 on a CentOS 6.2 host using smbldap-tools. I've > previously installed a similar configuration on RHEL4 using smb 3.0 but > CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the > configurations cannot be moved straight across. > > Currently, when I attempt to connect to an smb share with a valid ldap > user and group on this host, I get "tree connect failed: > NT_STATUS_ACCESS_DENIED" > > The LDAP server is currently serving as the directory server for the > existing Samba3.0 server. I can connect to the identical share on that > server as that user, so I know the user and group are okay. > > With log level 2, I get: > > [2013/02/11 17:11:00.701864, 2] > lib/smbldap.c:950(smbldap_open_connection) > smbldap_open_connection: connection opened > [2013/02/11 17:11:00.704794, 2] > passdb/pdb_ldap.c:572(init_sam_from_ldap) > init_sam_from_ldap: Entry found for user: wmodes > [2013/02/11 17:11:00.735092, 2] auth/auth.c:304(check_ntlm_password) > check_ntlm_password: authentication for user [wmodes] -> [wmodes] > -> [wmodes] succeeded > [2013/02/11 17:11:00.735608, 1] > passdb/pdb_ldap.c:2569(ldapsam_getgroup) > ldapsam_getgroup: Duplicate entries for filter > (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-544)): count=2 You should try again after removing one of those two entries with S-1-5-32-544. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba panics frequently after being configured for AD authentication
On Wed, Mar 13, 2013 at 02:13:47PM -0600, Chris Kukuchka wrote:
> Hello,
>
> I had just completed reconfiguring Samba so it would
> authenticate against Active Directory. After user side
> testing seemed successful, I found the log directory on
> the server was growing quickly and abrtd emails were being
> sent out. Unfortunately, I have been unable to track down
> the cause for these panics and I am looking for help.
If you happen to have one of the core files left, can you
get us a full backtrace ("bt full" in gdb) with symbols, so
that we can see the line numbers and local variables? You
might have to install debuginfo RPMs for Samba.
With best regards,
Volker Lendecke
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd performance tunning?
On Thu, Mar 14, 2013 at 01:25:06AM +0800, xx77009833 wrote: > Winbindd version is 3.5.8, it runs on a 8 core CPUs > machine, and my DC(win2k8) runs on a 4 core CPUs machine. > "performance is slow" means, the transaction per second is > around 200. I think it is slow and should be better. 200 ntlm auth requests per second is not too bad in 3.5.8 I guess. 3.6.12 has a "winbind max domain connections" which allows you to open more than one connection to the DC. You should try that. > The CPU usage of winbindd is not high. I suspect that > winbindd doesn't processing the request in parallel or it > is blocked by some internal synchronous operation. But I > am not sure. > Till now, I have not profiled winbindd to find where the time is spent.. My guess would be that it's the DC. Can you wireshark the network to the DC and analyze the response time there? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbindd performance tunning?
On Wed, Mar 13, 2013 at 11:51:25AM +0800, xx77009833 wrote: > Hi, > > > Thanks in advanced. > > > I have written a winbindd client which communicates with winbindd to do NTLM > authentication. > However, it seems that the performance of winbindd is low. > I have two questions. > 1. seems winbindd is asynchronous? If yes, I think its > performance should be higher. > 2. do you any suggestion of winbindd performance tunning? > Is there any configuration item or anything useful? What version are you using? What exactly is slow? Is winbind chewing CPU? Have you measured where the time is spent? It might well be the DC or the network is slow. We need more information here. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Share size limits NFS file transfer
On Sat, Feb 16, 2013 at 03:42:58PM +, Kristian Davies wrote: > My samba server has a 1GB partition on which I have a bunch of > symlinks to the correct storage via NFS - there are completely valid > reasons for this. Unfortunately clients see the share size as 1GB > rather than the 200TB cluster that's attached via NFS and thus I can't > copy over a 2GB file. > > Is there anyway to fake the advertised share size on a per share basis > (clients can't write to the local partition anyway) - my google foo > hasn't led me to the answer. Take a look at the "dfree command" in the smb.conf. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de ** visit us at CeBIT: March 5th - 9th 2013, hall 6, booth E15 all about SAMBA and verinice, firewalls, Linux and Windows free tickets available via email here : ce...@sernet.com ! ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Group Policy Linux Machines
On Fri, Feb 01, 2013 at 04:31:00PM -0600, Gregory Carter wrote: > Replace ibus with dbus in my comments. > > I am having issues with ibus (Fedora 18) right now writing a letter in > Chinese, and it was on my mind. freeipa.org, is that something for you? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de ** visit us at CeBIT: March 5th - 9th 2013, hall 6, booth E15 all about SAMBA and verinice, firewalls, Linux and Windows free tickets available via email here : ce...@sernet.com ! ** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT_STATUS_NO_MEMORY when browsing file server on Belkin modem
On Sun, Jan 13, 2013 at 11:51:23AM +0100, Volker Lendecke wrote:
> On Sun, Jan 13, 2013 at 12:57:44PM +1100, Jonathan Schultz wrote:
> > Thank you for your help.
> >
> > >What we need are comparative network traces from accessing
> > >the box via windows and smbclient.
> >
> > I've generated two traces for comparison:
> >
> > https://dl.dropbox.com/u/2083295/linux-fails.cap
> > https://dl.dropbox.com/u/2083295/windows-works.cap
>
> The attached patch to Samba master might fix this. What is
> your Samba version? I did not find this in the initial
> posting.
>
> Volker
>
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-37-0, fax: +49-551-37-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de, mailto:kont...@sernet.de
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
From d691cb15887770f96bc99937e9e2441c1e4db36b Mon Sep 17 00:00:00 2001
From: Volker Lendecke
Date: Sun, 13 Jan 2013 11:49:36 +0100
Subject: [PATCH] smbclient: use 0x260 for trans2 find always
---
source3/libsmb/clilist.c |3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c
index 056494e..2024aa4 100644
--- a/source3/libsmb/clilist.c
+++ b/source3/libsmb/clilist.c
@@ -953,8 +953,7 @@ NTSTATUS cli_list(struct cli_state *cli, const char *mask,
uint16 attribute,
goto fail;
}
- info_level = (smb1cli_conn_capabilities(cli->conn) & CAP_NT_SMBS)
- ? SMB_FIND_FILE_BOTH_DIRECTORY_INFO : SMB_FIND_INFO_STANDARD;
+ info_level = SMB_FIND_FILE_BOTH_DIRECTORY_INFO;
req = cli_list_send(frame, ev, cli, mask, attribute, info_level);
if (req == NULL) {
--
1.7.3.4
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT_STATUS_NO_MEMORY when browsing file server on Belkin modem
On Sun, Jan 13, 2013 at 12:57:44PM +1100, Jonathan Schultz wrote: > Thank you for your help. > > >What we need are comparative network traces from accessing > >the box via windows and smbclient. > > I've generated two traces for comparison: > > https://dl.dropbox.com/u/2083295/linux-fails.cap > https://dl.dropbox.com/u/2083295/windows-works.cap The attached patch to Samba master might fix this. What is your Samba version? I did not find this in the initial posting. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 on AIX with XLC
On Sat, Jan 12, 2013 at 01:09:55AM +, Benjamin Huntsman wrote: > >Those should have been linked into smbd directly as configure on AIX > >adds vfs_aixacl to the list of modules to be compiled statically. > > > >Would you mind opening a bug on https://bugzilla.samba.org for tracking? > > > >Cheers, > >Christian > > Hi there! >Thanks for the reply! >I have added Bug 9557: https://bugzilla.samba.org/show_bug.cgi?id=9557 > >Any chance it'll be patched by the end of next week? :) har har. > >In the mean time, I think I'm going to revert to trying to build the most > recent stable version of Samba 3.6.x. >I'll happily provide whatever data I can and assist with testing to get > Samba 4 building and running on AIX... Just let me know. Quick remark: if 3.6 is an option for you, then you seem to be happy with just the file server without a DC. For that, the autoconf based build system in source3 should still work the same as it did in 3.6. This will not build the AD DC however. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Switching between
On Fri, Jan 11, 2013 at 12:59:08PM -0800, Jeremy Allison wrote: > On Fri, Jan 11, 2013 at 08:31:57PM +, Steve Tice wrote: > > Jeremy Allison samba.org> writes: > > > > > > > > There's no code in Samba to do this unless you're doing it > > > via a client. > > > > > > You could write custom code to pull the data out of the tdb > > > and re-store as EA's on the files, but that's outside the scope > > > of the tools we provide. > > > > > > Jeremy. > > > > Thanks Jeremy for confirming what I expected. I imagine the best > > documentation for writing such a migration would be the source > > for the VFS modules. Are there any other places to look for such > > info? For example, something that shows how to fetch a record from > > a TDB, and something that shows how to store ACL data in an EA. > > No, this is all in the source code and that's where you'll > have to look I'm afraid. The tdb library documentation will > tell you how to fetch the tdb records - the tdb key will be > hashed device/inode number. As a side note, just wildly brainstorming: I would guess that there's a lot of duplicate acls in the tdb. Might an a bit more complex scheme with refcounted acls and pointers be possible? Maybe with an offline dedup tool or some scheme based on a hash value of the secdesc blob? The inode just points at the hash value of the secdesc blob, behind the hash we have the refcounted secdesc itself. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT_STATUS_NO_MEMORY when browsing file server on Belkin modem
On Fri, Jan 11, 2013 at 02:45:15PM +1100, Jonathan Schultz wrote: > Hello, > > Can someone help me to track down the source of this problem? I'm > trying to access a file server running on a Belkin modem with an > attached USB drive. Judging my the quality of the firmware on the > device, I'd say there's a good chance of it being buggy. But it > works well enough on a Windows machine, even one running inside > Virtualbox under Linux. I therefore see no reason why it shouldn't > work using a Samba client. > > When I try to connect using smbclient, I can connect OK, and put and > retrieve files. But if I try to browse the share using 'ls' or 'du', > it returns immediately something like 'NT_STATUS_NO_MEMORY listing > *' So I can't get a directory listing of the share, which pretty > much makes it useless. > > Interestingly, when I try to connect to it using XBMC running on my > Apple TV, which I assume incorporates samba pretty much off the > shelf, it also returns an error indicating problems allocating > memory. > > I have enough IT skills to build samba from source and try to > reverse engineer and debug it. I'd just like to benefit from the > experience of others before I go down that path. What we need are comparative network traces from accessing the box via windows and smbclient. See https://wiki.samba.org/index.php/Capture_Packets for info how to do that best. Thanks, Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NAS and 2 active Samba servers / locking not working
On Wed, Jan 09, 2013 at 01:54:28PM +0100, "Björn Matthiessen" wrote: > Hi, > > I have one NAS which I can access via NFS or Samba. > This storage is accessed by 2 linux servers with Samba where I re-export the > NAS share. This is sort of an active/active loadbalancing cluster. > The only thing not working is locking... If a client opens a Word-File via > server1 and another opens the same via server2 it won't inform the user that > he can only open the file readonly. > I was hoping, that the NFS server will tell Samba that the file is already in > use (rw) - didn't happen. > When I switched from NFS to Samba on the NAS and checked the NAS-Server, > Server1 and Server2 with smbstatus I see the following: > NAS: > Locked files: > Pid UidDenyMode Access R/WOplock > SharePath Name Time > -- > 6893 0 DENY_NONE 0x19b RDWR NONE > /export/storage smbshare/bla/bla1.docx > > Server1: > Locked files: > Pid UidDenyMode Access R/WOplock > SharePath Name Time > -- > 2004 0 DENY_WRITE 0x2019f RDWR NONE > /import/99/smbshare bla/bla1.docx > > Sever2: > Locked files: > Pid UidDenyMode Access R/WOplock > SharePath Name Time > -- > 1442 0 DENY_WRITE 0x2019f RDWR NONE > /import/99/smbshare bla/bla1.docx > > Of course every server has its own locking DB but why does the NAS not set > DenyMode to DENY_WRITE I'd hope that this would do the trick... > I also tried to use ctdb on the 2 servers but afaik it'll only work with a > Cluster-FS and not with a NFS or Samba share. At least ping_pong stopped > working as soon as I started it on the 2nd server. > > Does anyone has any idea how I can get file locking working with this setup > (1 NAS and 2 active Samba servers)? Sorry, that won't work. Those problems are the exact reasons why the GFS/OCFS/etc people go through their pains and we go through ours with ctdb and Samba. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 on AIX with XLC
On Tue, Jan 08, 2013 at 07:41:54PM +, Benjamin Huntsman wrote: > >I would ensure gettext is available. That's how it's mostly been > >tested. > > > >Jeremy. > > Hee hee... that worked. Got samba 4 compiled, so, for the record, gettext is > absolutely required. > I also had to use xlC_r (note the capital C) as the > compiler, since XLC will choke on using C++-style comments > in straight C code. Where do we have those comments? I would regard that as a bug in our code. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to Customize VFS Module Error Message?
On Wed, Dec 19, 2012 at 08:34:31PM +0800, Eric Liu wrote: > WRONG_PASSWORD is just an example. Actually I have other failure cases in > other VFS operations. I want specific error message to be displayed at > client side. I don't know if there is a way to do this. It might be possible to enhance the Samba VFS to allow this for all operations. But I doubt this will make SMB clients behave the way you would like them to behave. One example is the write operation: With oplocks Windows tends to do delayes writes. This makes it impossible to timely inform the application of a write failure at all. In case you are not interested in intercepting write, there are certainly many other VFS calls that are subject to this problem. Samba could certainly be better in allowing the VFS to specify the exact error message given to the client, but because we think this only has very limited use in common scenarios, we have not focused on it so far. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to Customize VFS Module Error Message?
On Tue, Dec 18, 2012 at 06:32:12PM +0800, Eric Liu wrote: > I am writing a VFS module. In certain case, I need to set the error number > to NT_STATUS_WRONG_PASSWORD. At the client side, I wish I could see "Wrong > password" as error message. However, what I have seen is "No such device or > address". They look irrelevant at all. > So, here is my question. In VFS module, is there any way to customize the > error message seen at client side? So that the message can actually reflect > what has happened in VFS module. The SMB protocol allows a proper WRONG_PASSWORD message at authentication time. When authentication is done, it is unlikely that clients expect this error and behave according to your requirements. With best regards, Volker Lendecke > > Thanks > Eric > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Client <--> Server Timeout
On Fri, Dec 14, 2012 at 07:40:06PM +0800, Eric Liu wrote: > To be honest, I don't really know clientgen.c. I just see there is a > 2ms there. And I try it and see if I am lucky. Obviously, I am not. > > My issue is still server side. In case that VFS_CLOSE operation takes > longer time than 20s, Samba server shall loads a new module. I don't want > that happens. > As you have mentioned, probably the client side ran into timeout and opened > a new connection. To prevent this happening, I would think the quick > workaround here would be to increase the timeout value at the client side. > But I don't know how to do it. In case you are serving Windows clients, there is no really good way to increase those timeouts. See a recent discussion on samba-techni...@samba.org. In case you are serving Linux clients, you might have a chance by tweaking the cifs.ko module. SMB clients are just not happy with individual operations taking long. SMB is a lot less forgiving than NFS for example is. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Client <--> Server Timeout
On Fri, Dec 14, 2012 at 06:44:56PM +0800, Eric Liu wrote: > Hi Folk, > > Note, I am using Samba 3.5.10. I have tried to change > source3\libsmb\clientgen.c line 591. But it does not work. > cli->timeout = 2 * 360; /* was 2, Timeout in in > milliseconds. */ clientgen.c is a client piece. VFS CLOSE is server side. There is something I am missing in this picture... Can you describe a bit more closely what you are doing? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba Client <--> Server Timeout
On Fri, Dec 14, 2012 at 06:36:58PM +0800, Eric Liu wrote: > I am writing a Samba VFS module. The VFS CLOSE operation takes a longer > time, much greater than 20s, to return. Looks this will cause Samba client > server communication timeout. And Samba will load a new module, which is > not what I want. I want Samba to wait, until VFS CLOSE operation finishes > what it should do. I don't want Samba to load a new module. Can anyone tell > me how/where to change Samba source code to realize this? VFS_CLOSE taking more than 20 seconds is nothing Samba is prepared for at the moment. Very likely it's the client that ran into a timeout and opened a new connection. Can the CLOSE operation you are writing fail at all? If not, can you defer the long-running operations to a forked process and return quickly to the main smbd, faking success? This would be a quick workaround. The real solution would be to make CLOSE asynchronous, see smbd/aio.c for read and write operations. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB / Samba / GFS2 - Performance - with Picture Link
On Thu, Nov 29, 2012 at 09:16:34PM +, Vogel, Sven wrote: > Hi Volker, > > you wrote that ist not so good to set locking = no, why ist hat so? SMB semantics require mandatory locking. If a lock is set, read/write on that region will fail. Applications do depend on this. With locking=no you don't do that. > i thought > > ctdb (locking)--> dlm_controld (locking) or gfs_controld (locking) > > so when i disable locking in samba i dont know how will > this presented to the cluster file system? I thought the > cluster file system will use the locks like this below. > > Ctdb(locking=no) --> gfs2 (locking) The mapping to GFS is completely controlled by "posix locking". ctdb has no business in that, it is only responsible for Samba-internal databases. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB / Samba / GFS2 - Performance - with Picture Link
On Wed, Nov 28, 2012 at 11:11:16AM +, Vogel, Sven wrote: > Hi Volker, > > so i looked fort he brlock.tdb file and its local on each > node. I added "posix locking = no" and "locking = no". I > think it will run now better. I again a strace file to the > server. What do you think? I would not run with locking=no. It will certainly be faster, but it might cause data corruption. > http://dev.kupper-computer.com/intern/smbd_no_locking.txt > > I also added > > fileid:algorithm = fsname > vfs objects = fileid > > for gfs2 whats better fsid or fileid? Dunno, I never used GFS2, sorry. RedHat ships a cluster product with GFS2 and Samba, maybe they have a recommendation. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB / Samba / GFS2 - Performance - with Picture Link
On Tue, Nov 27, 2012 at 03:50:40PM +, Vogel, Sven wrote:
> Hi Volker,
>
> thanks for the fast reply. So used the strace command. I am not so a strace
> specialist but is it possible that the problem are the many polls?`
>
> 12513 15:33:24.593065 poll([{fd=9, events=POLLIN|POLLHUP}, {fd=7,
> events=POLLIN|POLLHUP}, {fd=40, events=POLLIN|POLLHUP}, {fd=32,
> events=POLLIN|POLLHUP}, {fd=34, events=POLLIN|POLLHUP}], 5, 4436) = 1
> ([{fd=32, revents=POLLIN}]) <0.002497>
> 12513 15:33:24.595615 read(32, "\0\0\0T", 4) = 4 <0.17>
>
> i added a link to the strace. I dont see which syscalls take long. There are
> such many syscalls in any second so i dont know whats normal. :-|
>
> http://dev.kupper-computer.com/intern/smbd.txt
>
> Did you have any idea?
One question -- do you have your brlock.tdb on gfs? If so,
move them to a local file system, they will be taken care of
by ctdb. Your fcntl calls on that seem slow. Also, you might
want to try "posix locking = no". There is a call at
timestamp 15:32:47.383963, 1.9 seconds to find out whether a
range is locked. That shows that at this point in time GFS
was busy regarding fcntl locks. Also, your network or your
client seems to have a problem. For example at timestamp
15:32:51.837717 we are waiting 30 milliseconds for a new
request from the client. This is very long for a client
continuously trying to write.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CTDB / Samba / GFS2 - Performance - with Picture Link
On Tue, Nov 27, 2012 at 01:00:49PM +, Vogel, Sven wrote: > Hello, > > maybe there is someone they can help and answer a question why i get these > network screen on my ctdb clusters. I have two ctdb clusters. One physical > and one in a vmware enviroment. > > So when i transfer any files (copy) in a samba share so i get such network > curves with performance breaks. I dont see that the transfer will stop but > why is that so? can i change anything or does anybody know which ist he > problem? > > > http://dev.kupper-computer.com/intern/transfer_network.jpg Do a strace -ttT -f -o /tmp/smbd.strace -p and see in /tmp/smbd.strace which syscalls take long. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cannot modify files on client
On Mon, Nov 26, 2012 at 12:06:50PM +0100, Dietrich Hentschel wrote: > hi again, > > thank you for answer. > > > On 25.11.2012 20:01, Gary Dale wrote: > >When you are using samba to connect, the user, group and file permission > >get passed through it. Rather than trying to force a particular user, > >try mapping the Windows (samba) user to the local (server) user tommy. > > > > I added in [global] "username map", but it do not work. > > > [global] > workgroup=WORKGROUP > security=share If possible, avoid security=share. This is deprecated for a while now. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Moving file after transfer
On Wed, Nov 21, 2012 at 08:07:39AM -0800, Ovidiu Barzan wrote: > Hi, > > I\m writing a VFS module that needs to move a file, after > it is transferred, to a folder that is not shared. > The shared folders that use this VFS module are used to > sent files for processing by another application. The > module signals the application that it has work to do and > moves the file. > > So far I've been using the last close call, moving the > file after doing SMB_VFS_NEXT_CLOSE(). > When moving the file an error is displayed on MAC. > > My question is: > > Is there a better way then the close call to know when a > client is done with the file, and it's safe to move it? Wait a minute or two after the last close? I don't think there is a really bullet-proof way over which the client tells the server it's done with the file. The protocol has no operation for that. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] S4rc5 configure warning - CHECK_SRVIDS control missing
On Sat, Nov 17, 2012 at 04:13:01PM -0500, Thomas Simmons wrote: > Hello, > > I'm receiving the following warning when building S4rc5 on CentOS 6.3. I > have installed the ctdb and ctdb-devel (1.0.114.3 > ) packages included with CentOS. The only thing I could find on Google is > someone with the same problem around a year ago, but that went unanswered. > Thanks for any help! > > building without cluster support: CHECK_SRVIDS control missing Either get a newer ctdb or configure Samba with --enable-old-ctdb. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] wins: no nmblookup on 192.168.1.255 but 192.168.1.2
Hello! On Sun, Oct 14, 2012 at 11:06:10AM +0200, Rieker Flaik wrote: > Hi, > > here is a client computer and a server computer (Debian Wheezy, armel, > samba Version 3.6.6, IP address: 192.168.1.2, Name: xyz). > > Problem: wins doesn't answer nmblookups by the client on the broadcast > address: > > client$ nmblookup -S xyz > querying xyz on 192.168.1.255 > name_query failed to find name xyz We have exactly the same setup here. I can't reproduce it. I would assume that your network interfaces are not correctly detected by nmbd, or the broadcast address on the wins server is not correctly set in the interface. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Directories recursive deletion problem
On Fri, Oct 19, 2012 at 03:25:29PM +0200, Pierre Evenou wrote: > Hi all, > > We are trying to export RozoFS (a scale out nas, see www.rozofs.org) with > Samba to windows clients, but we're facing a strange behavior. > > While every thing sounds good, windows 7 explorer fails to delete > directories recursively. > > We create a directories foo/bar on the share, if we suppress foo with the > explorer, bar is suppressed but not foo (do it twice and you're done), on > the other hand in Windows CMD, rmdir /S foo works perfectly (as with linux > and OS X (10.5 and 10.6 at least) clients). > > The test has been done with Samba 3.5.6 (debian squeeze) and 3.6.6 (debian > wheezy). smbd logs ant tracing smbd with strace gives almost the same for > Explorer and CMD. > > Any idea will be really helpfull. It probably comes down to compare the log.smbd and strace from the rozofs share to what the same smbd shows on an ext4 mount. Samba might have subtle assumptions about file system behaviour that rozofs does not exactly the same way that ext4 does. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] API function for net join
On Wed, Oct 17, 2012 at 04:35:17PM +0300, Ovidiu Barzan wrote:
> Is there an API function for C as an alternative to calling "net ads
> join " from shell?
> I'm trying not to use a system call like popen("net ads join ...","r");
> because there are some problems with finding the reason for a failed join:
> - Linux exit codes are limited to 8 bites so the net command return value
> is of no help.
> - Parsing the command output seems unreliable since the text could change
> from one version to another.
You might try libnet_Join() from source3/libnet/libnet_join.h.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-37-0, fax: +49-551-37-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kont...@sernet.de
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Why smbd (version 4.1.0) uses source3/smbd/server.c not source4/smbd/server.c
Hello! Would it be possible that you give us a broader picture of what you want to achieve? You seem to be running latest code in configurations that are vastly different from what the Samba Team supports. If you could tell us more about your goals, we might be able to help you and recommend a configuration that does what you need. With best regards, Volker On Fri, Sep 28, 2012 at 05:45:01PM -0700, Jun Yi wrote: > Dear everybody, > > Could anybody told me the reason? Does the code of samba 3 and samba 4 mix > together in the master branch. > How can I let smbd be compiled from source4/smbd/server.c? > > Thanks and Have a good weekend > > Jun > > The following is what I got from the command line: > > junyij-2.desktop$ ./smbd > [2012/09/28 17:36:18, 0] ../lib/util/debug.c:592(reopen_logs_internal) > Unable to open new log file '/usr/local/samba/var/log.smbd': Permission > denied > [2012/09/28 17:36:18, 0] ../source3/lib/dumpcore.c:249(dump_core_setup) > Unable to setup corepath for smbd: Operation not permitted > [2012/09/28 17:36:18, 0] ../lib/util/debug.c:592(reopen_logs_internal) > Unable to open new log file '/usr/local/samba/var/log.smbd': Permission > denied > [2012/09/28 17:36:18, 0] ../source3/smbd/server.c:1182(main) > smbd version 4.1.0pre1-DEVELOPERBUILD started. > Copyright Andrew Tridgell and the Samba Team 1992-2012 > [2012/09/28 17:36:18, 0] ../source3/smbd/server.c:1197(main) > error opening config file '/usr/local/samba/etc/smb.conf' > > > junyij-2.desktop$ ./smbd -V > Version 4.1.0pre1-DEVELOPERBUILD > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba developer in Greece?
On Wed, Sep 26, 2012 at 01:24:10PM +0300, Charalampos Anargyrou wrote: > Are there any Samba developers in Greece that I can contact? As far as I know there are no Samba Team people in Greece, but there's a lot of people in a very similar timezone, i.e. Germany. All of them speak english. There might certainly Samba developers in Greece that have not made themselves known on any lists yet. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Permission denied error while connecting to EMC CIFS server
On Thu, Sep 13, 2012 at 10:27:24AM -0700, Jeremy Allison wrote: > On Thu, Sep 13, 2012 at 03:36:14AM -0700, naga_kishore_komm...@yahoo.com > wrote: > > Hi, > > I'm getting "Permission denied" error while connecting to a EMC cifs share > > from samba client on unix machine. > > Looking at the packet capture it is observed that samba client is > > authenticating with "anonymous" instead of the user name that has been > > provided. > > Here are flags received from EMC server as part of "Session Setup AndX > > Response, NTLMSSP_CHALLENGE, NTLMSSP_CHALLENGE, Error: > > STATUS_MORE_PROCESSING_REQUIRED" packet. After this, client connected to > > EMC server with "anonymous" instead of given username. > > Any help? > > What would be more useful is a debug level 10 from the smbclient. ... together with a real raw network trace. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.0.14a works with ldapsam backend but not 3.5.10-125.el6
On Mon, Sep 10, 2012 at 10:38:01AM -0400, Qing Chang wrote: > > On 04/09/2012 4:03 PM, Volker Lendecke wrote: > >On Tue, Sep 04, 2012 at 03:59:25PM -0400, Qing Chang wrote: > >>If I understand right, as a STANDALONE server, Samba should only care > >>about finding and > >>authenticating againt a matching uid to Windows username on the samba > >>server (which > >>uses LDAP), and then using the uid and gid(s) to provide shared resources, > >>which is the > >>behavior observed with 3.0.14a, but not with 3.5.10-125.el6. > >> > >>In fact, SID never matters with 3.0.14a, I have populated all users with > >>the same SIDs and > >>3.0.14a has been serving shares for years. > >Well, Samba has moved on to put more emphasis on SIDs. If > >that does not match your requirements, you should better > >stick with 3.0.14a and find someone from > >http://samba.org/samba/support to maintain it for you. > so which is the highest version that does not require strict SID check? The main switch came with 3.0.25. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Hide empty Samba shares?
On Wed, Sep 05, 2012 at 09:12:11PM -0500, Stan Hoeppner wrote: > On 9/5/2012 9:23 AM, Sam Bulka wrote: > > Stan Hoeppner hardwarefreak.com> > >> > >> Samba is not MS Windows. Just because a feature exists in MS Windows > >> does not make it "basic" translated "expected" in other platforms. If > >> you were a long time Samba/*nix user and switched to MS Windows you'd > >> have the same complaint in reverse (though there are few such defections). > > > > Samba was initially developed by watching Windows network protocol to allow > > share files btw Linux and Windows. Of course its expected to offer basic > > features Windows users are used to when sharing files with Windows. > > Yes, of course, and it does. But you're missing the point. The feature > in question isn't part of the SMB/CIFS protocol stack, thus Samba can't > duplicate it. It's an operating system specific feature implemented in, > and unique to, MS Windows. Microsoft controls both their SMB/CIFS code > stack and their operating system code. Thus they are free to create > internal proprietary interfaces between the two that provide unique > functionality. > > The Samba team doesn't control the Linux, *BSD, AIX, Solaris, etc > operating system code, so they can't simply add the interfaces to each > OS that are necessary to implement what you call the "basic" > functionality that Microsoft provides. It's not "basic" functionality > at all, but extended functionality, as it's not part of the SMB/CIFS > stack. It's proprietary. > > I'm guessing that due to your lack of knowledge of software development > models that you didn't understand anything I just stated above. So I'll > boil it down to this: > > If you critically need this feature, switch back to MS Windows. It will > likely never be implemented in a Samba+OS stack. Well, what we might be able to do is to add a scripting interface to the "available" parameter that is checked every time the share is about to be accessed. This would give a flexible interface to whatever the OS provides. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.0.14a works with ldapsam backend but not 3.5.10-125.el6
On Tue, Sep 04, 2012 at 03:59:25PM -0400, Qing Chang wrote: > If I understand right, as a STANDALONE server, Samba should only care about > finding and > authenticating againt a matching uid to Windows username on the samba server > (which > uses LDAP), and then using the uid and gid(s) to provide shared resources, > which is the > behavior observed with 3.0.14a, but not with 3.5.10-125.el6. > > In fact, SID never matters with 3.0.14a, I have populated all users with the > same SIDs and > 3.0.14a has been serving shares for years. Well, Samba has moved on to put more emphasis on SIDs. If that does not match your requirements, you should better stick with 3.0.14a and find someone from http://samba.org/samba/support to maintain it for you. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does samba-3.6.7's libsmbclient supports SMB2 protocol?
On Sun, Sep 02, 2012 at 11:11:17PM -0700, naga_kishore_komm...@yahoo.com wrote: > Thanks a lot Volker, > Does source4 directory has got SMB2 support in libsmbclient library? Well, there is some support for SMB2 calls in both source3 and source4. But neither directly support SMB2 out of the box with the interface that is published as libsmbclient.h. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba share an NFS import?
On Fri, Aug 31, 2012 at 02:46:17PM -0700, Jeremy Allison wrote: > On Fri, Aug 31, 2012 at 08:45:28PM +, Scott-Fleming, Ian wrote: > > Is it a problem to share a folder via Samba that is actually an NFS import > > from another machine? > > > > Looking at Samba documentation, it seems it shouldn't be. But I find only > > this one reference to re-exporting an NFS import via Samba (this is under > > "Samba 3.6 Features added/changed"): > > > > http://wiki.samba.org/index.php/Samba_3.6_Features_added/changed#NFS_quota_backend_on_Linux > > > > which says "A new nfs quota backend for Linux has been added that is based > > on the existing Solaris/FreeBSD implementation. This allows samba to > > communicate correct diskfree information for nfs imports that are > > re-exported as samba shares." > > > > But googling the problem, I find numerous discussions, where most contain > > something along the lines of this: > > > > http://serverfault.com/questions/68330/samba-sharing-an-nfs-mount-point > > > > > > which says, "The Samba manual mentions that re-exporting a NFS mountpoint > > over Samba does not work correctly. NFS is not 100% POSIX compatible, so > > some things work differently than what Samba expects. I.e. you should run > > Samba on the same server where you run the NFS service, exporting the local > > disks directly." > > > > I also came across various folks claiming one needs to play with the timing > > parameters in smb.conf. > > > > We're currently running Samba 3.5.10, under RHEL 6.2 (3.5.10 is the version > > currently supplied with RHEL 6.2). Machine Q nfs-mounts machine M's data > > disks, and re-exports them via Samba for users to access. We are > > experiencing problems with the NFS share occasionally becoming very slow > > (both for machine Q and the machines that mount them via Samba), and I'm > > wondering if the re-export is the problem. > > > > Question 1: When was samba re-export of NFS import considered stable? > > I.e., Do I need to update to 3.6 (move ahead of RHEL distribution) for this > > to be OK? > > Question 2: Can someone point me to more official Samba documentation on > > exporting? > > Bottom line - it'll mostly work. > > Caveat. Don't come complaining here when the locking doesn't work :-). And -- when it suddenly becomes slow, the analysis why it is so is more difficult than with a local file system. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Does samba-3.6.7's libsmbclient supports SMB2 protocol?
On Fri, Aug 31, 2012 at 06:56:04AM -0700, naga_kishore_komm...@yahoo.com wrote: > Hi, > I'm using libsmbclient library built from source3 directory of samba-3.6.7. > When I connect to a vista/2008 server using this libsmbclient library, > communication is happening in SMB1 protocol and NOT in SMB2. > Please note that I've enabled SMB2 by adding following line to smb.conf > > max protocol = SMB2 > > Does libsmbclient library built from source3 directory of samba-3.6.7 > supports SMB2? No, it does not yet. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Delete pending after open in M.Office
On Thu, Aug 16, 2012 at 03:21:00PM +0200, "Maurer, Hansjörg" wrote: > Hi > > ist seems that > > https://bugzilla.samba.org/show_bug.cgi?id=9058 > > > covers that issue Seems so. We have tried to reproduce the problem here without success. Are there exact instructions out there somewhere (smb.conf, Windows versions etc) to reproduce the issue reliably? Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mutex lock contention against Active directory domain controllers causing authentication failures
On Thu, Jul 19, 2012 at 03:39:46PM +, Bell D. wrote: > We are using Samba 3.4.6 (packaged by opencsw.org) against > Active Directory 2003 on our primary University filestore. > The operating system is Solaris 10 Update 10. We have a > number of domain controllers. For the past two days on our > main filestore has been failing connections from a number > of clients. Try running winbind. You don't need id mapping or nsswitch, but winbind serving as a proxy to the DC might help you. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4: mounting cifs on Linux client no longer preserves acl's [solved]
On Fri, Jul 06, 2012 at 06:28:26PM +0200, steve wrote: > On 06/07/12 13:14, steve wrote: > >On 06/07/12 12:21, steve wrote: > >>Version 4.0.0beta4-GIT-8f44389 > >> > This is due to having > wide links = Yes > unix extensions = Yes Just read https://lists.samba.org/archive/samba/2012-July/168131.html again with some more attention than first time. Read it properly to the end. It's all in there. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] s3fs and symlinks
On Tue, Jul 03, 2012 at 07:26:24PM +0200, steve wrote: > On 03/07/12 15:02, Volker Lendecke wrote: > >On Tue, Jul 03, 2012 at 03:14:45PM +0200, steve wrote: > >>On 03/07/12 14:33, Volker Lendecke wrote: > >>>On Tue, Jul 03, 2012 at 12:48:26PM +0200, steve wrote: > > >>Ignoring unknown parameter "wide links" > >>Press enter to see a dump of your service definitions > > > >Well, then for you it does not work. Please use 3.6.6. > > > >Volker > > > Hi Volker > This is the icing on the cake. We could not possibly turn back now;-) > > You seem to suggest that it is a problem just for us. Does 'wide links = > Yes' work for others in 4.0.0 beta4 git? For me it does so, yes. Your indication if it works is not the actual functional test but output from samba-tool. So sure, it will not work at this point. Thus I recommended using 3.6.6, which utilizes different tools. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] s3fs and symlinks
On Tue, Jul 03, 2012 at 03:14:45PM +0200, steve wrote: > On 03/07/12 14:33, Volker Lendecke wrote: > >On Tue, Jul 03, 2012 at 12:48:26PM +0200, steve wrote: > >>Hi everyone > >> > >>I have a problem with S4 following symlinks. > >> > >>In windows, I can access a share ¡f the the path is the actual > >>directory but not if the share contains a symlink to the same > >>directory. I get access errors. > >> > >>In Linux under NFS, I can access the share either directly via the symlink. > >> > >>Does s3fs understand symlinks at the moment? > > > >Look for "wide links", "unix extensions" and "allow insecure > >wide links" in "man smb.conf". > > > >Volker > > > Hi Volker > Unfortunately, wide links (which I think is what I need) doesn't work: > samba-tool testparm > Unknown parameter encountered: "wide links" > Ignoring unknown parameter "wide links" > Press enter to see a dump of your service definitions Well, then for you it does not work. Please use 3.6.6. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] s3fs and symlinks
On Tue, Jul 03, 2012 at 12:48:26PM +0200, steve wrote: > Hi everyone > > I have a problem with S4 following symlinks. > > In windows, I can access a share ¡f the the path is the actual > directory but not if the share contains a symlink to the same > directory. I get access errors. > > In Linux under NFS, I can access the share either directly via the symlink. > > Does s3fs understand symlinks at the moment? Look for "wide links", "unix extensions" and "allow insecure wide links" in "man smb.conf". Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind Daemon fails to start, group shares no longer functioning
On Thu, Jun 21, 2012 at 11:07:12AM -0400, Anthony Boccia wrote: > So in this case, I would apply it to my domain admin group, and change the > gid to 0? Or is there a separate group i should be looking at? What you need is a sambaGroupMappingEntry for the primary group of root, which presumably is 0. What you call it does not really matter, but changing the mapping for domain admins sounds reasonable to me without having taken a close enough look to be sure. With best regards, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
