[Samba] "valid users" + ldap on Solaris 10 problems
Miki Monguilod
mikim at salleURL.edu
Thu Dec 29 15:10:47 GMT 2005
Hi,
I've got the logs in "log level 10" and a "truss" of the PID that tries
to connect one of the problematic "shares".
Both files are in:
log file: http://www.salleurl.edu/~mikim/log.txt
'truss' file: http://www.salleurl.edu/~mikim/truss.txt
well, I explain you the situation:
I log in the windows machine whit user "marc", but I map the share
called "tt-s-04-05" with user "mikim".
Thanks for your help.
Tom Crummey wrote:
> Hello Miki,
>
> The fact that samba crashes isn't good. You need to up the log level
> to 10 and recreate the crash. Then post the section of log file that
> shows where the crash occurs. The developers will ask you to recompile
> with debugging symbols and obtain a stack trace from gdb to help track
> down the bug.
>
> The piece of log file you posted to me does not show where the crash
> occurred. I'm interested to help you as I am trying to migrate from
> samba 2.2.x to 3.0.x and from NIS to LDAP. I've encountered several
> problems with the netgroups implementation and LDAP, mainly due to
> SUN's really poor LDAP client libraries, but it doesn't look like
> you're having the same problems as I am. However, I'm on Solaris 9 at
> the moment which may make difference. I'm using Directory server 5.2
> as well.
>
> Tom.
>
> ----------------------------------------------------------------------------
>
> Tom Crummey, Systems and Network Manager, EMAIL: tom at ee.ucl.ac.uk
> Department of Electronic and Electrical Engineering,
> University College London, TEL: +44 (0)20 7679
> 3898
> Torrington Place, FAX: +44 (0)20 7388
> 9325
> London, UK, WC1E 7JE.
> ----------------------------------------------------------------------------
>
>
> On Wed, 28 Dec 2005, Miki Monguilod wrote:
>
>> Hi,
>>
>> We are currently using Directory Server 5.2 but in a different
>> machine. I've look for this error in /var/adm/messages and it doesn't
>> appear.
>> On the other hand, I show you my config file (using 'testparm' command):
>> [global]
>> unix charset = CP850
>> workgroup = MYWORKGROUP
>> server string = Servidor de disc Zeus3
>> interfaces = 172.16.1.118/24, 172.16.1.86/24, 192.168.1.118/24
>> security = SHARE
>> passdb backend = ldapsam:ldap://ldap.mydomain.edu
>> lanman auth = No
>> client lanman auth = No
>> client plaintext auth = No
>> log level = 1
>> log file = /var/log/samba/log.%m
>> max log size = 50
>> max xmit = 65535
>> socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
>> SO_RCVBUF=8192 SO_SNDBUF=8192
>> load printers = No
>> os level = 33
>> local master = No
>> wins server = 172.16.1.158, 172.16.1.159, 130.206.42.238
>> ldap admin dn = "uid=samba,ou=Directory
>> Administrators,o=mydomain.edu"
>> ldap group suffix = ou=Groups
>> ldap machine suffix = ou=People
>> ldap suffix = dc=EALS,dc=mydomain,dc=edu
>> ldap user suffix = ou=People
>> lock directory = /var/lock/samba
>> default service = homes
>> hosts allow = x.x.x., x.x.x., x., x.x., x.x.
>> strict allocate = Yes
>> include = /var/Share/smb.share.gc
>> dont descend = /proc, /dev, /etc, /lib, /lost+found, /bin,
>> /sbin, /usr
>>
>> And this is the log results in with "log level = 1" (I think this is
>> not good....) :
>>
>> zeus3:/var/log/samba# cat log.172.16.1.187
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(36)
>> ===============================================================
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(37)
>> INTERNAL ERROR: Signal 10 in pid 11375 (3.0.21)
>> Please read the Trouble-Shooting section of the Samba3-HOWTO
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(39)
>>
>> From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(40)
>> ===============================================================
>> [2005/12/28 19:37:44, 0] lib/util.c:smb_panic2(1554)
>> PANIC: internal error
>>
>>
>> Thanks for you answer.
>>
>>
>> Tom Crummey wrote:
>>
>>> Hello,
>>>
>>> What LDAP server are you using and how does the Solaris box look up
>>> accounts in it? There is a problem with the OpenLDAP and Solaris
>>> client LDAP libraries co-existing. Do you get a message in syslog
>>> (/var/adm/messages) along the lines of:
>>>
>>> Aug 19 14:44:42 spock smbd[1006]: [ID 293258 user.error] libsldap:
>>> Status: 7 Mesg: LDAP ERROR (-7): Bad search filter.
>>>
>>>
>>> Tom.
>>>
>>>
>>> ----------------------------------------------------------------------------
>>> Tom Crummey, Systems and Network Manager, EMAIL: tom at ee.ucl.ac.uk
>>> Department of Electronic and Electrical Engineering,
>>> University College London, TEL: +44 (0)20
>>> 7679 3898
>>> Torrington Place, FAX: +44 (0)20
>>> 7388 9325
>>> London, UK, WC1E 7JE.
>>>
>>> ----------------------------------------------------------------------------
>>>
>>> On Wed, 28 Dec 2005, Miki Monguilod wrote:
>>>
>>>> Hello,
>>>>
>>>> We have just migrated a server from sun solaris 8 to sun solaris
>>>> 10. In the old machine we had a Samba 3.0.20b and in the new one,
>>>> we have samba 3.0.21, both compiled like this with no problems:
>>>> env LD_FLAGS="-L/usr/local/lib" ./configure --with-ldapsam
>>>> --without-pam --with-quotas --with-ldap --with-included-popt
>>>> --with-acl-support --with-libsmbclient
>>>>
>>>> We share user's homes by default working correctly. All this works
>>>> correctly in the old machine with Solaris 8, but in the new one
>>>> with Solaris 10 the problem comes when we share something using
>>>> "vaild users = @groupname" inside.
>>>>
>>>>
>>>> for example:
>>>>
>>>> [aelec] comment = Area Electronica
>>>> path = /mnt/grups/aelec browseable = yes
>>>> read only = no force directory mode = 2770
>>>> force group = aelec directory mode = 2770
>>>> create mode = 2770 valid users = @aelec The "aelec"
>>>> group exist in ldap and is not empty. In windows, we can browse all
>>>> shares, incluing "aelec" share, but if we want to connect using a
>>>> valid user, windows shows us this message: The specified network
>>>> name is no longer available. Also we tried this under linux (whith
>>>> samba 3.0.14a) showing this problem:
>>>>
>>>> smbclient -v -U validuser //server.domain.edu/aelec
>>>> Password:
>>>> Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.0.21]
>>>> tree connect failed: Call returned zero bytes (EOF)
>>>>
>>>> We use the same config and shares files in the old and in the new
>>>> machine. 'testparm' shows no errors except one because of the lengh
>>>> of the name of a share (more than 12 characters).
>>>> Does anybody knows where could be the error? Is this a Samba error
>>>> o probably a solaris error?
>>>>
>>>> Thanks in advance!
>>>>
>>>> PD: If you want logs, I can send logs in what debug level you want.
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> ==============================================================================
>>>> Utilitzeu el Servei Online d'Atencio a l'Usuari
>>>> (http://www.salleURL.edu/csi)
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Nom: Miki Cognoms: Monguilod Serena
>>>> Centre de Serveis Informatics (CSI) e-mail:mikim at salleURL.edu
>>>> Enginyeria i Arquitectura La Salle PGP KeyID: 0xBBF686E1
>>>> Universitat Ramon Llull Telefon: 93 290 24 00
>>>> Barcelona Extensio: 209
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/listinfo/samba
>>>>
>>>
>>>
>>
>>
>> --
>> ==============================================================================
>>
>> Utilitzeu el Servei Online d'Atencio a l'Usuari
>> (http://www.salleURL.edu/csi)
>>
>> ------------------------------------------------------------------------------
>>
>> Nom: Miki Cognoms: Monguilod Serena
>> Centre de Serveis Informatics (CSI) e-mail:mikim at salleURL.edu
>> Enginyeria i Arquitectura La Salle PGP KeyID: 0xBBF686E1
>> Universitat Ramon Llull Telefon: 93 290 24 00
>> Barcelona Extensio: 209
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/listinfo/samba
>>
>
>
--
==============================================================================
Utilitzeu el Servei Online d'Atencio a l'Usuari (http://www.salleURL.edu/csi)
------------------------------------------------------------------------------
Nom: Miki Cognoms: Monguilod Serena
Centre de Serveis Informatics (CSI) e-mail:mikim at salleURL.edu
Enginyeria i Arquitectura La Salle PGP KeyID: 0xBBF686E1
Universitat Ramon Llull Telefon: 93 290 24 00
Barcelona Extensio: 209
More information about the samba
mailing list