[Samba] Flooded log with '..session closed for user nobody'
BW
m40636067 at gmail.com
Fri Dec 23 08:52:36 UTC 2022
My journal get's flooded with these entries:
2022-12-22 09.14.07 SRV99 smbd 6 pam_unix(samba:session):
session closed for user nobody
Especially when transferring files from a client to a share (in this case
from W10, IP 10.0.1.146, netbios disabled on Windows), authenticated
successfully by user "bw"
All folders-permissions on the share is:
Group: DATAR5 (RWX)
OWNER: bw (RWX)
User "bw" is member of the group "DATAR5"
smbstatus:
Samba version 4.9.5-Debian
PID Username Group Machine
Protocol Version Encryption Signing
----------------------------------------------------------------------------------------------------------------------------------------
19676 bw bw 10.0.1.184 (ipv4:10.0.1.184:51807)
SMB3_11 - partial(AES-128-CMAC)
16903 bw bw 10.0.1.146 (ipv4:10.0.1.146:56584)
SMB3_11 - partial(AES-128-CMAC)
23296 bw bw 10.0.1.146 (ipv4:10.0.1.146:62674)
SMB3_11 - partial(AES-128-CMAC)
16903 bw bw 10.0.1.146 (ipv4:10.0.1.146:56584)
SMB3_11 - partial(AES-128-CMAC)
16202 bw bw 10.0.1.130 (ipv4:10.0.1.130:52980)
SMB3_11 - partial(AES-128-CMAC)
smb.conf:
[global]
include = /etc/samba/smb_shares.conf
log file = /var/log/samba/log.%m
log level = 1
logging = file
map to guest = Bad User
max log size = 1100
obey pam restrictions = Yes
pam password change = Yes
panic action = /usr/share/samba/panic-action %d
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
passwd program = /usr/bin/passwd %u
server min protocol = SMB2_02
unix password sync = Yes
workgroup = LOCAL.domain.DK <http://local.domain.dk/>
[ARCHIVE]
comment = R1 5TB Archive
create mask = 0770
directory mask = 0770
path = /mnt/R1_archive/
read only = No
Any idea how I can prevent these log-entries?
More information about the samba
mailing list