Locking database cleanup?

Jeremy Allison jra at samba.org
Wed Apr 5 14:24:32 GMT 2006

On Wed, Apr 05, 2006 at 04:16:00PM +0400, Alexey Lobanov wrote:
> Actually, it is "documented" in smbd(8):
> =======
> To  shut down a user’s smbd process it is recommended that SIGKILL (-9)
> NOT be used, except as a last resort, as this may leave the shared mem‐
> ory area in an inconsistent state.
> =======
> In my opinion, this problem significantly decreases Samba reliability 
> and availability. It is quite expensive to restart the whole fileserver 
>  subsystem when  many users have open accounting databases at 
> non-affected, "healthy" shares.

That's not why we worry about sigkill (leaving dead records).

Because a process can't catch or stop sigkill the smbd might
be in the process of allocating new space within the tdb, which
if it is killed might leave the tdb in an inconsistent state
(ie. anyone trying to read it might crash). It's nothing to
do with dead records, we clean them us as we come across
them as previously described.


> >A solution proposal:
> >
> >The advantage we have is that we have a SMBD daemon process running.
> >
> >The main daemon process can have signal handlers for SIGCHLD for SMBD
> >child prcesses that it forks. When a child SMBD process
> >terminates/exits, the parent can trigger a cleanup.
> I agree that the master smbd could be a proper place for really 
> automatic solution.

No, it would be a horrible bottleneck. That's why we don't do it 
that way.


More information about the samba-technical mailing list