[Samba] winbind filling up log with "Possible deadlock: Trying to lookup SID xxx with passdb backend"

Michael Wood esiotrot at gmail.com
Thu Dec 9 01:59:16 MST 2010 

On 6 December 2010 14:54, Andre Fonseca de Oliveira
<andre.f.oliveira at cgu.gov.br> wrote:
> Hello,
>
> I have samba 3.3.8 installed on CentOS 5.5 on a production server.
>
> Winbind is filling up the logs with these messages:
>
> [2010/12/06 10:43:28,  0] winbindd/winbindd_passdb.c:sid_to_name(159)
>  Possible deadlock: Trying to lookup SID
> S-1-5-21-2106371596-187675891-3351287853 with passdb backend

If you enable debug level 10, do you get this just before each of
those messages?

Converting SID S-1-5-21-2106371596-187675891-3351287853

> We have been having problems when activating winbind daemon.
>
> Could this error message be causing trouble?

I don't think so.  I'm not sure what would cause this, but the code
logs that message if the SID is not in the BUILTIN domain and is not
in your domain and is not a local user/group and is not a well known
SID (like "Everybody").

It looks like just a sanity check.  I have no idea what it has to do
with deadlocks, but perhaps someone familiar with the code could
comment.

> Attached is smb.conf globals section (shares removed).
>
> Thanks in advance

-- 
Michael Wood <esiotrot at gmail.com>
-------------- next part --------------
[global]
	workgroup = DF-CGU
	server string = ""
	passdb backend = ldapsam:"ldap://ldaprr.df.cgu"
	passwd program = /usr/sbin/smbldap-passwd -u %u
	passwd chat = "Changing*\nNew password*" %n\n "*Retype new password*" %n\n"
	username map = /etc/samba/smbusers
	unix password sync = Yes
	client NTLMv2 auth = Yes
	log level = 0 auth:5
	syslog = 0
	max log size = 100000
	min protocol = NT1
	name resolve order = wins lmhosts host bcast
	time server = Yes
	deadtime = 5
	load printers = No
	printcap name = /dev/null
	disable spoolss = Yes
	delete user script = /usr/sbin/smbldap-userdel "%u"
	add group script = /usr/sbin/smbldap-groupadd -p "%g"
	delete group script = /usr/sbin/smbldap-groupdel "%g"
	add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
	delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
	set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
	add machine script = /usr/sbin/smbldap-useradd -t 5 -w "%u"
	logon script = logon.vbs
	logon path = 
	logon home = 
	domain logons = Yes
	os level = 255
	lm announce = No
	preferred master = Yes
	domain master = Yes
	wins support = Yes
	ldap admin dn = cn=suporte,dc=cgu,dc=gov,dc=br
	ldap delete dn = Yes
	ldap group suffix = ou=grupos,ou=df
	ldap machine suffix = ou=computadores,ou=df
	ldap passwd sync = yes
	ldap replication sleep = 5000
	ldap suffix = dc=cgu,dc=gov,dc=br
	ldap user suffix = ou=usuarios,ou=df
	utmp directory = /var/run
	wtmp directory = /var/log
	utmp = Yes
	comment = "SERVIDOR DE ARQUIVOS GNU/LINUX"
	create mask = 0640
	directory mask = 02750
	nt acl support = No
	use sendfile = Yes
	printing = bsd
	print command = lpr -r -P'%p' %s
	lpq command = lpq -P'%p'
	lprm command = lprm -P'%p' %j
	case sensitive = No
	hide unreadable = Yes
	veto files = /.*/
	strict locking = No

More information about the samba-technical mailing list