nmbd forkbombed my machine :-\

David Goodwin dof at codepoets.co.uk
Thu Dec 20 09:01:20 GMT 2001 

Hello everyone,

Assuming this is the right place to post potential bug reports, try this :
(Apologies if it's been posted/covered somewhere else, but your lists 
don't seem to have a search facility...)

nmbd had a good go at fork bombing my "server" just now, with a setup as 
follows :

Samba 2.2.0a on Slackware Linux v8.0, linux kernel 2.4.16. i586 with 
500ish mb of ram.

Samba is started from inetd.

There is only one windows (win2k pro) machine on the network of 4 
computers (others are linux).

The following appeared in log.nmbd :

[2001/12/15 23:49:40, 0] libsmb/nmblib.c:send_udp(777)
   Packet send failed to 10.1.1.255(138) ERRNO=Operation not permitted
[2001/12/15 23:49:40, 0] libsmb/nmblib.c:send_udp(777)
   Packet send failed to 10.1.1.255(138) ERRNO=Operation not permitted
[2001/12/20 16:15:22, 0] nmbd/asyncdns.c:start_async_dns(150)
   started asyncdns process 5293
[2001/12/20 16:15:22, 0] lib/pidfile.c:pidfile_create(88)
   ERROR: nmbd is already running. File /var/lock/samba/nmbd.pid exists 
and process id 947 is running.
[2001/12/20 16:15:22, 0] nmbd/asyncdns.c:start_async_dns(150)
   started asyncdns process 5295
[2001/12/20 16:15:22, 0] lib/pidfile.c:pidfile_create(88)
   ERROR: nmbd is already running. File /var/lock/samba/nmbd.pid exists 
and process id 947 is running.
[2001/12/20 16:15:22, 0] nmbd/asyncdns.c:start_async_dns(150)
   started asyncdns process 5297
[2001/12/20 16:15:22, 0] lib/pidfile.c:pidfile_create(88)
   ERROR: nmbd is already running. File /var/lock/samba/nmbd.pid exists 
and process id 947 is running.
[2001/12/20 16:15:23, 0] nmbd/asyncdns.c:start_async_dns(150)
   started asyncdns process 5299

.... (repeat of the above for sometime).

This had the great effect of using all the file descriptors up, so i 
couldn't login as root or do much else.

Thankfully it seems inetd realised something was wrong, and the 
following was in /var/log/debug :
Dec 20 16:19:24 crab inetd[4180]: netbios-ns/udp server failing 
(looping), service terminated
Dec 20 16:26:21 crab nmbd[947]:   Got SIGTERM: going down...

And as soon as i could I did a "killall nmbd", which i think is the 
final entry.

My /etc/samba/smb.conf file has the following :


[global]
         hosts allow = 10.1.1.
         workgroup = north_parade
         null passwords = yes
         log file = /var/log/smb.log
         interfaces = 10.1.1.1/255.255.255.0
         socket options = TCP_NODELAY
         netbios name = crab
         domain master = yes
         local master = yes
         security = user # was share
         preserve case = yes
         os level = 80
#       read prediction = no
#        domain logons = yes
         wins support = true

         server string = back from hell, asking for more!
         encrypt passwords = yes
         ssl CA certDir = /etc/ssl/certs
         update encrypted = yes



If there is any other info you might need, then feel free to ask, I'll 
do my best.

thanks

dof.


-- 
David Goodwin | dof at codepoets.co.uk | http://www.codepoets.co.uk
  Software Engineering, Uni. Of Wales Aberystwyth.
    Do not meddle in the affairs of wizards,
     for they are subtle and quick to anger.
    Do not go to the elves for counsel,
      for they will say both no and yes.

More information about the samba mailing list