[Samba] Problems with "nobody" processes in Samba 3.0.4
Matt Wright
matt at consultmatt.co.uk
Wed Jun 23 00:57:31 GMT 2004
Hi,
Hopefully someone can help me with this because its driving me up the
wall. I admin a Samba PDC which authenticates through an LDAP backend.
Both the samba server and pam authenticate through the entries in the
LDAP database.
I recently upgraded to 3.0.4 to combat the M$ hotfix that destroyed
password changing. Since then things have been squiffy. All runs fine
(apart from a grouping problem that I shall describe later) until a
rogue samba thread appears which is owned by "nobody".
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND
2639 root 20 0 13844 3832 804 S 40.8 1.5 4317m 0 slapd
7889 nobody 15 0 1528 492 372 S 4.9 0.1 76:19 0 smbd
This particular top output is probably a bad example because the nightly
backups are running at the same time. However the exhaustion of slapd as
shown above occurs at the same time as this "nobody" thread appears.
When the backup is not running the smbd thread usually hits about 40%
CPU as well leading to a very congested fileserver. At this point the
network slows to a crawl, killing these processes stops the slapd cpu
usage but seems then to corrupt peoples smb sessions which seems to
suggest the process is actually associated with a user.
In trying to track down this bug I've rearranged the entire ldap tree;
we used to have an "ou=smb" tree for all samba classes and "ou=People"
and "ou=Group" trees for all the posix classes. These have ow been
rearranged so that ou=People,ou=Computers and ou=Group exist with both
their posix and samba attributes in each respective tree.
I would really, really appriciate any help that you people can give.
I've had success tracking down samba problems in the past but this one
has me.
----------
One other problem which has confused me also exists. Now I don't know if
this is related to the above or not (hence the line). We map the unix
group "users" to "Domain Users" in windows. The correct entry in
"ou=Group" exists
dn: cn=users,ou=Group,dc=kwltd,dc=com
sambaSID: S-1-5-21-661346169-342852810-2564848181-513
gidNumber: 100
displayName: Domain Users
description: Domain Users
objectClass: posixGroup
objectClass: sambaGroupMapping
cn: users
sambaGroupType: 2
memberUid: root,test1645,test2
memberUid: test2711
memberUid: mwright
memberUid: solitaire$
.
.
Such that if you run:
[root at austin root]# id mwright
uid=1016(mwright) gid=1000(smbadmin) groups=1000(smbadmin),100(users)
[root at austin root]#
I am clearly a member of the users group, however I do not show up in
the Domain Users group in USRMGR. Further if I attempt to add myself I'm
told I'm already in the group. Any ideas on this one??
Regards,
Matt Wright
Matt Wright Consulting
matt at consultmatt.co.uk
(Bcc: Phil Cooper)
More information about the samba
mailing list