[Samba] IPC$ entries not deleted from connections.tdb?
Jeremy Allison
jra at samba.org
Tue Apr 26 23:51:33 GMT 2005
On Tue, Apr 26, 2005 at 03:33:11PM -0400, Yannick Bergeron wrote:
> Hi Andrew,
>
> I know that you're a very busy guy, but I've CC you on this post a few days
> ago and didn't get any answer.
>
> http://lists.samba.org/archive/samba-technical/2005-April/040377.html
> http://lists.samba.org/archive/samba-technical/2005-April/040378.html
> http://lists.samba.org/archive/samba-technical/2005-April/040379.html
> http://lists.samba.org/archive/samba/2005-April/104135.html
>
> I would like to have your impression on this problem or if you can
> reproduce it.
>
> I would be really surprised if I was the only one who has it. The
> difference is that we're using samba with a lots of users and we've
> estimated that the file will grow at least 55mb per month. This if for a
> smbd child that make only one connection. It could be like 20 times bigger
> (1.1gb) if each smbd child owns 20 connections.
There were some codepaths in smbd/service.c that didn't call yield_connection()
on an error. But they would only occur in an error case. Do you have any of these
in you smbd logs ?
Anyway, here is a patch to ensure yield_connection() is always called on error
(and also a tidyup of some extraneous macro calls).
Jeremy.
-------------- next part --------------
Index: smbd/service.c
===================================================================
--- smbd/service.c (revision 6493)
+++ smbd/service.c (working copy)
@@ -521,7 +521,7 @@
/* Initialise VFS function pointers */
if (!smbd_vfs_init(conn)) {
- DEBUG(0, ("vfs_init failed for service %s\n", lp_servicename(SNUM(conn))));
+ DEBUG(0, ("vfs_init failed for service %s\n", lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
@@ -544,8 +544,8 @@
/* ROOT Activities: */
/* check number of connections */
if (!claim_connection(conn,
- lp_servicename(SNUM(conn)),
- lp_max_connections(SNUM(conn)),
+ lp_servicename(snum),
+ lp_max_connections(snum),
False,0)) {
DEBUG(1,("too many connections - rejected\n"));
conn_free(conn);
@@ -555,16 +555,16 @@
/* Preexecs are done here as they might make the dir we are to ChDir to below */
/* execute any "root preexec = " line */
- if (*lp_rootpreexec(SNUM(conn))) {
+ if (*lp_rootpreexec(snum)) {
int ret;
pstring cmd;
- pstrcpy(cmd,lp_rootpreexec(SNUM(conn)));
+ pstrcpy(cmd,lp_rootpreexec(snum));
standard_sub_conn(conn,cmd,sizeof(cmd));
DEBUG(5,("cmd=%s\n",cmd));
ret = smbrun(cmd,NULL);
- if (ret != 0 && lp_rootpreexec_close(SNUM(conn))) {
+ if (ret != 0 && lp_rootpreexec_close(snum)) {
DEBUG(1,("root preexec gave %d - failing connection\n", ret));
- yield_connection(conn, lp_servicename(SNUM(conn)));
+ yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
@@ -575,6 +575,7 @@
if (!change_to_user(conn, conn->vuid)) {
/* No point continuing if they fail the basic checks */
DEBUG(0,("Can't become connected user!\n"));
+ yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_LOGON_FAILURE;
return NULL;
@@ -584,16 +585,16 @@
/* Preexecs are done here as they might make the dir we are to ChDir to below */
/* execute any "preexec = " line */
- if (*lp_preexec(SNUM(conn))) {
+ if (*lp_preexec(snum)) {
int ret;
pstring cmd;
- pstrcpy(cmd,lp_preexec(SNUM(conn)));
+ pstrcpy(cmd,lp_preexec(snum));
standard_sub_conn(conn,cmd,sizeof(cmd));
ret = smbrun(cmd,NULL);
- if (ret != 0 && lp_preexec_close(SNUM(conn))) {
+ if (ret != 0 && lp_preexec_close(snum)) {
DEBUG(1,("preexec gave %d - failing connection\n", ret));
change_to_root_user();
- yield_connection(conn, lp_servicename(SNUM(conn)));
+ yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
@@ -601,7 +602,7 @@
}
#ifdef WITH_FAKE_KASERVER
- if (lp_afs_share(SNUM(conn))) {
+ if (lp_afs_share(snum)) {
afs_login(conn);
}
#endif
@@ -612,9 +613,9 @@
I have disabled this chdir check (tridge) */
/* the alternative is just to check the directory exists */
if (SMB_VFS_STAT(conn, conn->connectpath, &st) != 0 || !S_ISDIR(st.st_mode)) {
- DEBUG(0,("'%s' does not exist or is not a directory, when connecting to [%s]\n", conn->connectpath, lp_servicename(SNUM(conn))));
+ DEBUG(0,("'%s' does not exist or is not a directory, when connecting to [%s]\n", conn->connectpath, lp_servicename(snum)));
change_to_root_user();
- yield_connection(conn, lp_servicename(SNUM(conn)));
+ yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
@@ -642,7 +643,7 @@
if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
dbgtext( "%s (%s) ", get_remote_machine_name(), conn->client_address );
dbgtext( "%s", srv_is_signing_active() ? "signed " : "");
- dbgtext( "connect to service %s ", lp_servicename(SNUM(conn)) );
+ dbgtext( "connect to service %s ", lp_servicename(snum) );
dbgtext( "initially as user %s ", user );
dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
dbgtext( "(pid %d)\n", (int)sys_getpid() );
@@ -650,9 +651,9 @@
/* Add veto/hide lists */
if (!IS_IPC(conn) && !IS_PRINT(conn)) {
- set_namearray( &conn->veto_list, lp_veto_files(SNUM(conn)));
- set_namearray( &conn->hide_list, lp_hide_files(SNUM(conn)));
- set_namearray( &conn->veto_oplock_list, lp_veto_oplocks(SNUM(conn)));
+ set_namearray( &conn->veto_list, lp_veto_files(snum));
+ set_namearray( &conn->hide_list, lp_hide_files(snum));
+ set_namearray( &conn->veto_oplock_list, lp_veto_oplocks(snum));
}
/* Invoke VFS make connection hook */
@@ -660,6 +661,7 @@
if (SMB_VFS_CONNECT(conn, lp_servicename(snum), user) < 0) {
DEBUG(0,("make_connection: VFS make connection failed!\n"));
change_to_root_user();
+ yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_UNSUCCESSFUL;
return NULL;
@@ -812,8 +814,9 @@
}
/****************************************************************************
-close a cnum
+ Close a cnum.
****************************************************************************/
+
void close_cnum(connection_struct *conn, uint16 vuid)
{
if (IS_IPC(conn)) {
More information about the samba
mailing list