[Samba] "valid users" + ldap on Solaris 10 problems

Miki Monguilod mikim at salleURL.edu
Thu Dec 29 15:10:47 GMT 2005 

Hi,
I've got the logs in "log level 10" and a "truss" of the PID that tries 
to connect one of the problematic "shares".
Both files are in:
log file:  http://www.salleurl.edu/~mikim/log.txt
'truss' file: http://www.salleurl.edu/~mikim/truss.txt

well, I explain you the situation:
I log in the windows machine whit user "marc", but I map the share 
called "tt-s-04-05" with user "mikim".


Thanks for your help.



Tom Crummey wrote:

> Hello Miki,
>
> The fact that samba crashes isn't good. You need to up the log level 
> to 10 and recreate the crash. Then post the section of log file that 
> shows where the crash occurs. The developers will ask you to recompile 
> with debugging symbols and obtain a stack trace from gdb to help track 
> down the bug.
>
> The piece of log file you posted to me does not show where the crash 
> occurred. I'm interested to help you as I am trying to migrate from 
> samba 2.2.x to 3.0.x and from NIS to LDAP. I've encountered several 
> problems with the netgroups implementation and LDAP, mainly due to 
> SUN's really poor LDAP client libraries, but it doesn't look like 
> you're having the same problems as I am. However, I'm on Solaris 9 at 
> the moment which may make difference. I'm using Directory server 5.2 
> as well.
>
> Tom.
>
> ---------------------------------------------------------------------------- 
>
>  Tom Crummey, Systems and Network Manager,      EMAIL: tom at ee.ucl.ac.uk
>  Department of Electronic and Electrical Engineering,
>  University College London,                       TEL: +44 (0)20 7679 
> 3898
>  Torrington Place,                                FAX: +44 (0)20 7388 
> 9325
>  London, UK, WC1E 7JE.
> ---------------------------------------------------------------------------- 
>
>
> On Wed, 28 Dec 2005, Miki Monguilod wrote:
>
>> Hi,
>>
>> We are currently using Directory Server 5.2 but in a different 
>> machine. I've look for this error in /var/adm/messages and it doesn't 
>> appear.
>> On the other hand, I show you my config file (using 'testparm' command):
>> [global]
>>       unix charset = CP850
>>       workgroup = MYWORKGROUP
>>       server string = Servidor de disc Zeus3
>>       interfaces = 172.16.1.118/24, 172.16.1.86/24, 192.168.1.118/24
>>       security = SHARE
>>       passdb backend = ldapsam:ldap://ldap.mydomain.edu
>>       lanman auth = No
>>       client lanman auth = No
>>       client plaintext auth = No
>>       log level = 1
>>       log file = /var/log/samba/log.%m
>>       max log size = 50
>>       max xmit = 65535
>>       socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE 
>> SO_RCVBUF=8192 SO_SNDBUF=8192
>>       load printers = No
>>       os level = 33
>>       local master = No
>>       wins server = 172.16.1.158, 172.16.1.159, 130.206.42.238
>>       ldap admin dn = "uid=samba,ou=Directory 
>> Administrators,o=mydomain.edu"
>>       ldap group suffix = ou=Groups
>>       ldap machine suffix = ou=People
>>       ldap suffix = dc=EALS,dc=mydomain,dc=edu
>>       ldap user suffix = ou=People
>>       lock directory = /var/lock/samba
>>       default service = homes
>>       hosts allow = x.x.x., x.x.x., x., x.x., x.x.
>>       strict allocate = Yes
>>       include = /var/Share/smb.share.gc
>>       dont descend = /proc, /dev, /etc, /lib, /lost+found, /bin, 
>> /sbin, /usr
>>
>> And this is the log results in with "log level = 1" (I think this is 
>> not good....) :
>>
>> zeus3:/var/log/samba# cat log.172.16.1.187
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(36)
>> ===============================================================
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(37)
>> INTERNAL ERROR: Signal 10 in pid 11375 (3.0.21)
>> Please read the Trouble-Shooting section of the Samba3-HOWTO
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(39)
>>
>> From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
>> [2005/12/28 19:37:44, 0] lib/fault.c:fault_report(40)
>> ===============================================================
>> [2005/12/28 19:37:44, 0] lib/util.c:smb_panic2(1554)
>> PANIC: internal error
>>
>>
>> Thanks for you answer.
>>
>>
>> Tom Crummey wrote:
>>
>>> Hello,
>>>
>>> What LDAP server are you using and how does the Solaris box look up 
>>> accounts in it? There is a problem with the OpenLDAP and Solaris 
>>> client LDAP libraries co-existing. Do you get a message in syslog 
>>> (/var/adm/messages) along the lines of:
>>>
>>> Aug 19 14:44:42 spock smbd[1006]: [ID 293258 user.error] libsldap:
>>> Status: 7  Mesg: LDAP ERROR (-7): Bad search filter.
>>>
>>>
>>> Tom.
>>>
>>>
>>> ---------------------------------------------------------------------------- 
>>>  Tom Crummey, Systems and Network Manager,      EMAIL: tom at ee.ucl.ac.uk
>>>  Department of Electronic and Electrical Engineering,
>>>  University College London,                       TEL: +44 (0)20 
>>> 7679 3898
>>>  Torrington Place,                                FAX: +44 (0)20 
>>> 7388 9325
>>>  London, UK, WC1E 7JE.
>>>
>>> ---------------------------------------------------------------------------- 
>>>
>>> On Wed, 28 Dec 2005, Miki Monguilod wrote:
>>>
>>>> Hello,
>>>>
>>>> We have just migrated a server from sun solaris 8 to sun solaris 
>>>> 10. In the old machine we had a Samba 3.0.20b and in the new one, 
>>>> we have samba 3.0.21, both compiled like this with no problems:
>>>> env LD_FLAGS="-L/usr/local/lib" ./configure --with-ldapsam 
>>>> --without-pam --with-quotas --with-ldap --with-included-popt 
>>>> --with-acl-support --with-libsmbclient
>>>>
>>>> We share user's homes by default working correctly. All this works 
>>>> correctly in the old machine with Solaris 8, but in the new one 
>>>> with Solaris 10 the problem comes when we share something using 
>>>> "vaild users = @groupname" inside.
>>>>
>>>>
>>>> for example:
>>>>
>>>> [aelec]        comment = Area Electronica
>>>>       path = /mnt/grups/aelec        browseable = yes
>>>>       read only = no        force directory mode = 2770
>>>>       force group = aelec        directory mode = 2770
>>>>       create mode = 2770         valid users = @aelec The "aelec" 
>>>> group exist in ldap and is not empty. In windows, we can browse all 
>>>> shares, incluing "aelec" share, but if we want to connect using a 
>>>> valid user, windows shows us this message: The specified network 
>>>> name is no longer available. Also we tried this under linux (whith 
>>>> samba 3.0.14a) showing this problem:
>>>>
>>>> smbclient -v -U validuser //server.domain.edu/aelec
>>>> Password:
>>>> Domain=[MYDOMAIN] OS=[Unix] Server=[Samba 3.0.21]
>>>> tree connect failed: Call returned zero bytes (EOF)
>>>>
>>>> We use the same config and shares files in the old and in the new 
>>>> machine. 'testparm' shows no errors except one because of the lengh 
>>>> of the name of a share (more than 12 characters).
>>>> Does anybody knows where could be the error? Is this a Samba error 
>>>> o probably a solaris error?
>>>>
>>>> Thanks in advance!
>>>>
>>>> PD: If you want logs, I can send logs in what debug level you want.
>>>>
>>>>
>>>>
>>>>
>>>> -- 
>>>> ============================================================================== 
>>>> Utilitzeu el Servei Online d'Atencio a l'Usuari 
>>>> (http://www.salleURL.edu/csi)
>>>>
>>>>
>>>> ------------------------------------------------------------------------------ 
>>>> Nom: Miki                 Cognoms: Monguilod Serena
>>>> Centre de Serveis Informatics (CSI)        e-mail:mikim at salleURL.edu
>>>> Enginyeria i Arquitectura La Salle        PGP KeyID: 0xBBF686E1
>>>> Universitat Ramon Llull            Telefon: 93 290 24 00
>>>> Barcelona                Extensio: 209
>>>>
>>>> -- 
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>>>
>>>
>>>
>>
>>
>> -- 
>> ============================================================================== 
>>
>> Utilitzeu el Servei Online d'Atencio a l'Usuari 
>> (http://www.salleURL.edu/csi)
>>
>> ------------------------------------------------------------------------------ 
>>
>> Nom: Miki                 Cognoms: Monguilod Serena
>> Centre de Serveis Informatics (CSI)        e-mail:mikim at salleURL.edu
>> Enginyeria i Arquitectura La Salle        PGP KeyID: 0xBBF686E1
>> Universitat Ramon Llull            Telefon: 93 290 24 00
>> Barcelona                Extensio: 209
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>>
>
>


-- 
==============================================================================
 Utilitzeu el Servei Online d'Atencio a l'Usuari (http://www.salleURL.edu/csi)
 ------------------------------------------------------------------------------
  Nom: Miki 				Cognoms: Monguilod Serena
  Centre de Serveis Informatics (CSI)		e-mail:mikim at salleURL.edu
  Enginyeria i Arquitectura La Salle		PGP KeyID: 0xBBF686E1
  Universitat Ramon Llull			Telefon: 93 290 24 00
  Barcelona				Extensio: 209

More information about the samba mailing list