[Samba] problem with Too many open files

Hans B. Randgaard HBR at maerskoil.com
Sun Feb 12 13:31:47 GMT 2006


Hi Samba community,

 

Last year we upgraded from version 3.0.10 to 3.0.20b and at the same
time

switch from NT-domain controller membership to AD membership. After this

upgrade we began to experience that drives sometimes were not mapped.

We saw this both on our Citrix servers and on our XP PCs.

A couple of weeks back we then moved to 3.0.21b in the hope that this

misbehaviour would disappear, but in fact it didn't. I noticed that we
see

the error message:

"Too many open files"

each time drives are not mapped.

 

In the log files I can see that it has happened even when we ran version
3.0.10.

 

We run Samba on Solaris and have previously increased both "rlim_fd_cur"
and

"rlim_fd_max" to 1024. Do we need to increase these values further ?

If I do "plimit <smbd process>" it says:

  resource                current         maximum

  time(seconds)        unlimited      unlimited

  file(blocks)             unlimited      unlimited

  data(kbytes)           unlimited      unlimited

  stack(kbytes)         8192            unlimited

  coredump(blocks)   unlimited      unlimited

  nofiles(descriptors) 10020           10020

  vmemory(kbytes)    unlimited      unlimited

 

I have tried increasing "nofiles" to 20040 without any success :-(

 

Here are some examples of the full error messages from the logs:

 

[2005/04/21 08:45:36, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(204)

  startsmbfilepwent_internal: unable to open file
/usr/local/samba/private/smbpasswd. Error was: Too many open files

[2005/04/21 08:45:36, 0]
passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1326)

  Unable to open passdb database.

 

another example:

 

[2006/01/26 08:19:06, 0] lib/debug.c:reopen_logs(591)

  Unable to open new log file /usr/local/samba/var/log.pcped250: Too
many open files

 

Have any of you experienced the same and if yes what did you do to

get Samba to behave ?

It is as if files are not closed...

 

Any help would be appreciated !

 

Kind regards, Hans.

 

PS. below is an extract of smb.conf(testparm -v) parameters(excluding
all the shares: LOTS)

 

Server role: ROLE_DOMAIN_MEMBER

Press enter to see a dump of your service definitions

[global]

      dos charset = CP850

      unix charset = ISO-8859-1

      display charset = LOCALE

      workgroup = CPHOIL

      realm = REALM.NET

      netbios name = PCDISK01

      netbios aliases = pcdisk, pcdisk-1, pcdisk-2, pcdisk-3, pcdisk-4,
pcdisk-5, pcdisk-6, pcdisk-7, pcdisk-8, pcdisk-9, pcdisk-10, pcdisk-11,
pcdisk-12, pcdisk-13, pcdisk-14, pcdisk-15, pcdisk-16, pcdisk-17,
pcdisk-18, pcdisk-19, pcdisk-20, pcdisk-21, pcdisk-22, pcdisk-23,
pcdisk-24, pcdisk-25, pcdisk-26, pcdisk-27, pcdisk-28, pcdisk-29,
pcdisk-30

      netbios scope = 

      server string = Samba 3.0.21b

      interfaces = ge0, 89.0.0.0/255.0.0.0, 192.168.89.0/255.255.255.0,
10.65.0.0/255.255.0.0, 40.0.0.0/255.0.0.0, 127.0.0.1

      bind interfaces only = No

      security = ADS

      auth methods = 

      encrypt passwords = Yes

      update encrypted = No

      client schannel = Auto

      server schannel = Auto

      allow trusted domains = Yes

      hosts equiv = 

      map to guest = Never

      null passwords = No

      obey pam restrictions = No

      password server = *

      smb passwd file = /usr/local/samba/private/smbpasswd

      private dir = /usr/local/samba/private

      passdb backend = smbpasswd

      algorithmic rid base = 1000

      root directory = 

      guest account = nobody

      enable privileges = No

      pam password change = No

      passwd program = 

      passwd chat = *new*password* %n\n *new*password* %n\n *changed*

      passwd chat debug = No

      passwd chat timeout = 2

      check password script = 

      username map = /usr/local/samba/lib/users.map

      password level = 0

      username level = 0

      unix password sync = No

      restrict anonymous = 0

      lanman auth = Yes

      ntlm auth = Yes

      client NTLMv2 auth = No

      client lanman auth = Yes

      client plaintext auth = Yes

      preload modules = 

      use kerberos keytab = No

      log level = 1 printdrivers:10

      syslog = 1

      syslog only = No

      log file = /usr/local/samba/var/log.%m

      max log size = 100

      debug timestamp = Yes

      debug hires timestamp = No

      debug pid = No

      debug uid = No

      smb ports = 445 139

      large readwrite = Yes

      max protocol = NT1

      min protocol = CORE

      read bmpx = No

      read raw = Yes

      write raw = Yes

      disable netbios = No

      reset on zero vc = No

      acl compatibility = 

      defer sharing violations = Yes

      nt pipe support = Yes

      nt status support = Yes

      announce version = 4.9

      announce as = NT

      max mux = 50

      max xmit = 16644

      name resolve order = wins bcast

      max ttl = 259200

      max wins ttl = 518400

      min wins ttl = 21600

      time server = No

      unix extensions = Yes

      use spnego = Yes

      client signing = auto

      server signing = No

      client use spnego = Yes

      enable asu support = Yes

      svcctl list = Spooler, NETLOGON

      change notify timeout = 60

      deadtime = 5

      getwd cache = Yes

      keepalive = 300

      kernel change notify = Yes

      lpq cache time = 30

      max smbd processes = 0

      paranoid server security = Yes

      max disk size = 0

      max open files = 10000

      socket options = TCP_NODELAY

      use mmap = Yes

      hostname lookups = Yes

      name cache timeout = 660

      load printers = Yes

      printcap cache time = 750

      printcap name = 

      cups server = 

      iprint server = 

      disable spoolss = No

      enumports command = 

      addprinter command = /usr/local/bin/addprinter

      deleteprinter command = 

      show add printer wizard = Yes

      os2 driver map = 

      mangling method = hash2

      mangle prefix = 1

      max stat cache size = 0

      stat cache = Yes

      machine password timeout = 604800

      add user script = 

      rename user script = 

      delete user script = 

      add group script = 

      delete group script = 

      add user to group script = 

      delete user from group script = 

      set primary group script = 

      add machine script = 

      shutdown script = 

      abort shutdown script = 

      username map script = 

      logon script = 

      logon path = \\%N\%U\profile

      logon drive = 

      logon home = \\%N\%U

      domain logons = No

      os level = 20

      lm announce = Auto

      lm interval = 60

      preferred master = Auto

      local master = No

      domain master = Auto

      browse list = Yes

      enhanced browsing = Yes

      dns proxy = Yes

      wins proxy = No

      wins server = 89.16.60.1, 89.16.60.2, 89.16.6.4

      wins support = No

      wins hook = 

      wins partners = 

      kernel oplocks = Yes

      lock spin count = 3

      lock spin time = 10

      oplock break wait time = 0

      ldap admin dn = cn=Manager,dc=cph,dc=maerskoil,dc=com

      ldap delete dn = No

      ldap group suffix = 

      ldap idmap suffix = ou=Idmap

      ldap machine suffix = 

      ldap passwd sync = no

      ldap replication sleep = 1000

      ldap suffix = dc=cph,dc=maerskoil,dc=com

      ldap ssl = 

      ldap timeout = 15

      ldap page size = 1024

      ldap user suffix = 

      add share command = 

      change share command = 

      delete share command = 

      eventlog list = 

      config file = 

      preload = 

      lock directory = /usr/local/samba/var/locks

      pid directory = /usr/local/samba/var/locks

      utmp directory = 

      wtmp directory = 

      utmp = No

      default service = 

      message command = 

      get quota command = 

      set quota command = 

      remote announce = 

      remote browse sync = 

      socket address = 0.0.0.0

      homedir map = 

      afs username map = 

      afs token lifetime = 604800

      log nt token command = 

      time offset = 0

      NIS homedir = No

      panic action = 

      host msdfs = No

      enable rid algorithm = Yes

      passdb expand explicit = Yes

      idmap backend = "ldap:ldap://ldap03 ldap://ldap04"

      idmap uid = 10000-20000

      idmap gid = 10000-20000

      template homedir = /home/%D/%U

      template shell = /bin/false

      winbind separator = +

      winbind cache time = 15

      winbind enum users = Yes

      winbind enum groups = Yes

      winbind use default domain = No

      winbind trusted domains only = No

      winbind nested groups = No

      winbind max idle children = 3

      winbind nss info = template

      comment = 

      path = 

      username = 

      invalid users = 

      valid users = 

      admin users = CPHOIL+hbr, CPHOIL+jfj, CPHOIL+ssa, CPHOIL+obl,
CPHOIL+hhu, CPHOIL+ckm, CPHOIL+toh, CPHOIL+esl, CPHOIL+bsv, CPHOIL+dja,
CPHOIL+kik, CPHOIL+xren, CPHOIL+exchangeservice

      read list = 

      write list = 

      printer admin = 

      force user = 

      force group = 

      read only = Yes

      acl check permissions = Yes

      acl group control = No

      acl map full control = Yes

      create mask = 0744

      force create mode = 00

      security mask = 0777

      force security mode = 00

      directory mask = 0755

      force directory mode = 00

      directory security mask = 0777

      force directory security mode = 00

      force unknown acl user = No

      inherit permissions = No

      inherit acls = No

      inherit owner = No

      guest only = No

      guest ok = No

      only user = No

      hosts allow = 

      hosts deny = 

      allocation roundup size = 1048576

      aio read size = 0

      aio write size = 0

      aio write behind = 

      ea support = No

      nt acl support = Yes

      profile acls = No

      map acl inherit = No

      afs share = No

      block size = 1024

      max connections = 0

      min print space = 0

      strict allocate = No

      strict sync = No

      sync always = No

      use sendfile = No

      write cache size = 0

      max reported print jobs = 0

      max print jobs = 1000

      printable = No

      printing = sysv

      cups options = 

      print command = lp -c -d%p %s; rm %s

      lpq command = lpstat -o%p

      lprm command = cancel %p-%j

      lppause command = lp -i %p-%j -H hold

      lpresume command = lp -i %p-%j -H resume

      queuepause command = disable %p

      queueresume command = enable %p

      printer name = 

      use client driver = No

      default devmode = No

      force printername = No

      default case = lower

      case sensitive = Auto

      preserve case = Yes

      short preserve case = Yes

      mangling char = ~

      hide dot files = Yes

      hide special files = No

      hide unreadable = No

      hide unwriteable files = No

      delete veto files = No

      veto files = 

      hide files = 

      veto oplock files = 

      map archive = Yes

      map hidden = No

      map system = No

      map readonly = yes

      mangled names = Yes

      mangled map = 

      store dos attributes = No

      browseable = Yes

      blocking locks = Yes

      csc policy = manual

      fake oplocks = No

      locking = Yes

      oplocks = Yes

      level2 oplocks = Yes

      oplock contention limit = 2

      posix locking = Yes

      strict locking = Yes

      share modes = Yes

      dfree cache time = 0

      dfree command = 

      copy = 

      include = 

      preexec = /bin/echo "%u at %m connected to //%L/%S    on %T"
>>/usr/local/samba/var/smblog

      preexec close = No

      postexec = /bin/echo "%u      at %m disconnected from //%L/%S
on %T" >>/usr/local/samba/var/smblog

      root preexec = 

      root preexec close = No

      root postexec = 

      available = Yes

      volume = 

      fstype = NTFS

      set directory = No

      wide links = Yes

      follow symlinks = Yes

      dont descend = 

      magic script = 

      magic output = 

      delete readonly = No

      dos filemode = No

      dos filetimes = Yes

      dos filetime resolution = No

      fake directory create times = No

      vfs objects = 

      msdfs root = No

      msdfs proxy = 

 


**********************************************************************
This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to which they 
are addressed. If you have received this e-mail in error please notify 
the system manager at helpdesk at maerskoil.com.

This e-mail and its contents do not constitute and shall not be 
considered as a financial commitment of Maersk Olie og Gas AS 
and its affiliates. 
Maersk Olie og Gas AS expressly disclaims any responsibility
as to the accuracy and use of this e-mail and its contents.
**********************************************************************



More information about the samba mailing list