[Samba] problem with Too many open files
Hans B. Randgaard
HBR at maerskoil.com
Sun Feb 12 13:31:47 GMT 2006
Hi Samba community,
Last year we upgraded from version 3.0.10 to 3.0.20b and at the same
time
switch from NT-domain controller membership to AD membership. After this
upgrade we began to experience that drives sometimes were not mapped.
We saw this both on our Citrix servers and on our XP PCs.
A couple of weeks back we then moved to 3.0.21b in the hope that this
misbehaviour would disappear, but in fact it didn't. I noticed that we
see
the error message:
"Too many open files"
each time drives are not mapped.
In the log files I can see that it has happened even when we ran version
3.0.10.
We run Samba on Solaris and have previously increased both "rlim_fd_cur"
and
"rlim_fd_max" to 1024. Do we need to increase these values further ?
If I do "plimit <smbd process>" it says:
resource current maximum
time(seconds) unlimited unlimited
file(blocks) unlimited unlimited
data(kbytes) unlimited unlimited
stack(kbytes) 8192 unlimited
coredump(blocks) unlimited unlimited
nofiles(descriptors) 10020 10020
vmemory(kbytes) unlimited unlimited
I have tried increasing "nofiles" to 20040 without any success :-(
Here are some examples of the full error messages from the logs:
[2005/04/21 08:45:36, 0] passdb/pdb_smbpasswd.c:startsmbfilepwent(204)
startsmbfilepwent_internal: unable to open file
/usr/local/samba/private/smbpasswd. Error was: Too many open files
[2005/04/21 08:45:36, 0]
passdb/pdb_smbpasswd.c:smbpasswd_getsampwnam(1326)
Unable to open passdb database.
another example:
[2006/01/26 08:19:06, 0] lib/debug.c:reopen_logs(591)
Unable to open new log file /usr/local/samba/var/log.pcped250: Too
many open files
Have any of you experienced the same and if yes what did you do to
get Samba to behave ?
It is as if files are not closed...
Any help would be appreciated !
Kind regards, Hans.
PS. below is an extract of smb.conf(testparm -v) parameters(excluding
all the shares: LOTS)
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
dos charset = CP850
unix charset = ISO-8859-1
display charset = LOCALE
workgroup = CPHOIL
realm = REALM.NET
netbios name = PCDISK01
netbios aliases = pcdisk, pcdisk-1, pcdisk-2, pcdisk-3, pcdisk-4,
pcdisk-5, pcdisk-6, pcdisk-7, pcdisk-8, pcdisk-9, pcdisk-10, pcdisk-11,
pcdisk-12, pcdisk-13, pcdisk-14, pcdisk-15, pcdisk-16, pcdisk-17,
pcdisk-18, pcdisk-19, pcdisk-20, pcdisk-21, pcdisk-22, pcdisk-23,
pcdisk-24, pcdisk-25, pcdisk-26, pcdisk-27, pcdisk-28, pcdisk-29,
pcdisk-30
netbios scope =
server string = Samba 3.0.21b
interfaces = ge0, 89.0.0.0/255.0.0.0, 192.168.89.0/255.255.255.0,
10.65.0.0/255.255.0.0, 40.0.0.0/255.0.0.0, 127.0.0.1
bind interfaces only = No
security = ADS
auth methods =
encrypt passwords = Yes
update encrypted = No
client schannel = Auto
server schannel = Auto
allow trusted domains = Yes
hosts equiv =
map to guest = Never
null passwords = No
obey pam restrictions = No
password server = *
smb passwd file = /usr/local/samba/private/smbpasswd
private dir = /usr/local/samba/private
passdb backend = smbpasswd
algorithmic rid base = 1000
root directory =
guest account = nobody
enable privileges = No
pam password change = No
passwd program =
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
passwd chat timeout = 2
check password script =
username map = /usr/local/samba/lib/users.map
password level = 0
username level = 0
unix password sync = No
restrict anonymous = 0
lanman auth = Yes
ntlm auth = Yes
client NTLMv2 auth = No
client lanman auth = Yes
client plaintext auth = Yes
preload modules =
use kerberos keytab = No
log level = 1 printdrivers:10
syslog = 1
syslog only = No
log file = /usr/local/samba/var/log.%m
max log size = 100
debug timestamp = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
smb ports = 445 139
large readwrite = Yes
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
disable netbios = No
reset on zero vc = No
acl compatibility =
defer sharing violations = Yes
nt pipe support = Yes
nt status support = Yes
announce version = 4.9
announce as = NT
max mux = 50
max xmit = 16644
name resolve order = wins bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
unix extensions = Yes
use spnego = Yes
client signing = auto
server signing = No
client use spnego = Yes
enable asu support = Yes
svcctl list = Spooler, NETLOGON
change notify timeout = 60
deadtime = 5
getwd cache = Yes
keepalive = 300
kernel change notify = Yes
lpq cache time = 30
max smbd processes = 0
paranoid server security = Yes
max disk size = 0
max open files = 10000
socket options = TCP_NODELAY
use mmap = Yes
hostname lookups = Yes
name cache timeout = 660
load printers = Yes
printcap cache time = 750
printcap name =
cups server =
iprint server =
disable spoolss = No
enumports command =
addprinter command = /usr/local/bin/addprinter
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
mangling method = hash2
mangle prefix = 1
max stat cache size = 0
stat cache = Yes
machine password timeout = 604800
add user script =
rename user script =
delete user script =
add group script =
delete group script =
add user to group script =
delete user from group script =
set primary group script =
add machine script =
shutdown script =
abort shutdown script =
username map script =
logon script =
logon path = \\%N\%U\profile
logon drive =
logon home = \\%N\%U
domain logons = No
os level = 20
lm announce = Auto
lm interval = 60
preferred master = Auto
local master = No
domain master = Auto
browse list = Yes
enhanced browsing = Yes
dns proxy = Yes
wins proxy = No
wins server = 89.16.60.1, 89.16.60.2, 89.16.6.4
wins support = No
wins hook =
wins partners =
kernel oplocks = Yes
lock spin count = 3
lock spin time = 10
oplock break wait time = 0
ldap admin dn = cn=Manager,dc=cph,dc=maerskoil,dc=com
ldap delete dn = No
ldap group suffix =
ldap idmap suffix = ou=Idmap
ldap machine suffix =
ldap passwd sync = no
ldap replication sleep = 1000
ldap suffix = dc=cph,dc=maerskoil,dc=com
ldap ssl =
ldap timeout = 15
ldap page size = 1024
ldap user suffix =
add share command =
change share command =
delete share command =
eventlog list =
config file =
preload =
lock directory = /usr/local/samba/var/locks
pid directory = /usr/local/samba/var/locks
utmp directory =
wtmp directory =
utmp = No
default service =
message command =
get quota command =
set quota command =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map =
afs username map =
afs token lifetime = 604800
log nt token command =
time offset = 0
NIS homedir = No
panic action =
host msdfs = No
enable rid algorithm = Yes
passdb expand explicit = Yes
idmap backend = "ldap:ldap://ldap03 ldap://ldap04"
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = +
winbind cache time = 15
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = No
winbind trusted domains only = No
winbind nested groups = No
winbind max idle children = 3
winbind nss info = template
comment =
path =
username =
invalid users =
valid users =
admin users = CPHOIL+hbr, CPHOIL+jfj, CPHOIL+ssa, CPHOIL+obl,
CPHOIL+hhu, CPHOIL+ckm, CPHOIL+toh, CPHOIL+esl, CPHOIL+bsv, CPHOIL+dja,
CPHOIL+kik, CPHOIL+xren, CPHOIL+exchangeservice
read list =
write list =
printer admin =
force user =
force group =
read only = Yes
acl check permissions = Yes
acl group control = No
acl map full control = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
force unknown acl user = No
inherit permissions = No
inherit acls = No
inherit owner = No
guest only = No
guest ok = No
only user = No
hosts allow =
hosts deny =
allocation roundup size = 1048576
aio read size = 0
aio write size = 0
aio write behind =
ea support = No
nt acl support = Yes
profile acls = No
map acl inherit = No
afs share = No
block size = 1024
max connections = 0
min print space = 0
strict allocate = No
strict sync = No
sync always = No
use sendfile = No
write cache size = 0
max reported print jobs = 0
max print jobs = 1000
printable = No
printing = sysv
cups options =
print command = lp -c -d%p %s; rm %s
lpq command = lpstat -o%p
lprm command = cancel %p-%j
lppause command = lp -i %p-%j -H hold
lpresume command = lp -i %p-%j -H resume
queuepause command = disable %p
queueresume command = enable %p
printer name =
use client driver = No
default devmode = No
force printername = No
default case = lower
case sensitive = Auto
preserve case = Yes
short preserve case = Yes
mangling char = ~
hide dot files = Yes
hide special files = No
hide unreadable = No
hide unwriteable files = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map archive = Yes
map hidden = No
map system = No
map readonly = yes
mangled names = Yes
mangled map =
store dos attributes = No
browseable = Yes
blocking locks = Yes
csc policy = manual
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = Yes
share modes = Yes
dfree cache time = 0
dfree command =
copy =
include =
preexec = /bin/echo "%u at %m connected to //%L/%S on %T"
>>/usr/local/samba/var/smblog
preexec close = No
postexec = /bin/echo "%u at %m disconnected from //%L/%S
on %T" >>/usr/local/samba/var/smblog
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = Yes
dos filetime resolution = No
fake directory create times = No
vfs objects =
msdfs root = No
msdfs proxy =
**********************************************************************
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they
are addressed. If you have received this e-mail in error please notify
the system manager at helpdesk at maerskoil.com.
This e-mail and its contents do not constitute and shall not be
considered as a financial commitment of Maersk Olie og Gas AS
and its affiliates.
Maersk Olie og Gas AS expressly disclaims any responsibility
as to the accuracy and use of this e-mail and its contents.
**********************************************************************
More information about the samba
mailing list