[Samba] 3.0.22 becomes non-responsive

Shawn Wright swright at sls.bc.ca
Tue Nov 14 23:58:14 GMT 2006 

We have a samba 3.0.22 server which acts as file storage for our mail system 
(Mercury/32 & Pegasus Mail), serving about 600 users, with a typical load of 150 
concurrent users. We have been seeing an increase in stability problems such 
as:

1. shared win32 executable files become "locked" to the point where the win2k 
client reports the file is corrupt, or access is denied. Clients have read-only 
access to the share where the files reside

2. a client cannot browse shares on the server from a win2k client, or the 
browsing is extremely slow

3. in one instance today, while browsing a share, the client was presented with 
the contents of a *different* share.

Investigating cases #2 and #3 usually shows that clients having connection 
problems have excessive numbers of smbd processes running for them, up to 
10. In some cases, killing processes for the affected stations will resolve the 
problems, and even free up the "broken" executables in #1. 
However, once a week or so, we have to resort to restarting the samba 
processes entirely, as the problem processes don't respond to a kill.

When things are running smoothly, the server sees about 20-30% CPU usage 
by the smbd processes (total), and a load average of 0.5 to 1

System has 512Mb RAM, and doesn't appear to be running out - swap is not 
used significantly.

Redhat 8.0XFS installer version, kernel 2.4.18-18 from SGI.

I am seeing some 'kernel: lease timed out' messages, but they don't seem to 
coincide with the problems we are seeing - two of them yesterday in the log, but 
we've have far more than two issues with samba in the past 24 hours.

Below is the smb.conf

Thanks for any assistance.
ps: This machine is slated for replacement, with a new server already running, 
but we have no time to do the swap right now, so hope to stabilize samba for a 
few more weeks.

============

[global]
smb ports = 139
winbind separator =+
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/false
create mask = 0700
directory mask = 0700
workgroup = SHAWNIGAN
server string = PMAIL Server
hosts allow = 10. 127. 72.2.0.
security = domain
password server =  *
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 
SO_SNDBUF=16384
write raw = yes
read raw = yes
max xmit = 65535
dead time = 15
getwd cache = yes
dns proxy = no
unix password sync = no
encrypt passwords = yes
map to guest = never
password level = 0
null passwords = no
allow hosts = 10. 72.2.0.
os level = 0
preferred master = no
domain master = no
wins support = no
wins server = 72.2.0.5
dead time = 0
debug level = 1 
log level = 1

[sysroot]
 comment = sysroot
 valid users = @"shawnigan+domain admins"
 admin users = @"shawnigan+domain admins"
 writeable = yes
 path = /
 hosts allow =10.4. 72.2.0.
 inherit permissions = yes
 ea support = yes
 inherit acls = yes

[home]
 comment = Student Homes
 browseable = yes
 writable = yes
 available = yes
 public = no
 path=/home     
 valid users = @"shawnigan+domain admins"
 admin users = @"shawnigan+domain admins"
 inherit permissions = yes
 ea support = yes
inherit acls = yes
inherit owner = yes

[data]
 comment = Data Volume
 browseable = yes
 writable = yes
 available = yes
 public = no
 path=/data
 admin users = @"shawnigan+domain admins"
 inherit permissions = yes
 ea support = yes
 inherit acls = yes

[pmail]
 comment = Mail Storage
 browseable = yes
 writable = yes
 available = yes
 public = no
 path=/pmail
 admin users = @"shawnigan+domain admins"
 inherit permissions = yes
 ea support = yes
 inherit acls = yes
oplocks = no
level2 oplocks = no


[pmailapp]
 comment = Pegasus Mail
 browseable = yes
 writable = no
 available = yes
 public = no
 path=/pmail/app
 admin users = @"shawnigan+domain admins"    

[pubapps]
 comment = Public Applications
 browseable = yes
 writable = yes
 available = yes
 public = no
 path=/data/pubapps
 admin users = @"shawnigan+domain admins"
 inherit permissions = yes
 ea support = yes
 inherit acls = yes
 hosts allow = 10.1. 10.2.210. 10.3. 10.4.
oplocks = no
level2 oplocks = no


[tftpboot]
 comment = tftpboot
 browseable = no
 writable = yes
 available = yes
 public = no
 path=/home/tftpboot
 valid users = @"shawnigan+domain admins","shawnigan+apache-internal"
 admin users = @"shawnigan+domain admins"
 inherit permissions = yes
 ea support = yes
 inherit acls = yes


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Shawn Wright, I.T. Manager
Shawnigan Lake School
http://www.sls.bc.ca
swright at sls.bc.ca

More information about the samba mailing list