[Samba] Uncontrolled sessions in Samba

Craig Andrew cbandrew at wi.mit.edu
Mon Aug 11 17:21:39 GMT 2008 

We are running Samba 3.0.28a and have been running into a problem with 
sessions not closing out. A user will start using samba and be fine for 
a period of time. There is no specific time, but the session keep adding 
up. They look like this:

bender    1886  4255  0 12:36 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1887  4255  0 12:37 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1891  4255  0 12:37 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1893  4255  0 12:38 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1906  4255  0 12:39 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1909  4255  0 12:40 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1943  4255  0 12:41 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1979  4255  0 12:42 ?        00:00:00 
/usr/local/samba/sbin/smbd -D
bender    1984  4255  0 12:43 ?        00:00:00 
/usr/local/samba/sbin/smbd -D

A new session every minute.  I have tried killing the sessions, but they 
eventually cause the user to not have access to the share they are 
trying to get to. My smb.conf looks like this:

[global]
debuglevel = 0
workgroup = CCDOM
server string = gobo.wi.mit.edu
hosts allow = x.x. 10.9. 10.5. x.x.x.
load printers = no
log file = /var/log/samba/smbd.log
log level = 1
max log size = 50000

security = server

#winbind separator = +
winbind use default domain = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%u
template shell = /bin/false
winbind trusted domains only = no

#idmap backend = ldap:ldap://localhost
#ldap idmap suffix = ou=Idmap
#ldap suffix = dc=samba,dc=wi,dc=mit,dc=edu
#ldap admin dn = cn=admin,dc=samba,dc=wi,dc=mit,dc=edu

nt acl support = no
use spnego = yes
password server = svr08 dc01 dc02
encrypt passwords = yes
unix password sync = no
pam password change = no
username map = /config/smbusers
obey pam restrictions = no
deadtime = 60

remote browse sync = x.x.0.0 x.x.255.255
remote announce = x.x.0.0 x.x.255.255
local master = no
os level = 33
domain master = no
preferred master = no
domain logons = no
wins support = no
wins server = x.x.x.x x.x.x.x
dns proxy = yes

nis homedir = yes
enhanced browsing = yes
kernel oplocks = yes
read raw = yes
write raw = yes
oplocks = yes
max xmit = 65535
deadtime = 15
blocking locks = no
getwd cache = yes
reset on zero vc = yes
mangled names = no

veto oplock files = /*.xls/*.doc/*.mdb/*.ppt/
veto files = /.AppleDouble/Network Trash Folder/TheVolumeSettingsFolder/
delete veto files = yes

The usual fix is a reboot, however, this is a problem in a production 
environment.

I have been getting errors in the samba log files:

[2008/08/11 08:40:35, 0] lib/util_sock.c:get_peer_addr(1232)
  getpeername failed. Error was Transport endpoint is not connected
  Denied connection from  (0.0.0.0)


The users that have had this problem are both Macintosh OS X and Windows 
XP. There is no pattern yet.

Has anyone seen this problem?

thanks,
Craig Andrew

More information about the samba mailing list