[Samba] CTDB 50.samba: ERROR: smb.conf cache create failed
Achim Gottinger
achim at ag-web.biz
Sun Aug 24 19:04:32 MDT 2014
Am 24.08.2014 08:05, schrieb steve:
> On Sat, 2014-08-23 at 21:13 +0200, Achim Gottinger wrote:
>> Am 23.08.2014 15:49, schrieb steve:
>>> Ubuntu 14.04, ctdb 2.5.1 from the ubuntu package. samba 4.1.11 with
>>> cluster support from source.
>>>
>>> Error upon startup only. Restarting ctdb on that node clears the error.
>>> The other node with the same config is OK. Any ideas?
>>> Cheers,
>>> Steve
>>>
>>> smb.conf
>>> [global]
>>> workgroup = ALTEA
>>> realm = ALTEA.SITE
>>> security = ADS
>>> kerberos method = secrets and keytab
>>> netbios name = SMBCLUSTER
>>> disable netbios = Yes
>>> clustering = Yes
>>> ctdbd socket = /var/lib/run/ctdb/ctdbd.socket
>>> pid director = /var/run/samba
>>> [users]
>>> path = /cluster/users
>>> read only = No
>>> [profiles]
>>> path = /cluster/profiles
>>> read only = No
>>> [shared]
>>> path = /cluster/shared
>>> force create mode = 0770
>>> read only = No
>> Added an modification, so it shows the full path for the file causing
>> the error.
>>> 50.samba
>>> #!/bin/sh
>>> # ctdb event script for Samba
>>>
>>> [ -n "$CTDB_BASE" ] || \
>>> export CTDB_BASE=$(cd -P $(dirname "$0") ; dirname "$PWD")
>>>
>>> . $CTDB_BASE/functions
>>>
>>> detect_init_style
>>>
>>> case $CTDB_INIT_STYLE in
>>> suse)
>>> CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb}
>>> CTDB_SERVICE_NMB=${CTDB_SERVICE_NMB:-nmb}
>>> ;;
>>> debian)
>>> CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-samba}
>>> CTDB_SERVICE_NMB=${CTDB_SERVICE_NMB:-""}
>>> ;;
>>> *)
>>> # Use redhat style as default:
>>>
>>> CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb}
>>> CTDB_SERVICE_NMB=${CTDB_SERVICE_NMB:-""}
>>> ;;
>>> esac
>>>
>>> service_name="samba"
>>>
>>> loadconfig
>>>
>>> ctdb_setup_service_state_dir
>>>
>>> service_start ()
>>> {
>>> # make sure samba is not already started
>>> service "$CTDB_SERVICE_SMB" stop > /dev/null 2>&1
>>> if [ -n "$CTDB_SERVICE_NMB" ] ; then
>>> service "$CTDB_SERVICE_NMB" stop > /dev/null 2>&1
>>> fi
>>> killall -0 -q smbd && {
>>> sleep 1
>>> # make absolutely sure samba is dead
>>> killall -q -9 smbd
>>> }
>>> killall -0 -q nmbd && {
>>> sleep 1
>>> # make absolutely sure samba is dead
>>> killall -q -9 nmbd
>>> }
>>>
>>> # start Samba service. Start it reniced, as under very heavy load
>>> # the number of smbd processes will mean that it leaves few cycles
>>> # for anything else
>>> net serverid wipe
>>>
>>> if [ -n "$CTDB_SERVICE_NMB" ] ; then
>>> nice_service "$CTDB_SERVICE_NMB" start || die "Failed to start nmbd"
>>> fi
>>>
>>> service "$CTDB_SERVICE_SMB" start || die "Failed to start samba"
>>> }
>>>
>>> service_stop ()
>>> {
>>> service "$CTDB_SERVICE_SMB" stop
>>> if [ -n "$CTDB_SERVICE_NMB" ] ; then
>>> service "$CTDB_SERVICE_NMB" stop
>>> fi
>>> }
>>>
>>> ######################################################################
>>> # Show the testparm output using a cached smb.conf to avoid delays due
>>> # to registry access.
>>>
>>> smbconf_cache="$service_state_dir/smb.conf.cache"
>>>
>>> testparm_foreground_update ()
>>> {
>>> _timeout="$1"
>>>
>>> if ! _out=$(timeout $_timeout testparm -v -s 2>/dev/null) ; then
>>> if [ -f "$smbconf_cache" ] ; then
>>> echo "WARNING: smb.conf cache update failed - using old cache file"
>>> return 1
>>> else
>>> die "ERROR: smb.conf cache create failed"
>> die "ERROR: smb.conf cache create failed at $smbconf_cache"
> Hi Achim
> You should become a private detective. You'd make a killing:)
>
> Aug 24 07:37:38 uc2 ctdbd: 50.samba: ERROR: smb.conf cache create failed
> @ /var/ctdb/state/samba/smb.conf.cache
>
> and:
> ls -l /var/ctdb/state
> total 12
> drwxr-xr-x 2 root root 4096 ago 24 07:37 ctdb
> drwxr-xr-x 3 root root 4096 ago 24 07:37 gpfs
> -rw-r--r-- 1 root root 0 ago 24 07:37 interface_modify_bond0.flock
> drwxr-xr-x 2 root root 4096 ago 24 07:37 samba
>
> ls -l /var/ctdb/state/samba
> total 0
>
> Nothing at /var/lib/lib/ctdb/ either:
> ls -l /var/lib/lib/ctdb
> total 14424
> -rw-r--r-- 1 root root 1204224 ago 24 07:37 brlock.tdb.1
> -rw------- 1 root root 1507328 ago 24 07:37 dbwrap_watchers.tdb.1
> -rw------- 1 root root 1507328 ago 24 07:37 g_lock.tdb.1
> -rw-r--r-- 1 root root 1204224 ago 24 07:37 locking.tdb.1
> -rw-r--r-- 1 root root 1204224 ago 24 07:37 notify_index.tdb.1
> drwx------ 2 root root 4096 ago 24 07:37 persistent
> -rw-r--r-- 1 root root 1507328 ago 24 07:42 printer_list.tdb.1
> -rw-r--r-- 1 root root 1507328 ago 24 07:42 serverid.tdb.1
> -rw------- 1 root root 1204224 ago 24 07:37 smbXsrv_open_global.tdb.1
> -rw------- 1 root root 1204224 ago 24 07:37 smbXsrv_session_global.tdb.1
> -rw------- 1 root root 1204224 ago 24 07:37 smbXsrv_tcon_global.tdb.1
> -rw------- 1 root root 1507328 ago 24 07:37 smbXsrv_version_global.tdb.1
> drwx------ 2 root root 4096 ago 24 07:34 state
>
> ls -l /var/lib/lib/ctdb/state
> total 496
> -rw------- 1 root root 696 ago 24 07:30 persistent_health.tdb.1
> -rw------- 1 root root 503808 ago 24 07:34 recdb.tdb.1
>
> On the other node, the cache _is_ created:
> ls -l /var/ctdb/state/samba
> total 12
> -rw-r--r-- 1 root root 9332 ago 24 07:50 smb.conf.cache
>
> and contains:
>
> cat /var/ctdb/state/samba/smb.conf.cache
> [global]
> dos charset = CP850
> unix charset = UTF-8
> workgroup = ALTEA
> realm = ALTEA.SITE
> netbios name = SMBCLUSTER
> netbios aliases =
> netbios scope =
> server string = Samba 4.1.6-Ubuntu
> interfaces =
> bind interfaces only = No
> server role = auto
> security = ADS
> auth methods =
> encrypt passwords = Yes
> client schannel = Auto
> server schannel = Auto
> allow trusted domains = Yes
> map to guest = Never
> null passwords = No
> obey pam restrictions = No
> password server = *
> smb passwd file = /etc/samba/smbpasswd
> private dir = /var/lib/samba/private
> passdb backend = tdbsam
> algorithmic rid base = 1000
> root directory =
> guest account = nobody
> enable privileges = Yes
> pam password change = No
> passwd program =
> passwd chat = *new*password* %n
> *new*password* %n
> *changed*
> passwd chat debug = No
> passwd chat timeout = 2
> check password script =
> username map =
> username level = 0
> unix password sync = No
> restrict anonymous = 0
> lanman auth = No
> ntlm auth = Yes
> client NTLMv2 auth = Yes
> client lanman auth = No
> client plaintext auth = No
> client use spnego principal = No
> preload modules =
> dedicated keytab file =
> kerberos method = secrets and keytab
> map untrusted to domain = No
> log level = 2
> syslog = 1
> syslog only = No
> log file =
> max log size = 5000
> debug timestamp = Yes
> debug prefix timestamp = No
> debug hires timestamp = Yes
> debug pid = No
> debug uid = No
> debug class = No
> enable core files = Yes
> smb ports = 445, 139
> large readwrite = Yes
> server max protocol = SMB3
> server min protocol = LANMAN1
> client max protocol = NT1
> client min protocol = CORE
> unicode = Yes
> min receivefile size = 0
> read raw = Yes
> write raw = Yes
> disable netbios = Yes
> reset on zero vc = No
> log writeable files on exit = No
> defer sharing violations = Yes
> nt pipe support = Yes
> nt status support = Yes
> max mux = 50
> max xmit = 16644
> name resolve order = lmhosts, wins, host, bcast
> max ttl = 259200
> max wins ttl = 518400
> min wins ttl = 21600
> time server = No
> unix extensions = Yes
> use spnego = Yes
> client signing = default
> server signing = default
> client use spnego = Yes
> client ldap sasl wrapping = plain
> enable asu support = No
> svcctl list =
> cldap port = 0
> dgram port = 0
> nbt port = 0
> krb5 port = 0
> kpasswd port = 0
> web port = 0
> rpc big endian = No
> getwd cache = Yes
> keepalive = 300
> lpq cache time = 30
> max smbd processes = 0
> max disk size = 0
> max open files = 16384
> socket options = TCP_NODELAY
> use mmap = Yes
> use ntdb = No
> hostname lookups = No
> name cache timeout = 660
> ctdbd socket = /var/lib/run/ctdb/ctdbd.socket
> cluster addresses =
> clustering = Yes
> ctdb timeout = 0
> ctdb locktime warn threshold = 0
> smb2 max read = 1048576
> smb2 max write = 1048576
> smb2 max trans = 1048576
> smb2 max credits = 8192
> load printers = Yes
> printcap cache time = 750
> printcap name =
> cups server =
> cups encrypt = No
> cups connection timeout = 30
> iprint server =
> disable spoolss = No
> addport command =
> enumports command =
> addprinter command =
> deleteprinter command =
> show add printer wizard = Yes
> os2 driver map =
> mangling method = hash2
> mangle prefix = 1
> max stat cache size = 256
> stat cache = Yes
> machine password timeout = 604800
> add user script =
> rename user script =
> delete user script =
> add group script =
> delete group script =
> add user to group script =
> delete user from group script =
> set primary group script =
> add machine script =
> shutdown script =
> abort shutdown script =
> username map script =
> username map cache time = 0
> logon script =
> logon path = \%N\%U\profile
> logon drive =
> logon home = \%N\%U
> domain logons = No
> init logon delayed hosts =
> init logon delay = 100
> os level = 20
> lm announce = Auto
> lm interval = 60
> preferred master = No
> local master = Yes
> domain master = Auto
> browse list = Yes
> enhanced browsing = Yes
> dns proxy = Yes
> wins proxy = No
> wins server =
> wins support = No
> wins hook =
> lock spin time = 200
> oplock break wait time = 0
> ldap admin dn =
> ldap delete dn = No
> ldap group suffix =
> ldap idmap suffix =
> ldap machine suffix =
> ldap passwd sync = no
> ldap replication sleep = 1000
> ldap suffix =
> ldap ssl = start tls
> ldap ssl ads = No
> ldap deref = auto
> ldap follow referral = Auto
> ldap timeout = 15
> ldap connection timeout = 2
> ldap page size = 1024
> ldap user suffix =
> ldap debug level = 0
> ldap debug threshold = 10
> eventlog list =
> add share command =
> change share command =
> delete share command =
> preload =
> lock directory = /var/run/samba
> state directory = /var/lib/samba
> cache directory = /var/cache/samba
> pid directory = /var/run/samba
> ntp signd socket directory =
> utmp directory =
> wtmp directory =
> utmp = No
> default service =
> message command =
> get quota command =
> set quota command =
> remote announce =
> remote browse sync =
> nbt client socket address = 0.0.0.0
> nmbd bind explicit broadcast = Yes
> homedir map = auto.home
> afs username map =
> afs token lifetime = 604800
> log nt token command =
> NIS homedir = No
> usershare allow guests = No
> usershare max shares = 100
> usershare owner only = Yes
> usershare path = /var/lib/samba/usershares
> usershare prefix allow list =
> usershare prefix deny list =
> usershare template share =
> async smb echo handler = No
> panic action =
> perfcount module =
> host msdfs = Yes
> passdb expand explicit = No
> idmap backend = tdb
> idmap cache time = 604800
> idmap negative cache time = 120
> idmap uid =
> idmap gid =
> template homedir = /home/%D/%U
> template shell = /bin/false
> winbind cache time = 300
> winbind reconnect delay = 30
> winbind max clients = 200
> winbind enum users = No
> winbind enum groups = No
> winbind use default domain = No
> winbind trusted domains only = No
> winbind nested groups = Yes
> winbind expand groups = 1
> winbind nss info = template
> winbind refresh tickets = No
> winbind offline logon = No
> winbind normalize names = No
> winbind rpc only = No
> create krb5 conf = Yes
> ncalrpc dir = /var/run/samba/ncalrpc
> winbind max domain connections = 1
> winbindd socket directory =
> winbindd privileged socket directory =
> winbind sealed pipes = No
> allow dns updates = disabled
> dns forwarder =
> dns update command =
> nsupdate command =
> rndc command =
> multicast dns register = Yes
> samba kcc command =
> server services =
> dcerpc endpoint servers =
> spn update command =
> share backend =
> tls enabled = No
> tls keyfile =
> tls certfile =
> tls cafile =
> tls crlfile =
> tls dh params file =
> idmap config * : backend = tdb
> comment =
> path =
> username =
> invalid users =
> valid users =
> admin users =
> read list =
> write list =
> force user =
> force group =
> read only = Yes
> acl check permissions = Yes
> acl group control = No
> acl map full control = Yes
> acl allow execute always = No
> create mask = 0744
> force create mode = 00
> directory mask = 0755
> force directory mode = 00
> force unknown acl user = No
> inherit permissions = No
> inherit acls = No
> inherit owner = No
> guest only = No
> administrative share = No
> guest ok = No
> only user = No
> hosts allow =
> hosts deny =
> allocation roundup size = 1048576
> aio read size = 0
> aio write size = 0
> aio write behind =
> ea support = No
> nt acl support = Yes
> profile acls = No
> map acl inherit = No
> afs share = No
> smb encrypt = default
> durable handles = Yes
> block size = 1024
> change notify = Yes
> directory name cache size = 100
> kernel change notify = Yes
> max connections = 0
> min print space = 0
> strict allocate = No
> strict sync = No
> sync always = No
> use sendfile = No
> write cache size = 0
> max reported print jobs = 0
> max print jobs = 1000
> printable = No
> print notify backchannel = Yes
> print ok = No
> printing = cups
> cups options =
> print command =
> lpq command = %p
> lprm command =
> lppause command =
> lpresume command =
> queuepause command =
> queueresume command =
> printer name =
> use client driver = No
> default devmode = Yes
> force printername = No
> printjob username = %U
> default case = lower
> case sensitive = Auto
> preserve case = Yes
> short preserve case = Yes
> mangling char = ~
> hide dot files = Yes
> hide special files = No
> hide unreadable = No
> hide unwriteable files = No
> delete veto files = No
> veto files =
> hide files =
> veto oplock files =
> map archive = Yes
> map hidden = No
> map system = No
> map readonly = yes
> mangled names = Yes
> store dos attributes = No
> dmapi support = No
> browseable = Yes
> access based share enum = No
> blocking locks = Yes
> csc policy = manual
> fake oplocks = No
> kernel oplocks = No
> kernel share modes = Yes
> locking = Yes
> oplocks = Yes
> level2 oplocks = Yes
> oplock contention limit = 2
> posix locking = Yes
> strict locking = Auto
> dfree cache time = 0
> dfree command =
> preexec =
> preexec close = No
> postexec =
> root preexec =
> root preexec close = No
> root postexec =
> available = Yes
> volume =
> fstype = NTFS
> wide links = No
> follow symlinks = Yes
> dont descend =
> magic script =
> magic output =
> delete readonly = No
> dos filemode = No
> dos filetimes = Yes
> dos filetime resolution = No
> fake directory create times = No
> vfs objects =
> msdfs root = No
> msdfs proxy =
> ntvfs handler =
>
> [users]
> path = /cluster/users
> read only = No
>
> [profiles]
> path = /cluster/profiles
> read only = No
>
> [shared]
> path = /cluster/shared
> read only = No
> force create mode = 0770
>
>
> OK, that looks like testparm -v
> so,
> testparm
> Load smb config files from /etc/samba/smb.conf
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384)
> Processing section "[users]"
> Processing section "[profiles]"
> Processing section "[shared]"
> Loaded services file OK.
> ERROR: state directory /var/lib/samba does not exist
> Server role: ROLE_DOMAIN_MEMBER
>
> So:
> mkdir -p /var/lib/samba
>
> and immediately:
> Aug 24 07:57:44 uc2 ctdbd: monitor event OK - node re-enabled
> Aug 24 07:57:44 uc2 ctdbd: Node became HEALTHY. Ask recovery master 0 to
> perform ip reallocation
> Aug 24 07:57:44 uc2 ctdbd: recoverd:Node 1 has changed flags - now 0x0
> was 0x2
> Aug 24 07:57:45 uc2 ctdbd: recoverd:Disabling takeover runs for 60
> seconds
> Aug 24 07:57:47 uc2 ctdbd: Takeover of IP 192.168.1.81/24 on interface
> bond0
> Aug 24 07:57:49 uc2 ntpd[2497]: Listen normally on 13 bond0 192.168.1.81
> UDP 123
> Aug 24 07:57:49 uc2 ntpd[2497]: peers refreshed
> Aug 24 07:57:49 uc2 ntpd[2497]: new interface(s) found: waking up
> resolver
> Aug 24 07:57:49 uc2 ctdbd: recoverd:Reenabling takeover runs
>
> Which begs the question: why on a source build to /usr/local/samba, do
> we need /var/lib/samba?
>
> Thanks for your help,
> Steve
>
>
I see so it faild to create smb.conf.cache via testparm because if the
missing folder /var/lib/samba.
I think rowland posted an helpfull test (smbd -b) few days back.
To check default statedir defined during build you can use.
smbd -b | grep STATEDIR
achim~
More information about the samba
mailing list