[Samba] Intermittent failure
L.P.H. van Belle
belle at bazuin.nl
Wed May 14 02:32:45 MDT 2014
uh...
Opening cache file at /var/db/samba4/gencache.tdb
> tdb(/var/db/samba4/gencache.tdb): tdb_open_ex: could not open file /var/db/samba4/gencache.tdb: Permission denied
>> params.c:OpenConfFile() - Unable to open configuration file
>"/usr/local/etc/smb4.conf":
>> Permission denied
so fix your rights first.
>-----Oorspronkelijk bericht-----
>Van: ml at netfence.it [mailto:samba-bounces at lists.samba.org]
>Namens Andrea Venturoli
>Verzonden: woensdag 14 mei 2014 10:27
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Intermittent failure
>
>Hello.
>
>I'm in need of some help to shed some light on a strange problem.
>
>The box is running Samba 4.1.7 on FreeBSD 9.2/amd64 and I suspect
>(though I'm not sure) all troubles started after the upgrade
>from 4.1.6.
>The setup is quite simple: no AD, no LDAP, only one server.
>
>A command as simple as "smbclient -U user //SERVER/SHARE", if fired up
>several times in a row on the server itself, will sometimes succeed,
>somtimes fail.
>Same happens for "smbclient -U root -L //SERVER".
>
>
>A sample log:
>> smbclient -d 5 -U xxxxxx //XXXXX/xxxxxxxxxxx
>> INFO: Current debug levels:
>> all: 5
>> tdb: 5
>> printdrivers: 5
>> lanman: 5
>> smb: 5
>> rpc_parse: 5
>> rpc_srv: 5
>> rpc_cli: 5
>> passdb: 5
>> sam: 5
>> auth: 5
>> winbind: 5
>> vfs: 5
>> idmap: 5
>> quota: 5
>> acls: 5
>> locking: 5
>> msdfs: 5
>> dmapi: 5
>> registry: 5
>> scavenger: 5
>> dns: 5
>> ldb: 5
>> lp_load_ex: refreshing parameters
>> Initialising global parameters
>> max_open_files: increasing sysctl_max (11095) to minimum
>Windows limit (16384)
>> rlimit_max: increasing rlimit_max (11095) to minimum Windows
>limit (16384)
>> INFO: Current debug levels:
>> all: 5
>> tdb: 5
>> printdrivers: 5
>> lanman: 5
>> smb: 5
>> rpc_parse: 5
>> rpc_srv: 5
>> rpc_cli: 5
>> passdb: 5
>> sam: 5
>> auth: 5
>> winbind: 5
>> vfs: 5
>> idmap: 5
>> quota: 5
>> acls: 5
>> locking: 5
>> msdfs: 5
>> dmapi: 5
>> registry: 5
>> scavenger: 5
>> dns: 5
>> ldb: 5
>> params.c:OpenConfFile() - Unable to open configuration file
>"/usr/local/etc/smb4.conf":
>> Permission denied
>> pm_process() returned No
>> smbclient: Can't load /usr/local/etc/smb4.conf - run
>testparm to debug it
>> added interface re0 ip=192.168.1.254 bcast=192.168.1.255
>netmask=255.255.255.0
>> added interface re1 ip=192.168.111.1 bcast=192.168.111.255
>netmask=255.255.255.0
>> Netbios name list:-
>> my_netbios_names[0]="XXXXX"
>> Client started (version 4.1.7).
>> Enter xxxxxx's password:
>> Opening cache file at /var/db/samba4/gencache.tdb
>> tdb(/var/db/samba4/gencache.tdb): tdb_open_ex: could not
>open file /var/db/samba4/gencache.tdb: Permission denied
>> gencache_init: Opening cache file
>/var/db/samba4/gencache.tdb read-only.
>> Opening cache file at /var/db/samba4/gencache_notrans.tdb
>> sitename_fetch: No stored sitename for
>> no entry for XXXXX#20 found.
>> resolve_lmhosts: Attempting lmhosts lookup for name XXXXX<0x20>
>> resolve_lmhosts: Attempting lmhosts lookup for name XXXXX<0x20>
>> startlmhosts: Can't open lmhosts file
>/usr/local/etc/lmhosts. Error was No such file or directory
>> resolve_wins: WINS server resolution selected and no WINS
>servers listed.
>> resolve_hosts: Attempting host lookup for name XXXXX<0x20>
>> namecache_store: storing 1 address for XXXXX#20: 192.168.111.1
>> Connecting to 192.168.111.1 at port 445
>> Socket options:
>> SO_KEEPALIVE = 0
>> SO_REUSEADDR = 0
>> SO_BROADCAST = 0
>> TCP_NODELAY = 4
>> Could not test socket option TCP_KEEPCNT.
>> Could not test socket option TCP_KEEPIDLE.
>> Could not test socket option TCP_KEEPINTVL.
>> IPTOS_LOWDELAY = 0
>> IPTOS_THROUGHPUT = 0
>> SO_REUSEPORT = 0
>> SO_SNDBUF = 48996
>> SO_RCVBUF = 81660
>> SO_SNDLOWAT = 2048
>> SO_RCVLOWAT = 1
>> SO_SNDTIMEO = 0
>> SO_RCVTIMEO = 0
>> session request ok
>> Doing spnego session setup (blob length=74)
>> got OID=1.3.6.1.4.1.311.2.2.10
>> got principal=not_defined_in_RFC4178 at please_ignore
>> Got challenge flags:
>> Got NTLMSSP neg_flags=0x60898215
>> NTLMSSP_NEGOTIATE_UNICODE
>> NTLMSSP_REQUEST_TARGET
>> NTLMSSP_NEGOTIATE_SIGN
>> NTLMSSP_NEGOTIATE_NTLM
>> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>> NTLMSSP_NEGOTIATE_NTLM2
>> NTLMSSP_NEGOTIATE_TARGET_INFO
>> NTLMSSP_NEGOTIATE_128
>> NTLMSSP_NEGOTIATE_KEY_EXCH
>> NTLMSSP: Set final flags:
>> Got NTLMSSP neg_flags=0x60088215
>> NTLMSSP_NEGOTIATE_UNICODE
>> NTLMSSP_REQUEST_TARGET
>> NTLMSSP_NEGOTIATE_SIGN
>> NTLMSSP_NEGOTIATE_NTLM
>> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>> NTLMSSP_NEGOTIATE_NTLM2
>> NTLMSSP_NEGOTIATE_128
>> NTLMSSP_NEGOTIATE_KEY_EXCH
>> NTLMSSP Sign/Seal - Initialising with flags:
>> Got NTLMSSP neg_flags=0x60088215
>> NTLMSSP_NEGOTIATE_UNICODE
>> NTLMSSP_REQUEST_TARGET
>> NTLMSSP_NEGOTIATE_SIGN
>> NTLMSSP_NEGOTIATE_NTLM
>> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>> NTLMSSP_NEGOTIATE_NTLM2
>> NTLMSSP_NEGOTIATE_128
>> NTLMSSP_NEGOTIATE_KEY_EXCH
>> SPNEGO login failed: Undetermined error
>> session setup failed: NT_STATUS_UNSUCCESSFUL
>
>
>
>At the same time log.smbd shows:
>> [2014/05/14 10:18:19.719746, 2]
>../source3/param/loadparm.c:535(max_open_files)
>> max_open_files: increasing sysctl_max (11095) to minimum
>Windows limit (16384)
>> [2014/05/14 10:18:19.719851, 2]
>../source3/param/loadparm.c:543(max_open_files)
>> rlimit_max: increasing rlimit_max (11095) to minimum
>Windows limit (16384)
>> [2014/05/14 10:18:19.720670, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxx]"
>> [2014/05/14 10:18:19.720756, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxx]"
>> [2014/05/14 10:18:19.720951, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxx]"
>> [2014/05/14 10:18:19.721046, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxx]"
>> [2014/05/14 10:18:19.721229, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxxxxx]"
>> [2014/05/14 10:18:19.721334, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxxxx]"
>> [2014/05/14 10:18:19.721465, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxx]"
>> [2014/05/14 10:18:19.721596, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxx]"
>> [2014/05/14 10:18:19.721737, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxxx]"
>> [2014/05/14 10:18:19.721890, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxxxx]"
>> [2014/05/14 10:18:19.722042, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxxx]"
>> [2014/05/14 10:18:19.722151, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxxxxxx]"
>> [2014/05/14 10:18:19.722283, 2]
>../source3/param/loadparm.c:3581(do_section)
>> Processing section "[xxxxxxx]"
>> [2014/05/14 10:18:19.729397, 2]
>../source3/auth/auth.c:278(auth_check_ntlm_password)
>> check_ntlm_password: authentication for user [xxxxxx] ->
>[xxxxxx] -> [xxxxxx succeeded
>> [2014/05/14 10:18:19.732064, 1]
>../source3/auth/token_util.c:430(add_local_groups)
>> SID S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX ->
>getpwuid(4294967295) failed
>> [2014/05/14 10:18:19.732157, 1]
>../source3/smbd/sesssetup.c:276(reply_sesssetup_and_X_spnego)
>> Failed to generate session_info (user and group token) for
>session setup: NT_STATUS_UNSUCCESSFUL
>
>
>
>While I'm no expert, the last lines are quite suspicious to me:
>authentication succeeds, but somehow that's not enough.
>I searched for "SID -> getpwuid failed" but came up with nothing.
>
>
>
>Relevant part of smb4.conf:
>> [global]
>> workgroup = XXXXXXX
>> netbios aliases=SERVER
>> server string = NetFence
>> interfaces = re1
>> hosts allow = 127. 192.168.111.0/24 10.1.2.15
>> security = user
>> encrypt passwords = yes
>> os level = 255
>> local master = yes
>> domain master = yes
>> preferred master = yes
>> domain logons = yes
>> wins support = yes
>> wins proxy = yes
>> dns proxy = yes
>> name resolve order = wins
>> logon script=netlogon.cmd
>> time server = Yes
>> map archive = No
>
>
>
>Any hint on where I should go and look next?
>
>
>
> bye & Thanks
> av.
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list