[Samba] Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend = ldapsam

Vladimir Skubriev skubriev at cvisionlab.com
Tue Feb 20 06:19:54 UTC 2018


Sure.

```
[global]

   workgroup = EXAMPLE
   server string =
   dns proxy = no

   interfaces = eth0
   bind interfaces only = yes

   log file = /var/log/samba/log.%m
   max log size = 1000

# new options
   log level = 5
   netbios name = FILES
   #panic action = /usr/share/samba/panic-action %d
   server role = STANDALONE SERVER

   local master = no

   security = user
   encrypt passwords = true

   #passdb backend = tdbsam
   #obey pam restrictions = yes
   passdb backend = ldapsam:"ldap://ldap/"
   ldapsam:trusted=yes
   ldapsam:editposix=yes

   # Don't forget to update ldap admin password
   # use smbpasswd -w
   ldap admin dn = cn=smbadmadmin,ou=users,dc=example,dc=in
   ldap group suffix = ou=groups
   ldap idmap suffix = ou=idmap
   ldap machine suffix = ou=computers
   ldap user suffix = ou=users
   ldap suffix = dc=example,dc=in

# One of the general params!!!
   ldap ssl = no
   #ldap debug level = 1
   #ldap debug level = 10

   idmap config FILES : backend  = ldap
   idmap config FILES : range = 5000-999999


# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
   map to guest = bad user

   load printers = no
   printing = bsd
   printcap name = /dev/null
   disable spoolss = yes

# TODO
# Add some performance

   socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
   use sendfile = true

# For work with mac clients same as linux/windows clients (as permissions
forcing by smb server)
# ISSUE #1564
   unix extensions = no

[public]
 comment = Internal share for file exchange
 path = /public
 browseable = yes
 read only = no
 valid users = @"all", @"dirs"
 read list =
 write list = @"all"
 admin users = @"dirs"
 force create mode = 0660
 force directory mode = 0660

 # for mac users and if sgid bit is ommited somewhere at older folder
 force group = all

 # for access markup folder outside of common
 follow symlinks = yes
 wide links = yes
```

When I am commented this  `#panic action`. It's decreased number of
segfaults processes to one process.

Now smbd exits on the following step:

```
Primary group is 0 and contains 0 supplementary groups
smbldap_search_ext: base => [sambaDomainName=FILES,dc=example,dc=in],
filter => [(objectClass=sambaDomain)], scope => [0]
smbldap_modify: dn => [sambaDomainName=FILES,dc=example,dc=in]
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
===============================================================
INTERNAL ERROR: Signal 11 in pid 9974 (4.7.5)
Please read the Trouble-Shooting section of the Samba HOWTO
===============================================================
PANIC (pid 9974): internal error
BACKTRACE: 49 stack frames:
 #0 /usr/local/samba/lib/libsmbconf.so.0(log_stack_trace+0x1f)
[0x7f0dc796a64b]
 #1 /usr/local/samba/lib/libsmbconf.so.0(smb_panic_s3+0x6d) [0x7f0dc796a49c]
 #2 /usr/local/samba/lib/libsamba-util.so.0(smb_panic+0x28) [0x7f0dc9e1139f]
 #3 /usr/local/samba/lib/libsamba-util.so.0(+0x2107d) [0x7f0dc9e1107d]
 #4 /usr/local/samba/lib/libsamba-util.so.0(+0x21092) [0x7f0dc9e11092]
```

I also tried stracing smbd. There is some trace log:

```
fcntl(22, F_SETLKW, {l_type=F_RDLCK, l_whence=SEEK_SET, l_start=28064,
l_len=1}) = 0
fcntl(22, F_SETLKW, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=28064,
l_len=1}) = 0
clock_gettime(CLOCK_BOOTTIME, {84255, 473048526}) = 0
write(1, "smbldap_search_ext: base => [sam"..., 123) = 123
clock_gettime(CLOCK_BOOTTIME, {84255, 473252973}) = 0
rt_sigaction(SIGALRM, {0x7f0dbfabd4ee, [ALRM], SA_RESTORER,
0x7f0dca289390}, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
alarm(16)                               = 0
clock_gettime(CLOCK_BOOTTIME, {84255, 473497017}) = 0
clock_gettime(CLOCK_BOOTTIME, {84255, 473578560}) = 0
write(13, "0r\2\1\21cm\4'sambaDomainName=EXAMPLE,d"..., 116) = 116
poll([{fd=13, events=POLLIN|POLLPRI}], 1, 15000) = 1 ([{fd=13,
revents=POLLIN}])
read(13, "00\2\1\21d+\4", 8)            = 8
read(13, "'sambaDomainName=EXAMPLE,dc=exampl"..., 42) = 42
poll([{fd=13, events=POLLIN|POLLPRI}], 1, 14999) = 1 ([{fd=13,
revents=POLLIN}])
read(13, "0\f\2\1\21e\7\n", 8)          = 8
read(13, "\1\0\4\0\4\0", 6)             = 6
alarm(0)                                = 16
rt_sigaction(SIGALRM, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390},
{0x7f0dbfabd4ee, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
clock_gettime(CLOCK_BOOTTIME, {84255, 474889992}) = 0
write(1, "smbldap_modify: dn => [sambaDoma"..., 64) = 64
clock_gettime(CLOCK_BOOTTIME, {84255, 475117112}) = 0
rt_sigaction(SIGALRM, {0x7f0dbfabd4ee, [ALRM], SA_RESTORER,
0x7f0dca289390}, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
alarm(16)                               = 0
clock_gettime(CLOCK_BOOTTIME, {84255, 475357737}) = 0
clock_gettime(CLOCK_BOOTTIME, {84255, 475443054}) = 0
write(13, "0S\2\1\22fN\4'sambaDomainName=EXAMPLE,d"..., 85) = 85
poll([{fd=13, events=POLLIN|POLLPRI}], 1, -1) = 1 ([{fd=13,
revents=POLLIN}])
read(13, "0\f\2\1\22g\7\n", 8)          = 8
read(13, "\0012\4\0\4\0", 6)            = 6
alarm(0)                                = 16
rt_sigaction(SIGALRM, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390},
{0x7f0dbfabd4ee, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
geteuid()                               = 0
getegid()                               = 0
setgroups(0, [])                        = 0
setresgid(-1, 0, -1)                    = 0
getegid()                               = 0
setresuid(0, 0, -1)                     = 0
geteuid()                               = 0
getegid()                               = 0
geteuid()                               = 0
write(1, "pop_sec_ctx (0, 0) - sec_ctx_sta"..., 43) = 43
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} ---
write(1, "================================"..., 64) = 64
write(1, "INTERNAL ERROR: Signal 11 in pid"..., 46) = 46
write(1, "Please read the Trouble-Shooting"..., 60) = 60
write(1, "================================"..., 64) = 64
write(1, "PANIC (pid 9974): internal error"..., 33) = 33
```

Hope this can help.

2018-02-19 15:04 GMT+03:00 Rowland Penny via samba <samba at lists.samba.org>:

> On Mon, 19 Feb 2018 14:49:48 +0300
> Vladimir Skubriev via samba <samba at lists.samba.org> wrote:
>
> > Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend =
> > ldapsam
> >
> > Hi.
> >
> > I tried to migrate my storage(smb) server to more newer version, but
> > faced with 'segfaults", after(in progress) client authenticating,
> > when samba tries to start a new smbd instance (as i understand). I
> > saw client authentication success, which interrupts in following
> > places:
> >
> > In case with 4.3.11+dfsg-0ubuntu0.16.04.12 from ubuntu xenial there is
> > error in
> > `/usr/lib/x86_64-linux-gnu/samba/libsmbregistry.so.0(log_
> stack_trace+0x1a)
> > [0x7f2bc30a17aa]`
> >
> > In case with 4.7.5-1 from .../stable/samba-4.7.5.tar.gz there is
> > error in `/usr/local/samba/lib/libsmbconf.so.0(log_stack_trace+0x1f)
> > [0x7f111922a64b]`
> >
> > What should be my further actions?
> >
> > As described in logs: "Please read the Trouble-Shooting section of the
> > Samba HOWTO". I would like to avoid a deep debugging.
> >
> > I would like to solve the problem more easily than to do an in-depth
> > analysis.
> >
> > Thank you for your help.
> >
>
> Bit hard to say what the problem could be from what you have posted,
> can you post your smb.conf?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



-- 
Faithfully yours,

CVision Lab System Administrator
Vladimir Skubriev


More information about the samba mailing list