[Samba] Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend = ldapsam
Vladimir Skubriev
skubriev at cvisionlab.com
Tue Feb 20 10:29:56 UTC 2018
I got more information ,after enable log_level to 10:
```
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
push_conn_ctx(0) : conn_ctx_stack_ndx = 2
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
Security token: (NULL)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
Adding cache entry with key=[ACCT_POL/password history] and timeout=[Thu
Jan 1 03:00:00 AM 1970 MSK] (-1519122085 seconds in the past)
ldapsam_get_account_policy_from_ldap
smbldap_search_ext: base => [sambaDomainName=EXAMPLE,dc=example,dc=in],
filter => [(objectClass=sambaDomain)], scope => [0]
ldapsam_get_account_policy: failed to retrieve from ldap
ldapsam_set_account_policy_in_ldap
smbldap_modify: dn => [sambaDomainName=EXAMPLE,dc=example,dc=in]
Failed to modify dn: sambaDomainName=EXAMPLE,dc=example,dc=in, error: 50
(Insufficient access) (unknown)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
attribute sambaBadPasswordCount does not exist
attribute sambaBadPasswordTime does not exist
attribute sambaLogonHours does not exist
attribute gecos does not exist
===============================================================
INTERNAL ERROR: Signal 11 in pid 10426 (4.7.5)
Please read the Trouble-Shooting section of the Samba HOWTO
===============================================================
PANIC (pid 10426): internal error
BACKTRACE: 49 stack frames:
#0 /usr/local/samba/lib/libsmbconf.so.0(log_stack_trace+0x1f)
[0x7f478e94264b]
#1 /usr/local/samba/lib/libsmbconf.so.0(smb_panic_s3+0x6d) [0x7f478e94249c]
#2 /usr/local/samba/lib/libsamba-util.so.0(smb_panic+0x28) [0x7f4790de939f]
#3 /usr/local/samba/lib/libsamba-util.so.0(+0x2107d) [0x7f4790de907d]
```
2018-02-20 9:19 GMT+03:00 Vladimir Skubriev <skubriev at cvisionlab.com>:
> Sure.
>
> ```
> [global]
>
> workgroup = EXAMPLE
> server string =
> dns proxy = no
>
> interfaces = eth0
> bind interfaces only = yes
>
> log file = /var/log/samba/log.%m
> max log size = 1000
>
> # new options
> log level = 5
> netbios name = FILES
> #panic action = /usr/share/samba/panic-action %d
> server role = STANDALONE SERVER
>
> local master = no
>
> security = user
> encrypt passwords = true
>
> #passdb backend = tdbsam
> #obey pam restrictions = yes
> passdb backend = ldapsam:"ldap://ldap/"
> ldapsam:trusted=yes
> ldapsam:editposix=yes
>
> # Don't forget to update ldap admin password
> # use smbpasswd -w
> ldap admin dn = cn=smbadmadmin,ou=users,dc=example,dc=in
> ldap group suffix = ou=groups
> ldap idmap suffix = ou=idmap
> ldap machine suffix = ou=computers
> ldap user suffix = ou=users
> ldap suffix = dc=example,dc=in
>
> # One of the general params!!!
> ldap ssl = no
> #ldap debug level = 1
> #ldap debug level = 10
>
> idmap config FILES : backend = ldap
> idmap config FILES : range = 5000-999999
>
>
> # This option controls how unsuccessful authentication attempts are mapped
> # to anonymous connections
> map to guest = bad user
>
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
> # TODO
> # Add some performance
>
> socket options = TCP_NODELAY SO_RCVBUF=131072 SO_SNDBUF=131072
> use sendfile = true
>
> # For work with mac clients same as linux/windows clients (as permissions
> forcing by smb server)
> # ISSUE #1564
> unix extensions = no
>
> [public]
> comment = Internal share for file exchange
> path = /public
> browseable = yes
> read only = no
> valid users = @"all", @"dirs"
> read list =
> write list = @"all"
> admin users = @"dirs"
> force create mode = 0660
> force directory mode = 0660
>
> # for mac users and if sgid bit is ommited somewhere at older folder
> force group = all
>
> # for access markup folder outside of common
> follow symlinks = yes
> wide links = yes
> ```
>
> When I am commented this `#panic action`. It's decreased number of
> segfaults processes to one process.
>
> Now smbd exits on the following step:
>
> ```
> Primary group is 0 and contains 0 supplementary groups
> smbldap_search_ext: base => [sambaDomainName=FILES,dc=example,dc=in],
> filter => [(objectClass=sambaDomain)], scope => [0]
> smbldap_modify: dn => [sambaDomainName=FILES,dc=example,dc=in]
> pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
> ===============================================================
> INTERNAL ERROR: Signal 11 in pid 9974 (4.7.5)
> Please read the Trouble-Shooting section of the Samba HOWTO
> ===============================================================
> PANIC (pid 9974): internal error
> BACKTRACE: 49 stack frames:
> #0 /usr/local/samba/lib/libsmbconf.so.0(log_stack_trace+0x1f)
> [0x7f0dc796a64b]
> #1 /usr/local/samba/lib/libsmbconf.so.0(smb_panic_s3+0x6d)
> [0x7f0dc796a49c]
> #2 /usr/local/samba/lib/libsamba-util.so.0(smb_panic+0x28)
> [0x7f0dc9e1139f]
> #3 /usr/local/samba/lib/libsamba-util.so.0(+0x2107d) [0x7f0dc9e1107d]
> #4 /usr/local/samba/lib/libsamba-util.so.0(+0x21092) [0x7f0dc9e11092]
> ```
>
> I also tried stracing smbd. There is some trace log:
>
> ```
> fcntl(22, F_SETLKW, {l_type=F_RDLCK, l_whence=SEEK_SET, l_start=28064,
> l_len=1}) = 0
> fcntl(22, F_SETLKW, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=28064,
> l_len=1}) = 0
> clock_gettime(CLOCK_BOOTTIME, {84255, 473048526}) = 0
> write(1, "smbldap_search_ext: base => [sam"..., 123) = 123
> clock_gettime(CLOCK_BOOTTIME, {84255, 473252973}) = 0
> rt_sigaction(SIGALRM, {0x7f0dbfabd4ee, [ALRM], SA_RESTORER,
> 0x7f0dca289390}, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
> alarm(16) = 0
> clock_gettime(CLOCK_BOOTTIME, {84255, 473497017}) = 0
> clock_gettime(CLOCK_BOOTTIME, {84255, 473578560}) = 0
> write(13, "0r\2\1\21cm\4'sambaDomainName=EXAMPLE,d"..., 116) = 116
> poll([{fd=13, events=POLLIN|POLLPRI}], 1, 15000) = 1 ([{fd=13,
> revents=POLLIN}])
> read(13, "00\2\1\21d+\4", 8) = 8
> read(13, "'sambaDomainName=EXAMPLE,dc=exampl"..., 42) = 42
> poll([{fd=13, events=POLLIN|POLLPRI}], 1, 14999) = 1 ([{fd=13,
> revents=POLLIN}])
> read(13, "0\f\2\1\21e\7\n", 8) = 8
> read(13, "\1\0\4\0\4\0", 6) = 6
> alarm(0) = 16
> rt_sigaction(SIGALRM, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390},
> {0x7f0dbfabd4ee, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
> clock_gettime(CLOCK_BOOTTIME, {84255, 474889992}) = 0
> write(1, "smbldap_modify: dn => [sambaDoma"..., 64) = 64
> clock_gettime(CLOCK_BOOTTIME, {84255, 475117112}) = 0
> rt_sigaction(SIGALRM, {0x7f0dbfabd4ee, [ALRM], SA_RESTORER,
> 0x7f0dca289390}, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
> alarm(16) = 0
> clock_gettime(CLOCK_BOOTTIME, {84255, 475357737}) = 0
> clock_gettime(CLOCK_BOOTTIME, {84255, 475443054}) = 0
> write(13, "0S\2\1\22fN\4'sambaDomainName=EXAMPLE,d"..., 85) = 85
> poll([{fd=13, events=POLLIN|POLLPRI}], 1, -1) = 1 ([{fd=13,
> revents=POLLIN}])
> read(13, "0\f\2\1\22g\7\n", 8) = 8
> read(13, "\0012\4\0\4\0", 6) = 6
> alarm(0) = 16
> rt_sigaction(SIGALRM, {SIG_IGN, [ALRM], SA_RESTORER, 0x7f0dca289390},
> {0x7f0dbfabd4ee, [ALRM], SA_RESTORER, 0x7f0dca289390}, 8) = 0
> geteuid() = 0
> getegid() = 0
> setgroups(0, []) = 0
> setresgid(-1, 0, -1) = 0
> getegid() = 0
> setresuid(0, 0, -1) = 0
> geteuid() = 0
> getegid() = 0
> geteuid() = 0
> write(1, "pop_sec_ctx (0, 0) - sec_ctx_sta"..., 43) = 43
> --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} ---
> write(1, "================================"..., 64) = 64
> write(1, "INTERNAL ERROR: Signal 11 in pid"..., 46) = 46
> write(1, "Please read the Trouble-Shooting"..., 60) = 60
> write(1, "================================"..., 64) = 64
> write(1, "PANIC (pid 9974): internal error"..., 33) = 33
> ```
>
> Hope this can help.
>
> 2018-02-19 15:04 GMT+03:00 Rowland Penny via samba <samba at lists.samba.org>
> :
>
>> On Mon, 19 Feb 2018 14:49:48 +0300
>> Vladimir Skubriev via samba <samba at lists.samba.org> wrote:
>>
>> > Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend =
>> > ldapsam
>> >
>> > Hi.
>> >
>> > I tried to migrate my storage(smb) server to more newer version, but
>> > faced with 'segfaults", after(in progress) client authenticating,
>> > when samba tries to start a new smbd instance (as i understand). I
>> > saw client authentication success, which interrupts in following
>> > places:
>> >
>> > In case with 4.3.11+dfsg-0ubuntu0.16.04.12 from ubuntu xenial there is
>> > error in
>> > `/usr/lib/x86_64-linux-gnu/samba/libsmbregistry.so.0(log_sta
>> ck_trace+0x1a)
>> > [0x7f2bc30a17aa]`
>> >
>> > In case with 4.7.5-1 from .../stable/samba-4.7.5.tar.gz there is
>> > error in `/usr/local/samba/lib/libsmbconf.so.0(log_stack_trace+0x1f)
>> > [0x7f111922a64b]`
>> >
>> > What should be my further actions?
>> >
>> > As described in logs: "Please read the Trouble-Shooting section of the
>> > Samba HOWTO". I would like to avoid a deep debugging.
>> >
>> > I would like to solve the problem more easily than to do an in-depth
>> > analysis.
>> >
>> > Thank you for your help.
>> >
>>
>> Bit hard to say what the problem could be from what you have posted,
>> can you post your smb.conf?
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
>
> --
> Faithfully yours,
>
> CVision Lab System Administrator
> Vladimir Skubriev
>
>
--
Faithfully yours,
CVision Lab System Administrator
Vladimir Skubriev
More information about the samba
mailing list