[Samba] smbd fails to start after upgrade to version 4.11.6
L.P.H. van Belle
belle at bazuin.nl
Wed Feb 5 08:24:49 UTC 2020
Hai Roy,
Thanks for verifing it all. Im still amazed with this one.
It all looks good to me, exept the missing PTR records then.. ;-)
Ok last question here to both, now i have Raspbian and Debian Buster amhf on the repo.
Rowland and Roy your both running Raspbian Buster correct?
Its so strange Rowland his pi is running correct and Roy not.
There has to be a different.
Im rulling out samba, of db corruptions.. Etc.
Only thing is samba should not crash, we might like to have a loglevel 10 of that.
And a bug report. Its a consistant crash of smbd so, reporting it would be nice yes..
It im 100% sure its something withing the pi and the nic in combination off raspbian or debian buster?
So, If you guys can confirm the os once again, who runs which one exactly.
If your on Raspbian.
Run : sudo raspi-config
Check what the state is of : Wait for Network at Boot.
Is someone using something like this to reduce boot time?
/etc/systemd/system/networking.service.d/reduce-timeout.conf
[Service]
TimeoutStartSec=1
Roy, can you reboot the pi and send me the dmesg log and syslog
I found some reports about "faulty" Pi mainboards also.
Or can you check it and look flipping networks..
Something like this:
[ 182.553342] bcmgenet fd580000.genet eth0: Link is Down
[ 182.553465] br0: port 1(eth0) entered disabled state
[ 185.673598] bcmgenet fd580000.genet eth0: Link is Up - 1Gbps/Full - flow control rx/tx
(source: https://github.com/raspberrypi/linux/issues/3034#issuecomment-509709135 )
You can try to enable the network speed for the nic..
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Roy Eastwood [mailto:spindles7 at gmail.com]
> Verzonden: dinsdag 4 februari 2020 22:26
> Aan: samba at lists.samba.org
> CC: 'L.P.H. van Belle'
> Onderwerp: RE: [Samba] smbd fails to start after upgrade to
> version 4.11.6
>
> Hi Loius,
>
>
> > Roy,
> >
> > Im still wondering what your problem might be/where its coming from.
> > But we know it's interface/network related, only thing is
> Samba should not coredump.
> >
> > So i had a good look below to see where im missing what.
> > And i dont see much to work with.
> >
> > I have 2 possible options where, where a problem might be.
> >
> > 1) samba start before network is online.
> > A possible workaround is add in all the samba services :
> > smbd.service nmbd.service winbind.service [Unit]
> Wants=network-online.target After=network-online.target
> >
> > systemctl edit smbd
> > systemctl edit nmbd
> > systemctl edit winbind
> >
> > But, i dont think its that, because here (my setup) and
> Rowland its pi are all working fine.
>
> Tried the above, still the same.
>
> >
> > ( based on : open_sockets_smbd: No sockets available to
> bind to. ) And google is also telling, most probely due to
> starting and no
> > network up.
> >
> > And/or, if your using the /etc/network/interfaces file, run this.
> >
> https://raw.githubusercontent.com/thctlo/debian-scripts/master
> /setup-systemd-networkd.sh
> > Run it like this :
> > bash setup-systemd-networkd.sh member
> > Verify the files, and try to replace /etc/network/interfaces.
> >
> > It creates the needes systemd networking files, they are
> places in the folder where you run it.
> > It does NOT change anything, it shows what todo with the files.
> >
> > It also might be an interface name thingy,, as Kris Lou mentions.
> > So run it and whats in the generated files.
> OK, here is the generated lan-member-dev-eth0.network file:
> #
> # This setup is for a Domain MEMBER server.
> # IPV4 only.
> [Match]
> Name=eth0
>
> [Network]
> DHCP=no
> DNSSEC=allow-downgrade
> DNSSECNegativeTrustAnchors=lan
> IPv6PrivacyExtensions=no
> IPv6AcceptRouterAdvertisements=no
> LinkLocalAddressing=no
> LLMNR=no
>
> # make use of systemd resolved and its setup, setup the
> 'search dnsdomain.tld.'
> Domains=samdom.org
>
> # lets make use of systemd-timedate and timesyncd for the
> member servers.
> NTP=192.168.2.240 192.168.2.4
>
> # DNS resolvers (its safe to mix IPv4 and IPv6)
> # Max 3 DNS entries. ::1 or 127.0.0.1 if you use a cacheing dns.
> # If you use systemd-resolved stub (caching) dns, use
> 127.0.0.53 (only)
> # Defaults to the AD-DC servers found in the dns.
> DNS=192.168.2.240 192.168.2.4
>
> # IPv4 gateway and primary IP address.
> Gateway=192.168.2.1
> Address=192.168.2.51/24
>
> (note instructions have the name of the file wrong - it gave
> it as lan-dev-eth0.network but it's actually called
> lan-member-dev-eth0.network)
>
> I implemented the changes per the instructions, and the
> result of timedatectl status:
> root at pi4b:~# timedatectl status
> Local time: Tue 2020-02-04 20:49:50 GMT
> Universal time: Tue 2020-02-04 20:49:50 UTC
> RTC time: n/a
> Time zone: Europe/London (GMT, +0000)
> System clock synchronized: no
> NTP service: inactive
> RTC in local TZ: no
> (was running chrony, which I disabled)
>
> The result of networkctl status
> root at pi4b:~# networkctl status
> ?$B!| State: routable
> Address: 192.168.2.51 on eth0
> Gateway: 192.168.2.1 on eth0
> DNS: 192.168.2.240
> 192.168.2.4
> Search Domains: samdom.org
> NTP: 192.168.2.240
> 192.168.2.4
>
> The result of networkctl status eth0
> root at pi4b:~# networkctl status eth0
> ?$B!| 2: eth0
> Link File: n/a
> Network File: /etc/systemd/network/lan-member-dev-eth0.network
> Type: ether
> State: routable (configured)
> Path: platform-fd580000.genet
> Driver: bcmgenet
> HW Address: dc:a6:32:17:3c:86
> Address: 192.168.2.51
> Gateway: 192.168.2.1
> DNS: 192.168.2.240
> 192.168.2.4
> Search Domains: samdom.org
> NTP: 192.168.2.240
> 192.168.2.4
> Connected To: n/a on port 38:2c:4a:72:cd:4e
>
> At this point, I re-enabled the two lines in smb.conf:
> bind interfaces only = yes
> interfaces = lo eth0
> and re-booted the pi.
>
> Still the same L smbd fails as systemctl status smbd shows:
> root at pi4b:~# systemctl status smbd
> ?$B!| smbd.service - Samba SMB Daemon
> Loaded: loaded (/lib/systemd/system/smbd.service; enabled;
> vendor preset: enabled)
> Active: failed (Result: core-dump) since Tue 2020-02-04
> 20:32:52 GMT; 22min ago
> Docs: man:smbd(8)
> man:samba(7)
> man:smb.conf(5)
> Process: 493
> ExecStartPre=/usr/share/samba/update-apparmor-samba-profile
> (code=exited, status=0/SUCCESS)
> Process: 495 ExecStart=/usr/sbin/smbd --foreground
> --no-process-group $SMBDOPTIONS (code=dumped, signal=ABRT)
> Main PID: 495 (code=dumped, signal=ABRT)
> Status: "smbd: ready to serve connections..."
>
> Feb 04 20:32:51 pi4b smbd[495]: open_sockets_smbd: No
> sockets available to bind to.
> Feb 04 20:32:51 pi4b smbd[495]: [2020/02/04 20:32:51.952387,
> 0] ../../source3/lib/util.c:824(smb_panic_s3)
> Feb 04 20:32:51 pi4b smbd[495]: PANIC (pid 495):
> open_sockets_smbd() failed
> Feb 04 20:32:51 pi4b smbd[495]: [2020/02/04 20:32:51.953028,
> 0] ../../lib/util/fault.c:265(log_stack_trace)
> Feb 04 20:32:51 pi4b smbd[495]: BACKTRACE: 0 stack frames:
> Feb 04 20:32:51 pi4b smbd[495]: [2020/02/04 20:32:51.953292,
> 0] ../../source3/lib/dumpcore.c:315(dump_core)
> Feb 04 20:32:51 pi4b smbd[495]: dumping core in
> /var/log/samba/cores/smbd
> Feb 04 20:32:51 pi4b smbd[495]:
> Feb 04 20:32:51 pi4b systemd[1]: smbd.service: Main process
> exited, code=dumped, status=6/ABRT
> Feb 04 20:32:52 pi4b systemd[1]: smbd.service: Failed with
> result 'core-dump'.
>
> >
> > 2) something is corrupt in samba database.
> > Lets hope not..
> So do I...
> >
> > A check on the script, and based on the output you sended before.
> > Just to make the thread complete, so i have a backlog of it.
> > (Todo, make better output of errors or functions with empty values.)
> >
> > > >
> > > >I would try and fix it first, can you download and run
> > > Louis's script:
> > > >https://github.com/thctlo/samba4/blob/master/samba-collect-de
> > bug-info.sh
> > > >Sanitise the output and post the output into a reply to this.
> > > >
> > > >Rowland
> > >
> > > OK:
> > > root at pi4b:~/scripts# ./samba-collect-debug-info.sh Please wait,
> > > collecting debug info.
> > >
> > > Password for Administrator at SAMDOM.ORG:
> > > grep: : No such file or directory
> >
> > Around line 144 in the script, which means its just not running.
> >
> > > Load smb config files from /etc/samba/smb.conf Loaded
> services file
> > > OK.
> > > Server role: ROLE_DOMAIN_MEMBER
> > >
> > > The debug info about your system can be found in this file:
> > > /tmp/samba-debug-info.txt
> > > -------------------- /tmp/samba-debug-info.txt ----------------
> > > Collected config --- 2020-01-29-20:20 -----------
> > >
> > > Hostname: pi4b
> > > DNS Domain: samdom.org
> > > FQDN: pi4b.samdom.org
> > > ipaddress: 192.168.2.51
> > >
> > > -----------
> > >
> > > Kerberos SRV _kerberos._tcp.samdom.org record verified ok, sample
> > > output:
> > > Server: 192.168.2.240
> > > Address: 192.168.2.240#53
> > >
> > > _kerberos._tcp.samdom.org service = 0 100 88 pi-dc.samdom.org.
> > > _kerberos._tcp.samdom.org service = 0 100 88 tiger-db.samdom.org.
> >
> > 2 AD-DC's are detected.
> > Can you verify these with
> > dig -x $(host pi-dc.samdom.org|awk '{ print $NF }' )
> Yes:
> dig -x $(host pi-dc.samdom.org| awk '{ print $NF }' )
>
> ; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> -x 192.168.2.4
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38893
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
> ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: 91bfcfed9ef46a69b34989825e39d6f6ba0f2712ec8869cd (good)
> ;; QUESTION SECTION:
> ;4.2.168.192.in-addr.arpa. IN PTR
>
> ;; AUTHORITY SECTION:
> 2.168.192.in-addr.arpa. 3600 IN SOA
> tiger-db.samdom.org. hostmaster.samdom.org. 11 900 600 86400 3600
>
> ;; Query time: 5 msec
> ;; SERVER: 192.168.2.240#53(192.168.2.240)
> ;; WHEN: Tue Feb 04 20:41:12 GMT 2020
> ;; MSG SIZE rcvd: 150
>
> > dig -x $(host tiger-db.samdom.org|awk '{ print $NF }' )
> root at pi4b:~# dig -x $(host tiger-db.samdom.org| awk '{ print $NF }' )
>
> ; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> -x 192.168.2.240
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34146
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
> ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: a3f680e54e3e81ee6c73adda5e39d772d9dceedb83ef6bb2 (good)
> ;; QUESTION SECTION:
> ;240.2.168.192.in-addr.arpa. IN PTR
>
> ;; AUTHORITY SECTION:
> 2.168.192.in-addr.arpa. 3600 IN SOA
> tiger-db.samdom.org. hostmaster.samdom.org. 11 900 600 86400 3600
>
> ;; Query time: 3 msec
> ;; SERVER: 192.168.2.240#53(192.168.2.240)
> ;; WHEN: Tue Feb 04 20:43:16 GMT 2020
> ;; MSG SIZE rcvd: 152
> > host $(hostname -d)
> root at pi4b:~# host $(hostname -d)
> samdom.org has address 192.168.2.4
> samdom.org has address 192.168.2.240
> >
> > > Samba is not being run as a DC or a Unix domain member.
> >
> > Line 157-159 so, because samba isnt running the script
> error on these parts.
> >
> > Just to make sure its not coming from fault DNS records.
> >
> > >
> > > -----------
> > > Checking file: /etc/os-release
> > >
> > > PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
> > > NAME="Raspbian GNU/Linux"
> > > VERSION_ID="10"
> > > VERSION="10 (buster)"
> > > VERSION_CODENAME=buster
> > > ID=raspbian
> > > ID_LIKE=debian
> > > HOME_URL="http://www.raspbian.org/"
> > > SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
> > > BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
> > >
> > > -----------
> > >
> > >
> > > This computer is running Debian 10.2 armv7l
> > >
> > > -----------
> > > running command : ip a
> > > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue
> state UNKNOWN
> > > group default qlen 1000
> > > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> > > inet 127.0.0.1/8 scope host lo
> > > 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> mq state UP
> > > group default qlen 1000
> > > link/ether dc:a6:32:17:3c:86 brd ff:ff:ff:ff:ff:ff
> > > inet 192.168.2.51/24 brd 192.168.2.255 scope global eth0
> > > 3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state
> DOWN group
> > > default qlen 1000
> > > link/ether dc:a6:32:17:3c:87 brd ff:ff:ff:ff:ff:ff
> > >
> > > -----------
> > > Checking file: /etc/hosts
> > >
> > > 127.0.0.1 localhost
> > > ::1 localhost ip6-localhost ip6-loopback
> > > ff02::1 ip6-allnodes
> > > ff02::2 ip6-allrouters
> > >
> > > 192.168.2.51 pi4b.samdom.org pi4b
> > >
> > > -----------
> > >
> > > Checking file: /etc/resolv.conf
> > >
> > > search samdom.org
> > > nameserver 192.168.2.240
> > > nameserver 192.168.2.4
> > >
> > > -----------
> > >
> > > Checking file: /etc/krb5.conf
> > >
> > > [libdefaults]
> > > default_realm = samdom.org
> > > dns_lookup_realm = false
> > > dns_lookup_kdc = true
> > >
> > > -----------
> > I cant see it but UPPERCASE SAMDOM.ORG in REALM
> dnsdomains.tld REALMS.TLD It just prevents small errors in
> combination with
> > othere software.
>
> Yes, can confirm that the realm was in UPPERCASE - the copy
> sent to the list was sanitised and got changed to lowercase in the
> process.
> >
> >
> > >
> > > Checking file: /etc/nsswitch.conf
> > >
> > > # /etc/nsswitch.conf
> > > #
> > > # Example configuration of GNU Name Service Switch functionality.
> > > # If you have the `glibc-doc-reference' and `info' packages
> > > installed, try:
> > > # `info libc "Name Service Switch"' for information about
> this file.
> > >
> > > passwd: files winbind
> > > group: files winbind
> > > shadow: files
> > > gshadow: files
> > >
> > > hosts: files mdns4_minimal [NOTFOUND=return] dns
> > > networks: files
> > >
> > > protocols: db files
> > > services: db files
> > > ethers: db files
> > > rpc: db files
> > >
> > > netgroup: nis
> > >
> > > -----------
> > >
> > > Warning, does not exist
> >
> > This is around line 300.
> > Where i think the " " is the missing file and this is
> > Or : Check_file_exists "${SMBCONF}" which whould be strange.
> > So i think its :
> > This line in the script.
> > Check_file_exists /etc/idmapd.conf
> > Can you check that, its just to make sure where i need to
> add parts in the script.
> The file exists:
> root at pi4b:~# ls -l /etc/idmapd.conf
> -rw-r--r-- 1 root root 206 Apr 6 2019 /etc/idmapd.conf
>
> Interestingly, I just re-ran your script and it ran OK this
> time, including smb.conf and user.map. Obviously
> something changed -
> perhaps all these tweaks changed something?
>
> >
> >
> > >
> > > -----------
> > >
> > >
> > > Installed packages:
> > > ii acl 2.2.53-4
> > > armhf access control list - utilities
> > > ii attr 1:2.4.48-4
> > > armhf utilities for manipulating filesystem
> extended attributes
> > > ii fonts-quicksand 0.2016-2
> > > all sans-serif font with round attributes
> > > ii krb5-config 2.6
> > > all Configuration files for Kerberos Version 5
> > > ii krb5-user 1.17-3
> > > armhf basic programs to authenticate using MIT Kerberos
> > > ii libacl1:armhf 2.2.53-4
> > > armhf access control list - shared library
> > > ii libattr1:armhf 1:2.4.48-4
> > > armhf extended attribute handling - shared library
> > > ii libgssapi-krb5-2:armhf 1.17-3
> > > armhf MIT Kerberos runtime libraries - krb5
> GSS-API Mechanism
> > > ii libkrb5-3:armhf 1.17-3
> > > armhf MIT Kerberos runtime libraries
> > > ii libkrb5support0:armhf 1.17-3
> > > armhf MIT Kerberos runtime libraries - Support library
> > > ii libnss-winbind:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Samba nameservice integration plugins
> > > ii libpam-krb5:armhf 4.8-2
> > > armhf PAM module for MIT Kerberos
> > > ii libpam-winbind:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Windows domain authentication integration plugin
> > > ii libsmbclient:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf shared library for communication with
> SMB/CIFS servers
> > > ii libwbclient0:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Samba winbind client library
> > > ii node-tweetnacl 0.14.5+dfsg-3
> > > all Port of TweetNaCl cryptographic library to JavaScript
> > > ii python3-samba
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Python 3 bindings for Samba
> > > ii samba
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf SMB/CIFS file, print, and login server for Unix
> > > ii samba-common
> 2:4.11.6+dfsg-0.1raspbian1
> > > all common files used by both the Samba server and client
> > > ii samba-common-bin
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Samba common files used by both the server
> and the client
> > > ii samba-dsdb-modules:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Samba Directory Services Database
> > > ii samba-libs:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Samba core libraries
> > > ii samba-vfs-modules:armhf
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf Samba Virtual FileSystem plugins
> > > ii smbclient
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf command-line SMB/CIFS clients for Unix
> > > ii vlc-plugin-samba:armhf 3.0.8-0+deb10u1+rpt7
> > > armhf Samba plugin for VLC
> > > ii winbind
> 2:4.11.6+dfsg-0.1raspbian1
> > > armhf service to resolve user and group information
> > > from Windows NT
> > > servers
> > >
> > > -----------
> > >
> > > Louis' script failed to print out smb.conf (even though
> it exists at
> > > /etc/samba/smb.conf) and user.map, so here they are:
> > > ---------- smb.conf -----------
> > > [global]
> > >
> > > netbios name = pi4b
> > > security = ADS
> > > workgroup = SAMDOM
> > > realm = SAMDOM.ORG
> > >
> > > # disable smb1
> > > client min protocol = smb2_02
> > > server min protocol = smb2_02
> > >
> > > log file = /var/log/samba/%m.log
> > > log level = 1
> > >
> > > # to prevent "Address family not supported by protocol" messages
> > > (ipv6)
> > > bind interfaces only = yes
> > > interfaces = lo eth0
> > >
> > > dedicated keytab file = /etc/krb5.keytab
> > > kerberos method = secrets and keytab
> > > winbind refresh tickets = yes
> > >
> > > winbind use default domain = yes
> > >
> > > # Default idmap config used for BUILTIN and local
> > > accounts/groups
> > > idmap config * : backend = tdb
> > > idmap config * : range = 2000-9999
> > >
> > > # idmap config for domain samdom
> > > idmap config SAMDOM:backend = rid
> > > idmap config SAMDOM:range = 10000-99999
> > >
> > > # next two lines for testing only - comment-out once working ok
> > > # winbind enum users = yes
> > > # winbind enum groups = yes
> > >
> > > template shell = /bin/bash
> > > # template homedir = /srv/samba/users/%U
> > >
> > > vfs objects = acl_xattr
> > > map acl inherit = yes
> > > store dos attributes = yes
> > > username map = /etc/samba/user.map
> > >
> > > [images]
> > > # for backup images made by Macrium Reflect
> > > path = /srv/samba/images
> > > read only = no
> > > acl_xattr:ignore system acl = yes
> > >
> > > [downloads]
> > > path = /srv/samba/downloads
> > > read only = no
> > > acl_xattr:ignore system acl = yes
> > >
> > > ---------------user.map --------------------
> > > !root = SAMDOM\Administrator SAMDOM\administrator Administrator
> > > administrator
> > >
> > > Thanks in advance for any clues!
> > >
> > > Roy
>
> Incidentally, I tried putting those two lines into smb.conf
> on pi-dc (also a Raspberry Pi but model 3) and it too caused smbd to
> fail. So it's something specific to pi's
>
> Thanks again, hope the above helps.
> Roy
>
>
More information about the samba
mailing list