14980 – File closure after +/- 10 hours on Samba SMB3 with Kerberos

Bug 14980 - File closure after +/- 10 hours on Samba SMB3 with Kerberos

Summary: File closure after +/- 10 hours on Samba SMB3 with Kerberos

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	File services (show other bugs)
Version:	unspecified
Hardware:	x86 Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Samba QA Contact
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-02-15 08:13 UTC by Hans van Leeuwen
Modified:	2022-02-15 08:17 UTC (History)
CC List:	0 users

See Also:

Attachments
C-program source to reproduce the closed file problem (646 bytes, text/plain) 2022-02-15 08:13 UTC, Hans van Leeuwen	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hans van Leeuwen 2022-02-15 08:13:42 UTC

Created attachment 17166 [details]
C-program source to reproduce the closed file problem

In own environment, several Samba-servers with the parameters “workgroup = WORKGROUP” and “security = user” works correct.
But the Samba-servers with the parameters “workgroup = <DOMAIN-NAME>” and “security = ads” results in a "closed file" after some hours.
I expect that this disconnection is the result of an “expired Kerberos ticket”.
But I don’t know how to avoid this "file closure".

On a Windows-10 system the X-drive is mapped to a Samba-server in the same domain.
In the attachment the C-source of a simple program is added.
The C-source is compiled with gcc to the executable fwrite.exe.
On that Windows-10 system the executable fwrite.exe runs for several hours correct.
The output of fwrite.exe is for several hours:
8  6:57:20
fprintf ret_val = 12 fflush ret_val = 0 errno = 0

Every minute a string with day number and time is added to the file ftest_file.txt on the Samba-Server.

But after several hours the output becomes:
8  16:42:23
fprintf ret_val = 12 fflush ret_val = -1 errno = 22

The file ftest_file.txt on the Samba-Server is not supplemented with date and time rules any more.

The mapped X-drive is however still available.

On the samba-server the command “klist” give the next output.

Ticket cache: FILE:/tmp/krb5cc_0             
Default principal: automation@<DOMAIN-NAME>

Valid starting     Expires            Service principal
09/02/22 11:59:59  10/02/22 11:59:59  krbtgt/<DOMAIN-NAME>.LOCAL@<DOMAIN-NAME>.LOCAL
                                renew until 25/02/22 11:59:59

Renewing the expire time with the command below doesn’t solve the problem.
kinit -V -k -t /etc/krb5.keytab automation@<DOMAIN-NAME>.LOCAL
Using default cache: /tmp/krb5cc_0
Using principal: automation@<DOMAIN-NAME>.LOCAL
Using keytab: /etc/krb5.keytab
Authenticated to Kerberos v5

In the Samba logfile's no relevant error messages are found.

With a share on a Windows SMB-Server with SMB3 this problem doesn't occur.
Doesn't a Windows SMB-server work with Kerberos?

Is it possible to use Samba SMBv3 without Kerberos?

The command smbstatus give "Samba version 4.7.6-Ubuntu"

How can I solve this "file closure" problem?