Opening a new bug about some problems reported in bug 5806. When trying to connect to a samba server, smbd dies.
Created attachment 3685 [details] log files Log files from starting samba and then running root@egr214-01:/usr/local/samba/var$ smbclient -L //localhost -k -d 3 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/sfw/smb.conf" Processing section "[global]" added interface ip=134.114.9.64 bcast=134.114.9.255 nmask=255.255.255.0 Client started (version 3.0.28). Connecting to 127.0.0.1 at port 445 Doing spnego session setup (blob length=136) got OID=1 2 840 113554 1 2 2 got OID=1 2 840 48018 1 2 2 got OID=1 3 6 1 4 1 311 2 2 10 got principal=cifs/egr214-01.students.froot.nau.edu@STUDENTS.FROOT.NAU.EDU Doing kerberos session setup ads_cleanup_expired_creds: Ticket in ccache[FILE:/tmp/krb5cc_0] expiration Fri, 24 Oct 2008 10:13:48 GMT-7 OS=[Unix] Server=[Samba 3.4.0-GIT-353aaf2-devel] Receiving SMB: Server stopped responding tree connect failed: Call returned zero bytes (EOF)
Samba still crashes as of today's git checkout.
Add the following to the [global] section of your smb.conf : panic action = "/bin/sleep 90000" build smbd with symbols and reproduce the crash. smbd will be blocked at the crash point waiting for the sleep. Attach to the crashed smbd process with gdb and type "bt" (backtrace). Please post the output of this command. Jeremy.
Ok. Here's what I've got... (gdb) bt #0 0xd0ca5a15 in __pollsys () from /lib/libc.so.1 #1 0xd0c99fc8 in _pollsys () from /lib/libc.so.1 #2 0xd0c52f52 in pselect () from /lib/libc.so.1 #3 0xd0c53248 in select () from /lib/libc.so.1 #4 0x082d5622 in sys_select (maxfd=0, readfds=0x8046280, writefds=0x8046180, errorfds=0x0, tval=0x0) at lib/select.c:93 #5 0x084db577 in open_sockets_smbd (is_daemon=true, interactive=false, smb_ports=0x0) at smbd/server.c:643 #6 0x084dc95b in main (argc=2, argv=0x8047620) at smbd/server.c:1370 and (gdb) bt #0 0xd0ca63f5 in _waitid () from /lib/libc.so.1 #1 0xd0c586a3 in _waitpid () from /lib/libc.so.1 #2 0xd0c9a3fb in waitpid () from /lib/libc.so.1 #3 0xd0c8e767 in system () from /lib/libc.so.1 #4 0x082cc370 in smb_panic (why=0x850012a "sys_setgroups failed") at lib/util.c:1672 #5 0x08105a23 in set_unix_security_ctx (uid=62107, gid=10000, ngroups=17, groups=0x8616b98) at smbd/sec_ctx.c:260 #6 0x08105ae7 in set_sec_ctx (uid=62107, gid=10000, ngroups=17, groups=0x8616b98, token=0x8616ae0) at smbd/sec_ctx.c:330 #7 0x080f85a3 in change_to_user (conn=0x860f4b0, vuid=101) at smbd/uid.c:279 #8 0x08119c92 in make_connection_snum (snum=2, vuser=0x86125c8, password={data = 0x8609f50 "", length = 1, free = 0}, pdev=0x8046fec "?????", pstatus=0x804728c) at smbd/service.c:982 #9 0x0811aa12 in make_connection (service_in=0x8609f9c "IPC$", password={data = 0x8609f50 "", length = 1, free = 0}, pdev=0x860a030 "?????", vuid=101, status=0x804728c) at smbd/service.c:1288 #10 0x080d80e2 in reply_tcon_and_X (req=0x8609f00) at smbd/reply.c:685 #11 0x08116c5e in switch_message (type=117 'u', req=0x8609f00, size=88) at smbd/process.c:1479 #12 0x08116cff in construct_reply (inbuf=0x8609e70 "", size=88, unread_bytes=0, encrypted=false) at smbd/process.c:1502 #13 0x08116f8b in process_smb (inbuf=0x8609e70 "", nread=88, unread_bytes=0, encrypted=false) at smbd/process.c:1578 #14 0x08117991 in smbd_process () at smbd/process.c:2070 #15 0x084dcce3 in main (argc=2, argv=0x8047620) at smbd/server.c:1465
Created attachment 3709 [details] smb.conf used Since the error mentioned "sys_setgroups failed", here's my smb.conf using the idmap_adex winbind module
Oh, Björn Jacke just yesterday mentioned to me that Samba now panics if you hit the 16-groups per user limit. Is it possible that your user is in more than 16 groups, the hard limit on Solaris? Volker
Looks like my username is only a member of 15 groups. (anymore and I have problems with solaris and nfs as you mentioned) Also it looks like winbind does not yet work with the groups command on solaris. Winbind host: root@egr214-01:/$ groups NAU-STUDENTS\\mcm75 10000 Centrify'ed host: root@kashyyyk:~$ groups mcm75 cefnsunix cefns_test cefns_meweb cefns_qspweb cefns_eppweb cefns_ceneweb cefns_gcsweb cefns_it cefns_cmweb cefns_chmweb cefns_envsci_gradweb cefns_bioweb cefns_taiweb cefns_cpcesuweb cefns_hetpweb
(In reply to comment #7) > Looks like my username is only a member of 15 groups. (anymore and I have > problems with solaris and nfs as you mentioned) > > Also it looks like winbind does not yet work with the groups command on > solaris. > Winbind host: > root@egr214-01:/$ groups NAU-STUDENTS\\mcm75 > 10000 I expect this is just due to the fact that "winbind enum groups" is disabled by default for performance concerns.
That's what I heard in a previous bug report, so it has been enabled here since.
As of todays git checkout, I'm still getting smbd crashes when I attempt a cifs connection. root@egr214-01:/usr/local/samba/var$ tail -f log.smbd [2008/11/18 23:43:29, 3] smbd/sec_ctx.c:pop_sec_ctx(432) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2008/11/18 23:43:29, 3] smbd/sec_ctx.c:set_sec_ctx(324) setting sec ctx (62107, 10000) - sec_ctx_stack_ndx = 0 [2008/11/18 23:43:29, 0] lib/util.c:smb_panic(1666) PANIC (pid 7456): sys_setgroups failed [2008/11/18 23:43:29, 0] lib/util.c:log_stack_trace(1820) unable to produce a stack trace on this platform [2008/11/18 23:43:29, 0] lib/util.c:smb_panic(1671) smb_panic(): calling panic action [/bin/sleep 900000] Looks to still be occurring. Since this is a test machine for idmap_adex, I'm guessing the sys_setgroups message has something to do with that.
I'm pretty sure you have the above mentioned setgroups() problem. Your Solaris tells you that you are in 16 groups (15 plus your primary gid = 16 groups). And actually I guesss you are in more than 16 groups, can you ask your directory administrators how many groups you're in to make that sure? http://www.j3e.de/ngroups.html tells you how to enhance the group limit to 32. If you need a higher group limit you may not use Solaris.
That seems to have done it. My account was in more than 16 groups, but our centrify client would only show the first 16. Removing my account to under 16 groups allows me to connect without crashing. Any idea on an ETA for the fix?
Ask SUN or use Linux :-) Volker
Solaris limitation, no Samba bug
I don't mind it being a solaris issue, but shouldn't smbd not crash?
It's deliberate. It's not safe to continue if we can't honor the user's groups. Jeremy.
Maybe a panic including stack trace is a bit strong. What about a normal, clean server exit with a clear debug level 0 message? Volker
Oh the voice of reason..... :-). Works for me (so long as I don't have to add the patch :-). Jeremy.
I'm getting this same panic on Ubuntu 12.04 with Linux 3.6.0-030600rc6-generic, so the number of groups should not be a problem. Any ideas? uid=1000(chris) gid=1000(installuser) groups=1000(installuser),4(adm),20(dialout),21(fax),24(cdrom),25(floppy),26(tape),30(dip),44(video),46(plugdev),104(fuse),105(lpadmin),119(admin),122(sambashare),130(vboxusers),131(libvirtd) Could there be anything else causing this problem?
(In reply to comment #19) > I'm getting this same panic on Ubuntu 12.04 with Linux 3.6.0-030600rc6-generic, > so the number of groups should not be a problem. Any ideas? > > uid=1000(chris) gid=1000(installuser) > groups=1000(installuser),4(adm),20(dialout),21(fax),24(cdrom),25(floppy),26(tape),30(dip),44(video),46(plugdev),104(fuse),105(lpadmin),119(admin),122(sambashare),130(vboxusers),131(libvirtd) > > Could there be anything else causing this problem? Could you please upload a debug level 10 log leading up to this panic?