I tried to use expand_msdfs but it causes smbd crashed. To reproduce: 1) setting smb.conf: ----- [global] [dfstop] path = /var/lib/samba/shares/dfstop writeable = yes msdfs root = yes vfs objects = expand_msdfs ----- 2) setting DFS share: ----- $ ls -l /var/lib/samba/shares/dfstop/ total 0 lrwxrwxrwx 1 root root 23 2010-10-30 19:52 archives -> msdfs:filesv1\archives$ lrwxrwxrwx 1 root root 58 2010-10-30 23:00 archives5 -> msdfs:@/usr/local/samba/ lib/exp_dfs.dfstop1.map@\archives$ lrwxrwxrwx 1 root root 58 2010-10-30 23:00 archives6 -> msdfs:@/usr/local/samba/ lib/exp_dfs.dfstop1.map@/archives$ ----- 3) setting map file: ----- $ cat /usr/local/samba/lib/exp_dfs.dfstop1.map filesv1 ----- 4) to click "archives" link on Windows 7 successed, but "archives5" or "archives6" failed and smbd crashed: ----- [2010/11/06 14:53:09.122530, 10] modules/vfs_expand_msdfs.c:136(expand_msdfs_tar get) Expanding from table [/usr/local/samba/lib/exp_dfs.dfstop1.map] [2010/11/06 14:53:09.122563, 10] modules/vfs_expand_msdfs.c:53(read_target_host) Scanning mapfile [/usr/local/samba/lib/exp_dfs.dfstop1.map] [2010/11/06 14:53:09.122588, 10] modules/vfs_expand_msdfs.c:61(read_target_host) Scanning line [ filesv1] [2010/11/06 14:53:09.122622, 0] lib/fault.c:46(fault_report) =============================================================== [2010/11/06 14:53:09.122675, 0] lib/fault.c:47(fault_report) INTERNAL ERROR: Signal 11 in pid 3148 (3.5.0) Please read the Trouble-Shooting section of the Samba3-HOWTO [2010/11/06 14:53:09.122791, 0] lib/fault.c:49(fault_report) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2010/11/06 14:53:09.122829, 0] lib/fault.c:50(fault_report) =============================================================== [2010/11/06 14:53:09.122857, 0] lib/util.c:1465(smb_panic) PANIC (pid 3148): internal error [2010/11/06 14:53:09.129466, 0] lib/util.c:1569(log_stack_trace) BACKTRACE: 23 stack frames: #0 ../sbin/smbd(log_stack_trace+0x2d) [0xb71d8311] #1 ../sbin/smbd(smb_panic+0x78) [0xb71d845e] #2 ../sbin/smbd [0xb71c7878] #3 [0xb6e5d400] #4 ../sbin/smbd(smb_vfs_call_vfs_readlink+0x3f) [0xb6f98060] #5 ../sbin/smbd [0xb6fb5dce] #6 ../sbin/smbd [0xb6fb6087] #7 ../sbin/smbd(get_referred_path+0x5ce) [0xb6fb8581] #8 ../sbin/smbd(setup_dfs_referral+0x175) [0xb6fb88bc] #9 ../sbin/smbd [0xb6f8421a] #10 ../sbin/smbd(reply_trans2+0x68f) [0xb6f85057] #11 ../sbin/smbd [0xb6fa8d22] #12 ../sbin/smbd [0xb6fab65a] #13 ../sbin/smbd [0xb6fabeb6] #14 ../sbin/smbd(run_events+0x157) [0xb71e8431] #15 ../sbin/smbd(smbd_process+0x972) [0xb6fab353] #16 ../sbin/smbd [0xb7554655] #17 ../sbin/smbd(run_events+0x157) [0xb71e8431] #18 ../sbin/smbd [0xb71e86ec] #19 ../sbin/smbd(_tevent_loop_once+0x9e) [0xb71e8c3c] #20 ../sbin/smbd(main+0x11e9) [0xb7555a26] #21 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb6b37455] #22 ../sbin/smbd [0xb6f2a001] -----
Created attachment 6050 [details] Level 10 log Only enumerating dfs shares causes crash.
Created attachment 6051 [details] Patch Can you please try the attached patch? Thanks, Volker
Thx, this patch looks like good. I examined from both Windows 7 and Windows XP to patched Samba 3.5.6.
Note that if we write a map file, we should write: ----- ::ffff:192.168.1 filesv1 filesv2 ----- if Samba server supports IPv6.
Comment on attachment 6051 [details] Patch Arg. Another problem with the fake create_conn_struct() in msdfs huh. How I hate that function. There are another two places this is called we might need to fix later (although I can't see a null deref problem in them). LGTM ! Let's push to master and v3-6-test also. Jeremy.
Re-assigning to Karolin for inclusion in 3.5.7. Jeremy.
Pushed to v3-5-test. Closing out bug report. Thanks!