thr3ads.net - samba - [Samba] Intermittent failure [May 2014]

If this information is useful, please help other people find it:
Share via:

Andrea Venturoli

2014-May-14 08:27 UTC

[Samba] Intermittent failure

Hello.

I'm in need of some help to shed some light on a strange problem.

The box is running Samba 4.1.7 on FreeBSD 9.2/amd64 and I suspect 
(though I'm not sure) all troubles started after the upgrade from 4.1.6.
The setup is quite simple: no AD, no LDAP, only one server.

A command as simple as "smbclient -U user //SERVER/SHARE", if fired up
several times in a row on the server itself, will sometimes succeed, 
somtimes fail.
Same happens for "smbclient -U root -L //SERVER".


A sample log:> smbclient -d 5 -U xxxxxx //XXXXX/xxxxxxxxxxx
> INFO: Current debug levels:
>   all: 5
>   tdb: 5
>   printdrivers: 5
>   lanman: 5
>   smb: 5
>   rpc_parse: 5
>   rpc_srv: 5
>   rpc_cli: 5
>   passdb: 5
>   sam: 5
>   auth: 5
>   winbind: 5
>   vfs: 5
>   idmap: 5
>   quota: 5
>   acls: 5
>   locking: 5
>   msdfs: 5
>   dmapi: 5
>   registry: 5
>   scavenger: 5
>   dns: 5
>   ldb: 5
> lp_load_ex: refreshing parameters
> Initialising global parameters
> max_open_files: increasing sysctl_max (11095) to minimum Windows limit
(16384)
> rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
> INFO: Current debug levels:
>   all: 5
>   tdb: 5
>   printdrivers: 5
>   lanman: 5
>   smb: 5
>   rpc_parse: 5
>   rpc_srv: 5
>   rpc_cli: 5
>   passdb: 5
>   sam: 5
>   auth: 5
>   winbind: 5
>   vfs: 5
>   idmap: 5
>   quota: 5
>   acls: 5
>   locking: 5
>   msdfs: 5
>   dmapi: 5
>   registry: 5
>   scavenger: 5
>   dns: 5
>   ldb: 5
> params.c:OpenConfFile() - Unable to open configuration file
"/usr/local/etc/smb4.conf":
> 	Permission denied
> pm_process() returned No
> smbclient: Can't load /usr/local/etc/smb4.conf - run testparm to debug
it
> added interface re0 ip=192.168.1.254 bcast=192.168.1.255
netmask=255.255.255.0
> added interface re1 ip=192.168.111.1 bcast=192.168.111.255
netmask=255.255.255.0
> Netbios name list:-
> my_netbios_names[0]="XXXXX"
> Client started (version 4.1.7).
> Enter xxxxxx's password:
> Opening cache file at /var/db/samba4/gencache.tdb
> tdb(/var/db/samba4/gencache.tdb): tdb_open_ex: could not open file
/var/db/samba4/gencache.tdb: Permission denied
> gencache_init: Opening cache file /var/db/samba4/gencache.tdb read-only.
> Opening cache file at /var/db/samba4/gencache_notrans.tdb
> sitename_fetch: No stored sitename for
> no entry for XXXXX#20 found.
> resolve_lmhosts: Attempting lmhosts lookup for name XXXXX<0x20>
> resolve_lmhosts: Attempting lmhosts lookup for name XXXXX<0x20>
> startlmhosts: Can't open lmhosts file /usr/local/etc/lmhosts. Error was
No such file or directory
> resolve_wins: WINS server resolution selected and no WINS servers listed.
> resolve_hosts: Attempting host lookup for name XXXXX<0x20>
> namecache_store: storing 1 address for XXXXX#20: 192.168.111.1
> Connecting to 192.168.111.1 at port 445
> Socket options:
> 	SO_KEEPALIVE = 0
> 	SO_REUSEADDR = 0
> 	SO_BROADCAST = 0
> 	TCP_NODELAY = 4
> 	Could not test socket option TCP_KEEPCNT.
> 	Could not test socket option TCP_KEEPIDLE.
> 	Could not test socket option TCP_KEEPINTVL.
> 	IPTOS_LOWDELAY = 0
> 	IPTOS_THROUGHPUT = 0
> 	SO_REUSEPORT = 0
> 	SO_SNDBUF = 48996
> 	SO_RCVBUF = 81660
> 	SO_SNDLOWAT = 2048
> 	SO_RCVLOWAT = 1
> 	SO_SNDTIMEO = 0
> 	SO_RCVTIMEO = 0
>  session request ok
> Doing spnego session setup (blob length=74)
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178 at please_ignore
> Got challenge flags:
> Got NTLMSSP neg_flags=0x60898215
>   NTLMSSP_NEGOTIATE_UNICODE
>   NTLMSSP_REQUEST_TARGET
>   NTLMSSP_NEGOTIATE_SIGN
>   NTLMSSP_NEGOTIATE_NTLM
>   NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>   NTLMSSP_NEGOTIATE_NTLM2
>   NTLMSSP_NEGOTIATE_TARGET_INFO
>   NTLMSSP_NEGOTIATE_128
>   NTLMSSP_NEGOTIATE_KEY_EXCH
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x60088215
>   NTLMSSP_NEGOTIATE_UNICODE
>   NTLMSSP_REQUEST_TARGET
>   NTLMSSP_NEGOTIATE_SIGN
>   NTLMSSP_NEGOTIATE_NTLM
>   NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>   NTLMSSP_NEGOTIATE_NTLM2
>   NTLMSSP_NEGOTIATE_128
>   NTLMSSP_NEGOTIATE_KEY_EXCH
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x60088215
>   NTLMSSP_NEGOTIATE_UNICODE
>   NTLMSSP_REQUEST_TARGET
>   NTLMSSP_NEGOTIATE_SIGN
>   NTLMSSP_NEGOTIATE_NTLM
>   NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>   NTLMSSP_NEGOTIATE_NTLM2
>   NTLMSSP_NEGOTIATE_128
>   NTLMSSP_NEGOTIATE_KEY_EXCH
> SPNEGO login failed: Undetermined error
> session setup failed: NT_STATUS_UNSUCCESSFUL


At the same time log.smbd shows:> [2014/05/14 10:18:19.719746,  2]
../source3/param/loadparm.c:535(max_open_files)
>   max_open_files: increasing sysctl_max (11095) to minimum Windows limit
(16384)
> [2014/05/14 10:18:19.719851,  2]
../source3/param/loadparm.c:543(max_open_files)
>   rlimit_max: increasing rlimit_max (11095) to minimum Windows limit
(16384)
> [2014/05/14 10:18:19.720670,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxx]"
> [2014/05/14 10:18:19.720756,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxx]"
> [2014/05/14 10:18:19.720951,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxx]"
> [2014/05/14 10:18:19.721046,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxx]"
> [2014/05/14 10:18:19.721229,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxxxxx]"
> [2014/05/14 10:18:19.721334,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxxxx]"
> [2014/05/14 10:18:19.721465,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxx]"
> [2014/05/14 10:18:19.721596,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxx]"
> [2014/05/14 10:18:19.721737,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxxx]"
> [2014/05/14 10:18:19.721890,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxxxx]"
> [2014/05/14 10:18:19.722042,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxxx]"
> [2014/05/14 10:18:19.722151,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxxxxxx]"
> [2014/05/14 10:18:19.722283,  2]
../source3/param/loadparm.c:3581(do_section)
>   Processing section "[xxxxxxx]"
> [2014/05/14 10:18:19.729397,  2]
../source3/auth/auth.c:278(auth_check_ntlm_password)
>   check_ntlm_password:  authentication for user [xxxxxx] -> [xxxxxx]
-> [xxxxxx succeeded
> [2014/05/14 10:18:19.732064,  1]
../source3/auth/token_util.c:430(add_local_groups)
>   SID S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX ->
getpwuid(4294967295) failed
> [2014/05/14 10:18:19.732157,  1]
../source3/smbd/sesssetup.c:276(reply_sesssetup_and_X_spnego)
>   Failed to generate session_info (user and group token) for session setup:
NT_STATUS_UNSUCCESSFUL


While I'm no expert, the last lines are quite suspicious to me: 
authentication succeeds, but somehow that's not enough.
I searched for "SID -> getpwuid failed" but came up with nothing.



Relevant part of smb4.conf:> [global]
>         workgroup = XXXXXXX
>         netbios aliases=SERVER
>         server string = NetFence
>         interfaces = re1
>         hosts allow = 127. 192.168.111.0/24 10.1.2.15
>         security = user
>         encrypt passwords = yes
>         os level = 255
>         local master = yes
>         domain master = yes
>         preferred master = yes
>         domain logons = yes
>         wins support = yes
>         wins proxy = yes
>         dns proxy = yes
>         name resolve order = wins
>         logon script=netlogon.cmd
>         time server = Yes
>         map archive = No


Any hint on where I should go and look next?



  bye & Thanks
	av.

L.P.H. van Belle

2014-May-14 08:32 UTC

head link

[Samba] Intermittent failure

uh... 

Opening cache file at /var/db/samba4/gencache.tdb> tdb(/var/db/samba4/gencache.tdb): tdb_open_ex: could not open file
/var/db/samba4/gencache.tdb: Permission denied
>> params.c:OpenConfFile() - Unable to open configuration file 
>"/usr/local/etc/smb4.conf":
>> 	Permission denied
so fix your rights first. 



>-----Oorspronkelijk bericht-----
>Van: ml at netfence.it [mailto:samba-bounces at lists.samba.org] 
>Namens Andrea Venturoli
>Verzonden: woensdag 14 mei 2014 10:27
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Intermittent failure
>
>Hello.
>
>I'm in need of some help to shed some light on a strange problem.
>
>The box is running Samba 4.1.7 on FreeBSD 9.2/amd64 and I suspect 
>(though I'm not sure) all troubles started after the upgrade 
>from 4.1.6.
>The setup is quite simple: no AD, no LDAP, only one server.
>
>A command as simple as "smbclient -U user //SERVER/SHARE", if
fired up
>several times in a row on the server itself, will sometimes succeed, 
>somtimes fail.
>Same happens for "smbclient -U root -L //SERVER".
>
>
>A sample log:
>> smbclient -d 5 -U xxxxxx //XXXXX/xxxxxxxxxxx
>> INFO: Current debug levels:
>>   all: 5
>>   tdb: 5
>>   printdrivers: 5
>>   lanman: 5
>>   smb: 5
>>   rpc_parse: 5
>>   rpc_srv: 5
>>   rpc_cli: 5
>>   passdb: 5
>>   sam: 5
>>   auth: 5
>>   winbind: 5
>>   vfs: 5
>>   idmap: 5
>>   quota: 5
>>   acls: 5
>>   locking: 5
>>   msdfs: 5
>>   dmapi: 5
>>   registry: 5
>>   scavenger: 5
>>   dns: 5
>>   ldb: 5
>> lp_load_ex: refreshing parameters
>> Initialising global parameters
>> max_open_files: increasing sysctl_max (11095) to minimum 
>Windows limit (16384)
>> rlimit_max: increasing rlimit_max (11095) to minimum Windows 
>limit (16384)
>> INFO: Current debug levels:
>>   all: 5
>>   tdb: 5
>>   printdrivers: 5
>>   lanman: 5
>>   smb: 5
>>   rpc_parse: 5
>>   rpc_srv: 5
>>   rpc_cli: 5
>>   passdb: 5
>>   sam: 5
>>   auth: 5
>>   winbind: 5
>>   vfs: 5
>>   idmap: 5
>>   quota: 5
>>   acls: 5
>>   locking: 5
>>   msdfs: 5
>>   dmapi: 5
>>   registry: 5
>>   scavenger: 5
>>   dns: 5
>>   ldb: 5
>> params.c:OpenConfFile() - Unable to open configuration file 
>"/usr/local/etc/smb4.conf":
>> 	Permission denied
>> pm_process() returned No
>> smbclient: Can't load /usr/local/etc/smb4.conf - run 
>testparm to debug it
>> added interface re0 ip=192.168.1.254 bcast=192.168.1.255 
>netmask=255.255.255.0
>> added interface re1 ip=192.168.111.1 bcast=192.168.111.255 
>netmask=255.255.255.0
>> Netbios name list:-
>> my_netbios_names[0]="XXXXX"
>> Client started (version 4.1.7).
>> Enter xxxxxx's password:
>> Opening cache file at /var/db/samba4/gencache.tdb
>> tdb(/var/db/samba4/gencache.tdb): tdb_open_ex: could not 
>open file /var/db/samba4/gencache.tdb: Permission denied
>> gencache_init: Opening cache file 
>/var/db/samba4/gencache.tdb read-only.
>> Opening cache file at /var/db/samba4/gencache_notrans.tdb
>> sitename_fetch: No stored sitename for
>> no entry for XXXXX#20 found.
>> resolve_lmhosts: Attempting lmhosts lookup for name XXXXX<0x20>
>> resolve_lmhosts: Attempting lmhosts lookup for name XXXXX<0x20>
>> startlmhosts: Can't open lmhosts file 
>/usr/local/etc/lmhosts. Error was No such file or directory
>> resolve_wins: WINS server resolution selected and no WINS 
>servers listed.
>> resolve_hosts: Attempting host lookup for name XXXXX<0x20>
>> namecache_store: storing 1 address for XXXXX#20: 192.168.111.1
>> Connecting to 192.168.111.1 at port 445
>> Socket options:
>> 	SO_KEEPALIVE = 0
>> 	SO_REUSEADDR = 0
>> 	SO_BROADCAST = 0
>> 	TCP_NODELAY = 4
>> 	Could not test socket option TCP_KEEPCNT.
>> 	Could not test socket option TCP_KEEPIDLE.
>> 	Could not test socket option TCP_KEEPINTVL.
>> 	IPTOS_LOWDELAY = 0
>> 	IPTOS_THROUGHPUT = 0
>> 	SO_REUSEPORT = 0
>> 	SO_SNDBUF = 48996
>> 	SO_RCVBUF = 81660
>> 	SO_SNDLOWAT = 2048
>> 	SO_RCVLOWAT = 1
>> 	SO_SNDTIMEO = 0
>> 	SO_RCVTIMEO = 0
>>  session request ok
>> Doing spnego session setup (blob length=74)
>> got OID=1.3.6.1.4.1.311.2.2.10
>> got principal=not_defined_in_RFC4178 at please_ignore
>> Got challenge flags:
>> Got NTLMSSP neg_flags=0x60898215
>>   NTLMSSP_NEGOTIATE_UNICODE
>>   NTLMSSP_REQUEST_TARGET
>>   NTLMSSP_NEGOTIATE_SIGN
>>   NTLMSSP_NEGOTIATE_NTLM
>>   NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>>   NTLMSSP_NEGOTIATE_NTLM2
>>   NTLMSSP_NEGOTIATE_TARGET_INFO
>>   NTLMSSP_NEGOTIATE_128
>>   NTLMSSP_NEGOTIATE_KEY_EXCH
>> NTLMSSP: Set final flags:
>> Got NTLMSSP neg_flags=0x60088215
>>   NTLMSSP_NEGOTIATE_UNICODE
>>   NTLMSSP_REQUEST_TARGET
>>   NTLMSSP_NEGOTIATE_SIGN
>>   NTLMSSP_NEGOTIATE_NTLM
>>   NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>>   NTLMSSP_NEGOTIATE_NTLM2
>>   NTLMSSP_NEGOTIATE_128
>>   NTLMSSP_NEGOTIATE_KEY_EXCH
>> NTLMSSP Sign/Seal - Initialising with flags:
>> Got NTLMSSP neg_flags=0x60088215
>>   NTLMSSP_NEGOTIATE_UNICODE
>>   NTLMSSP_REQUEST_TARGET
>>   NTLMSSP_NEGOTIATE_SIGN
>>   NTLMSSP_NEGOTIATE_NTLM
>>   NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>>   NTLMSSP_NEGOTIATE_NTLM2
>>   NTLMSSP_NEGOTIATE_128
>>   NTLMSSP_NEGOTIATE_KEY_EXCH
>> SPNEGO login failed: Undetermined error
>> session setup failed: NT_STATUS_UNSUCCESSFUL
>
>
>
>At the same time log.smbd shows:
>> [2014/05/14 10:18:19.719746,  2] 
>../source3/param/loadparm.c:535(max_open_files)
>>   max_open_files: increasing sysctl_max (11095) to minimum 
>Windows limit (16384)
>> [2014/05/14 10:18:19.719851,  2] 
>../source3/param/loadparm.c:543(max_open_files)
>>   rlimit_max: increasing rlimit_max (11095) to minimum 
>Windows limit (16384)
>> [2014/05/14 10:18:19.720670,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxx]"
>> [2014/05/14 10:18:19.720756,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxx]"
>> [2014/05/14 10:18:19.720951,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxx]"
>> [2014/05/14 10:18:19.721046,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxx]"
>> [2014/05/14 10:18:19.721229,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxxxxx]"
>> [2014/05/14 10:18:19.721334,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxxxx]"
>> [2014/05/14 10:18:19.721465,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxx]"
>> [2014/05/14 10:18:19.721596,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxx]"
>> [2014/05/14 10:18:19.721737,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxxx]"
>> [2014/05/14 10:18:19.721890,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxxxx]"
>> [2014/05/14 10:18:19.722042,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxxx]"
>> [2014/05/14 10:18:19.722151,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxxxxxx]"
>> [2014/05/14 10:18:19.722283,  2] 
>../source3/param/loadparm.c:3581(do_section)
>>   Processing section "[xxxxxxx]"
>> [2014/05/14 10:18:19.729397,  2] 
>../source3/auth/auth.c:278(auth_check_ntlm_password)
>>   check_ntlm_password:  authentication for user [xxxxxx] -> 
>[xxxxxx] -> [xxxxxx succeeded
>> [2014/05/14 10:18:19.732064,  1] 
>../source3/auth/token_util.c:430(add_local_groups)
>>   SID S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX -> 
>getpwuid(4294967295) failed
>> [2014/05/14 10:18:19.732157,  1] 
>../source3/smbd/sesssetup.c:276(reply_sesssetup_and_X_spnego)
>>   Failed to generate session_info (user and group token) for 
>session setup: NT_STATUS_UNSUCCESSFUL
>
>
>
>While I'm no expert, the last lines are quite suspicious to me: 
>authentication succeeds, but somehow that's not enough.
>I searched for "SID -> getpwuid failed" but came up with
nothing.
>
>
>
>Relevant part of smb4.conf:
>> [global]
>>         workgroup = XXXXXXX
>>         netbios aliases=SERVER
>>         server string = NetFence
>>         interfaces = re1
>>         hosts allow = 127. 192.168.111.0/24 10.1.2.15
>>         security = user
>>         encrypt passwords = yes
>>         os level = 255
>>         local master = yes
>>         domain master = yes
>>         preferred master = yes
>>         domain logons = yes
>>         wins support = yes
>>         wins proxy = yes
>>         dns proxy = yes
>>         name resolve order = wins
>>         logon script=netlogon.cmd
>>         time server = Yes
>>         map archive = No
>
>
>
>Any hint on where I should go and look next?
>
>
>
>  bye & Thanks
>	av.
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>

Andrea Venturoli

2014-May-28 08:37 UTC

head link

[Samba] Intermittent failure

On 05/14/14 10:27, Andrea Venturoli wrote:> Hello.
>
> I'm in need of some help to shed some light on a strange problem.
>
> The box is running Samba 4.1.7 on FreeBSD 9.2/amd64 and I suspect
> (though I'm not sure) all troubles started after the upgrade from
4.1.6.
> The setup is quite simple: no AD, no LDAP, only one server.
>
> A command as simple as "smbclient -U user //SERVER/SHARE", if
fired up
> several times in a row on the server itself, will sometimes succeed,
> somtimes fail.
> Same happens for "smbclient -U root -L //SERVER".
Update: I went back to 4.1.6 and I confirm this does not happen, i.e. 
4.1.6 always succeeds.

Unfortunately it has other shortcomings (like "force user" not
working).

So I guess this is a regression in 4.1.7.
I'm waiting for 4.1.8 to come into the port tree, in order to test it.

  bye
	av.

Maybe Matching Threads

Search for more maybe matching threads

samba - May 2014 - Intermittent failure

[Samba] Intermittent failure

[Samba] Intermittent failure

[Samba] Intermittent failure

Maybe Matching Threads