samba - Oct 2024 - [wsdd] Resolution takes several seconds

On Sat, 19 Oct 2024 11:53:37 +0200
Gilles via samba <samba at lists.samba.org> wrote:
> With the same smb.conf used on another Debian 11 host (5.10.0-32) + 
> Samba 4.13.13-Debian? it answers with no delay.
> 
> Could Debian 12 be different in regards with eg. security?
Debian 12 is probably running Apparmor, but I do not think that is the
problem.

I ran 'smbclient -NL localhost' on a Unix domain member running Samba
4.20.4 and the result was instantaneous. I then started up a VM running
Debian 12 with Samba 4.17.2 running as a standalone server, this again
was instantaneous. I installed 4.20.5 from backports and the result
from 'smbclient -NL localhost' was instantaneous. This leads me to
believe that your problems have nothing to do with Samba, but have
something to do with your network.
> 
> Here's the log with (log level = 2):
> ==============> [2024/10/19 11:48:55.690001,? 2] 
> ../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
>  ? Registered MSG_REQ_POOL_USAGE
> [2024/10/19 11:48:55.731682,? 2] 
> ../../source3/auth/auth.c:344(auth_check_ntlm_password)
>  ? check_ntlm_password:? Authentication for user [root] -> [root]
> FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
> [2024/10/19 11:48:55.732179,? 2] 
> ../../auth/auth_log.c:635(log_authentication_event_human_readable)
>  ? Auth: [SMB2,(null)] user [WORKGROUP]\[root] at [Sat, 19 Oct 2024 
> 11:48:55.732058 CEST] with [No-Password] status
> [NT_STATUS_NO_SUCH_USER] workstation [SHEEVAPLUG] remote host
> [ipv4:192.168.0.15:45808] mapped to [WORKGROUP]\[root]. local host
> [ipv4:192.168.0.7:445] {"timestamp":
> "2024-10-19T11:48:55.732827+0200", "type":
"Authentication",
> "Authentication": {"version": {"major": 1,
"minor": 2}, "eventId":
> 4625, "logonId": "0", "logonType": 3,
"status":
> "NT_STATUS_NO_SUCH_USER", "localAddress":
"ipv4:192.168.0.7:445",
> "remoteAddress": "ipv4:192.168.0.15:45808",
"serviceDescription":
> "SMB2", "authDescription": null,
"clientDomain": "WORKGROUP",
> "clientAccount": "root", "workstation":
"SHEEVAPLUG",
> "becameAccount": null, "becameDomain": null,
"becameSid": null,
> "mappedAccount": "root", "mappedDomain":
"WORKGROUP",
> "netlogonComputer": null, "netlogonTrustAccount": null,
> "netlogonNegotiateFlags": "0x00000000",
"netlogonSecureChannelType":
> 0, "netlogonTrustAccountSid": null, "passwordType":
"No-Password",
> "duration": 4643}} [2024/10/19 11:48:55.734059,? 2]
> ../../source3/param/loadparm.c:2864(lp_do_section) Processing section
> "[write]" [2024/10/19 11:48:55.734553,? 0] 
> ../../lib/param/loadparm.c:815(lpcfg_map_parameter)
>  ? Unknown parameter encountered: "security mask"
> [2024/10/19 11:48:55.736154,? 0] 
> ../../lib/param/loadparm.c:1895(lpcfg_do_service_parameter)
>  ? Ignoring unknown parameter "security mask"
> [2024/10/19 11:48:55.737488,? 0] 
> ../../lib/param/loadparm.c:815(lpcfg_map_parameter)
>  ? Unknown parameter encountered: "force security mode"
> [2024/10/19 11:48:55.738790,? 0] 
> ../../lib/param/loadparm.c:1895(lpcfg_do_service_parameter)
>  ? Ignoring unknown parameter "force security mode"
> [2024/10/19 11:48:55.739933,? 2] 
> ../../source3/param/loadparm.c:2864(lp_do_section)
>  ? Processing section "[nginx]"
> [2024/10/19 11:48:55.741138,? 0] 
> ../../lib/param/loadparm.c:815(lpcfg_map_parameter)
>  ? Unknown parameter encountered: "security mask"
> [2024/10/19 11:48:55.742495,? 0] 
> ../../lib/param/loadparm.c:1895(lpcfg_do_service_parameter)
>  ? Ignoring unknown parameter "security mask"
> [2024/10/19 11:48:55.743875,? 0] 
> ../../lib/param/loadparm.c:815(lpcfg_map_parameter)
>  ? Unknown parameter encountered: "force security mode"
> [2024/10/19 11:48:55.745148,? 0] 
> ../../lib/param/loadparm.c:1895(lpcfg_do_service_parameter)
>  ? Ignoring unknown parameter "force security mode"
> [2024/10/19 11:48:55.762404,? 1] 
> ../../source3/printing/printer_list.c:234(printer_list_get_last_refresh)
>  ? Failed to fetch record!
> [2024/10/19 11:48:55.762607,? 1] 
> ../../source3/smbd/server_reload.c:66(delete_and_reload_printers)
>  ? pcap cache not loaded
> ==============
If you remove the 'security mask' and 'force security mode'
lines from
your smb.conf file, that would cut that log fragment in half. Both
those parameters were remove from Samba way back at version 4.0.0

If you then look at the rest of the log fragment, it is telling you
that it cannot map 'root' to a Samba user (which is totally correct,
Samba should never know 'root' as a Samba user).

If you now take the start time from your log fragment and the end time,
you will find that it took 0.055147 seconds to process, so that isn't
where your problem lies.

Rowland

On 19/10/2024 13:44, Rowland Penny via samba wrote:
> Debian 12 is probably running Apparmor, but I do not think that is the
> problem.
>
> I ran 'smbclient -NL localhost' on a Unix domain member running
Samba
> 4.20.4 and the result was instantaneous. I then started up a VM running
> Debian 12 with Samba 4.17.2 running as a standalone server, this again
> was instantaneous. I installed 4.20.5 from backports and the result
> from 'smbclient -NL localhost' was instantaneous. This leads me to
> believe that your problems have nothing to do with Samba, but have
> something to do with your network.
Since I experience the same issue when running the command locally on 
the Samba host? what could it be? I didn't have that problem with 
previous releases of Debian.

==============root at debian:~# time smbclient -NL localhost

 ??????? Sharename?????? Type????? Comment
 ??????? ---------?????? ----????? -------
 ??????? nginx?????????? Disk
 ??????? sdcard????????? Disk
 ??????? IPC$??????????? IPC?????? IPC Service (Samba 4.17.12-Debian)
SMB1 disabled -- no workgroup available

real??? 0m12.500s
user??? 0m0.732s
sys???? 0m0.102s
===============