Hi, during I make a some du command (du -sh), samba has been disturb and sent a panic action : Last line of smbd.log : [2008/07/30 15:36:09, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:04:43, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:13:56, 0] lib/util_sock.c:get_peer_addr_internal(1596) getpeername failed. Error was Transport endpoint is not connected [2008/07/30 16:34:59, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:34:59, 0] lib/util_sock.c:get_peer_addr_internal(1596) getpeername failed. Error was Transport endpoint is not connected Last line of smbd.log of smbd which start the panic action : [2008/07/30 16:30:13, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service fsi initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:39:08, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] [2008/07/30 16:39:30, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:46:58, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:47:22, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:47:25, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:47:36, 1] smbd/service.c:close_cnum(1401) ! crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:51:54, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:52:05, 0] smbd/nttrans.c:call_nt_transact_ioctl(2009) call_nt_transact_ioctl(0x9009c): Currently not implemented. [2008/07/30 16:52:17, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:57:28, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service groupes [2008/07/30 16:57:29, 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect to service profiles initially as user fsi (uid=1179, gid=221) (pid 27143) [2008/07/30 16:57:36, 1] smbd/service.c:close_cnum(1401) crdfsim (10.217.4.93) closed connection to service fsi [2008/07/30 16:57:36, 0] lib/util_sec.c:set_effective_uid(204) setresuid failed with EAGAIN. uid(1179) might be ove! r its NPROC limit [2008/07/30 16:57:36, 0] lib/util_sec.c:asse! rt_uid(1 00) Failed to set uid privileges to (-1,1179) now set to (0,0) [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143): failed to set uid [2008/07/30 16:57:36, 0] lib/util.c:log_stack_trace(1770) BACKTRACE: 13 stack frames: #0 /usr/local/sbin/smbd(log_stack_trace+0x1a) [0x5555557d6b90] #1 /usr/local/sbin/smbd(smb_panic+0x5b) [0x5555557d6ca0] #2 /usr/local/sbin/smbd [0x5555557dc4d4] #3 /usr/local/sbin/smbd(set_effective_uid+0x74) [0x5555557dc817] #4 /usr/local/sbin/smbd [0x555555646fd8] #5 /usr/local/sbin/smbd(set_sec_ctx+0xd8) [0x555555647245] #6 /usr/local/sbin/smbd(change_to_user+0x5f0) [0x55555563a3d2] #7 /usr/local/sbin/smbd [0x555555656b81] #8 /usr/local/sbin/smbd [0x55555565861a] #9 /usr/local/sbin/smbd(smbd_process+0xca7) [0x555555659381] #10 /usr/local/sbin/smbd(main+0x1eb2) [0x5555559cfc77] #11 /lib64/libc.so.6(__libc_start_main+0xf4) [0x2aaaadf428a4] #12 /usr/local/sbin/smbd [0x5555555e57d9] [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1671) smb_pani! c(): calling panic action [/srv/bin/panic.sh fsi crdfsim] It's maybe normal. thanks St?phane ----------------------------------- St?phane PURNELLE stephane.purnelle@corman.be Service Informatique Corman S.A. Tel : 00 32 087/342467
On Wed, Jul 30, 2008 at 05:29:05PM +0200, St?phane PURNELLE wrote:> Hi, > > during I make a some du command (du -sh), samba has been disturb and sent > a panic action : > > Last line of smbd.log : > > [2008/07/30 15:36:09, 0] lib/util_str.c:safe_strcpy_fn(709) > ERROR: string overflow by 1 (16 - 15) in safe_strcpy > [10.217.7.3/255.255.252.0] > [2008/07/30 16:04:43, 0] lib/util_str.c:safe_strcpy_fn(709) > ERROR: string overflow by 1 (16 - 15) in safe_strcpy > [10.217.7.3/255.255.252.0] > [2008/07/30 16:13:56, 0] lib/util_sock.c:get_peer_addr_internal(1596) > getpeername failed. Error was Transport endpoint is not connected > [2008/07/30 16:34:59, 0] lib/util_str.c:safe_strcpy_fn(709) > ERROR: string overflow by 1 (16 - 15) in safe_strcpy > [10.217.7.3/255.255.252.0] > [2008/07/30 16:34:59, 0] lib/util_sock.c:get_peer_addr_internal(1596) > getpeername failed. Error was Transport endpoint is not connected > > Last line of smbd.log of smbd which start the panic action : > [2008/07/30 16:30:13, 1] smbd/service.c:make_connection_snum(1190) crdfsim > (10.217.4.93) connect to service fsi initially as user fsi (uid=1179, > gid=221) (pid 27143) > [2008/07/30 16:39:08, 0] lib/util_str.c:safe_strcpy_fn(709) ERROR: string > overflow by 1 (16 - 15) in safe_strcpy [10.217.7.3/255.255.252.0] > [2008/07/30 16:39:30, 1] smbd/service.c:make_connection_snum(1190) crdfsim > (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, > gid=221) (pid 27143) > [2008/07/30 16:46:58, 1] smbd/service.c:make_connection_snum(1190) crdfsim > (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, > gid=221) (pid 27143) > [2008/07/30 16:47:22, 1] smbd/service.c:close_cnum(1401) crdfsim > (10.217.4.93) closed connection to service groupes [2008/07/30 16:47:25, > 1] smbd/service.c:make_connection_snum(1190) crdfsim (10.217.4.93) connect > to service groupes initially as user fsi (uid=1179, gid=221) (pid 27143) > [2008/07/30 16:47:36, 1] smbd/service.c:close_cnum(1401) ! > crdfsim (10.217.4.93) closed connection to service groupes > [2008/07/30 16:51:54, 1] smbd/service.c:make_connection_snum(1190) crdfsim > (10.217.4.93) connect to service groupes initially as user fsi (uid=1179, > gid=221) (pid 27143) [2008/07/30 16:52:05, 0] > smbd/nttrans.c:call_nt_transact_ioctl(2009) > call_nt_transact_ioctl(0x9009c): Currently not implemented. > [2008/07/30 16:52:17, 1] smbd/service.c:close_cnum(1401) crdfsim > (10.217.4.93) closed connection to service groupes > [2008/07/30 16:57:28, 1] smbd/service.c:close_cnum(1401) crdfsim > (10.217.4.93) closed connection to service groupes > [2008/07/30 16:57:29, 1] smbd/service.c:make_connection_snum(1190) crdfsim > (10.217.4.93) connect to service profiles initially as user fsi (uid=1179, > gid=221) (pid 27143) > [2008/07/30 16:57:36, 1] smbd/service.c:close_cnum(1401) crdfsim > (10.217.4.93) closed connection to service fsi > [2008/07/30 16:57:36, 0] lib/util_sec.c:set_effective_uid(204) setresuid > failed with EAGAIN. uid(1179) might be ove! > r its NPROC limit [2008/07/30 16:57:36, 0] lib/util_sec.c:asse! > rt_uid(1 > 00) Failed to set uid privileges to (-1,1179) now set to (0,0) > [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143): > failed to set uid [2008/07/30 16:57:36, 0] > lib/util.c:log_stack_trace(1770) BACKTRACE: 13 stack frames: > #0 /usr/local/sbin/smbd(log_stack_trace+0x1a) [0x5555557d6b90] > #1 /usr/local/sbin/smbd(smb_panic+0x5b) [0x5555557d6ca0] > #2 /usr/local/sbin/smbd [0x5555557dc4d4] > #3 /usr/local/sbin/smbd(set_effective_uid+0x74) [0x5555557dc817] > #4 /usr/local/sbin/smbd [0x555555646fd8] > #5 /usr/local/sbin/smbd(set_sec_ctx+0xd8) [0x555555647245] > #6 /usr/local/sbin/smbd(change_to_user+0x5f0) [0x55555563a3d2] > #7 /usr/local/sbin/smbd [0x555555656b81] > #8 /usr/local/sbin/smbd [0x55555565861a] > #9 /usr/local/sbin/smbd(smbd_process+0xca7) [0x555555659381] > #10 /usr/local/sbin/smbd(main+0x1eb2) [0x5555559cfc77] > #11 /lib64/libc.so.6(__libc_start_main+0xf4) [0x2aaaadf428a4] > #12 /usr/local/sbin/smbd [0x5555555e57d9] > [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1671) smb_pani! > c(): calling panic action [/srv/bin/panic.sh fsi crdfsim] > > > It's maybe normal.Panics are never normal. Can you add the line : panic action = "/bin/sleep 90000" and then catch the parent of the sleep process in gdb and get a backtrace please ? Jeremy.
On Wed, Jul 30, 2008 at 05:29:05PM +0200, St?phane PURNELLE wrote:> 00) Failed to set uid privileges to (-1,1179) now set to (0,0) > [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143): > failed to set uid [2008/07/30 16:57:36, 0]Wild guess -- do you have SELinux enabled? If yes, can you try to disable it for a test if your corporate security policy allows it? Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20080730/4cdc4acd/attachment.bin
selinux is disabled : # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted # SETLOCALDEFS= Check local definition changes SETLOCALDEFS=0 What means : [2008/07/30 16:57:36, 0] lib/util_sec.c:set_effective_uid(204) setresuid> failed with EAGAIN. uid(1179) might be ove! > r its NPROC limit [2008/07/30 16:57:36, 0] lib/util_sec.c:asse! > rt_uid(1 > 00) Failed to set uid privileges to (-1,1179) now set to (0,0)----------------------------------- St?phane PURNELLE stephane.purnelle@corman.be Service Informatique Corman S.A. Tel : 00 32 087/342467 Volker Lendecke <Volker.Lendecke@SerNet.DE> a ?crit sur 30/07/2008 22:07:05 :> On Wed, Jul 30, 2008 at 05:29:05PM +0200, St?phane PURNELLE wrote: > > 00) Failed to set uid privileges to (-1,1179) now set to (0,0) > > [2008/07/30 16:57:36, 0] lib/util.c:smb_panic(1666) PANIC (pid 27143):> > failed to set uid [2008/07/30 16:57:36, 0] > > Wild guess -- do you have SELinux enabled? If yes, can you > try to disable it for a test if your corporate security > policy allows it? > > Volker > [rattachement "att7nk4k.dat" supprim? par St?phanePURNELLE/COR/SOPARIND]
On Thu, Jul 31, 2008 at 09:15:18AM +0200, St?phane PURNELLE wrote:> What means : > > [2008/07/30 16:57:36, 0] lib/util_sec.c:set_effective_uid(204) setresuid > > failed with EAGAIN. uid(1179) might be ove! > > r its NPROC limit [2008/07/30 16:57:36, 0] lib/util_sec.c:asse! > > rt_uid(1 > > 00) Failed to set uid privileges to (-1,1179) now set to (0,0)Well, it means that you might want to look at your system limits. The manpage for setresuid says: EAGAIN uid does not match the current UID and this call would bring that user ID over its NPROC rlimit. Essentially this means that your system allows only a limited amount of processes for group 1179. Can you lift that limit to a much higher value, if not unlimited? Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20080731/e16696ae/attachment.bin