Re: [Samba] Samba processes lifetime
> >> to check "this user is REALLY connected? yes? ok, no? kill the > >> process!" > > Perform an RPC/WMI request to the workstation. > can you be more specific? That is an entirely 100% Windows specific question/issue; nothing to do with Samba. Any Windows related forum or user group will be able to provide specifics. And you almost certainly need a Windows machine to do any of that kind of stuff. > i have tried to have a look to all the commands i can call with an RPC, > but no one seems to be suitable for that work... -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba processes lifetime
Adam Tauno Williams said the following on 11/06/2007 13:49: a wayo to check "this user is REALLY connected? yes? ok, no? kill the process!" Perform an RPC/WMI request to the workstation. can you be more specific? i have tried to have a look to all the commands i can call with an RPC, but no one seems to be suitable for that work... thanks, see you -- Matteo Rosati Web: http://wwwstud.dsi.unive.it/~mrosati PGP: http://wwwstud.dsi.unive.it/~mrosati/pgp.html GNU/Linux registered user #398557 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba processes lifetime
> i use the "smbstatus -b" command to check the users connected to my > network (the clients are windows XP, and they connect to a samba PDC). > but i notice thar often, even if a user logs-off from windows xp, > using smbstatus i see that he is connected yet. this is very annoying It is also normal behavior. > because i cant obtain raliable informations from smbstatus! Nope, smbstatus is not useful for that purpose. The status of a CIFS connection cannot be used as presence. > is there a way to set a sort of "lifetime" for samba processes? deadtime = ? > a wayo > to check "this user is REALLY connected? yes? ok, no? kill the > process!" Perform an RPC/WMI request to the workstation. -- Adam Tauno Williams, Network & Systems Administrator Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba processes lifetime
Hi, i use the "smbstatus -b" command to check the users connected to my network (the clients are windows XP, and they connect to a samba PDC). but i notice thar often, even if a user logs-off from windows xp, using smbstatus i see that he is connected yet. this is very annoying because i cant obtain raliable informations from smbstatus! is there a way to set a sort of "lifetime" for samba processes? a wayo to check "this user is REALLY connected? yes? ok, no? kill the process!" here is a sample output: 25943 inttarog users bellini_d(157.138.67.118) 8784 laurampresidenzalauram (157.138.67.202) 15480 norsk users savonarola_d (157.138.67.117) (FALSE!!!) 6641 demonelaboratorio 157.138.67.150 (157.138.67.150) 13308 valecerbtvusers tiziano_d(157.138.67.108) 8609 federica_ppresidenzaibm-7d481071513 (157.138.67.209) 15170 onscolit users tiepolo_d(157.138.67.115) 10898 venoneusers carpaccio_d (157.138.67.120) (FALSE!!!) 6587 demonelaboratorio gardenia (157.138.67.151) 13308 fatinausers tiziano_d(157.138.67.108) 13269 giacomo users guardi_d (157.138.67.116) 6639 demonelaboratorio 157.138.67.150 (157.138.67.150) 6474 lallo presidenzaclaudio_o(157.138.67.200) 6466 francescacpresidenzapresidenza2 (157.138.67.208) 13070 norsk users brunelleschi_d (157.138.67.113) 6640 demonelaboratorio 157.138.67.150 (157.138.67.150) 10898 lucky users carpaccio_d (157.138.67.120) 8795 norsk users mantegna_d (157.138.67.104) (FALSE!!!) 25943 cannipede users bellini_d(157.138.67.118) 6642 demonelaboratorio 157.138.67.150 (157.138.67.150) 12884 francescacpresidenzaeleonora1(157.138.67.203) 4361 demonelaboratorio cavalcanti (157.138.67.152) 8795 morgana users mantegna_d (157.138.67.104) 25525 etnos users tintoretto_d (157.138.67.109) the entries with "FALSE" are users thar are not connected, so is a pending process... thanks everybody -- Matteo Rosati Web: http://wwwstud.dsi.unive.it/~mrosati PGP: http://wwwstud.dsi.unive.it/~mrosati/pgp.html GNU/Linux registered user #398557 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Processes Not Getting Killed
Hi all We have Samba PDC with OpenLDAP (samba 3.0.21c openldap 2.3.19) . we have another linux system which is acting as Domain member server( samba 3.0.21c) . On the domain member server we have declared some shares which get mapped to my win2k clients as drives. when client access the share declared in Domain Member Server, the samba creates smbd process by the user id After client closes the shares and logs off , the smbd process created by that users still exists and never gets killed and about 100 smbd process are getting created there by samba getting hanged and unable to process the client requests. The following is the ps -aux | grep smbd | grep testuser output of smbd process by a user named "testuser" ### testuser 12844 0.0 0.4 14804 4696 ?S13:33 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 12845 0.0 0.4 14760 4828 ?S13:34 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 12998 0.0 0.4 14808 4652 ?R13:42 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 13009 0.0 0.4 14772 4452 ?S13:44 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 13348 0.0 0.4 14784 4292 ?S14:55 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 13392 0.0 0.4 14792 4604 ?S14:57 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 13418 0.0 0.4 14792 4508 ?S14:59 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 13454 0.0 0.4 14832 4428 ?S15:05 0:00 /usr/local/samba3c2/sbin/smbd -D testuser 13854 0.0 0.4 14888 4492 ?S15:57 0:00 /usr/local/samba3c2/sbin/smbd -D ### The above output is of the smbd process of the user "testuser" which got created when the user first accessed the shares . but when the user logged off and did not login in any system nor anybody has accessed the share. but still the above process still remains and never gets killed. The following is the output of the ps -aux | grep smbd # root 2324 0.0 0.3 14108 3656 ?Ss Mar25 0:00 /usr/local/samba3c2/sbin/smbd -D root 2348 0.0 0.3 14476 4036 ?SMar25 0:00 /usr/local/samba3c2/sbin/smbd -D kk5535 11581 0.0 0.4 14576 4632 ?S09:04 0:00 /usr/local/samba3c2/sbin/smbd -D mp1414 11604 0.0 0.4 14876 4944 ?S09:11 0:02 /usr/local/samba3c2/sbin/smbd -D root 11616 0.0 0.4 14896 4880 ?S09:17 0:02 /usr/local/samba3c2/sbin/smbd -D root 11657 0.0 0.4 14788 4660 ?S09:31 0:01 /usr/local/samba3c2/sbin/smbd -D pk38311835 0.0 0.4 14708 4612 ?S10:09 0:00 /usr/local/samba3c2/sbin/smbd -D sv23411847 0.0 0.4 14576 4492 ?S10:14 0:00 /usr/local/samba3c2/sbin/smbd -D sv23411978 0.0 0.4 14912 4808 ?S10:34 0:00 /usr/local/samba3c2/sbin/smbd -D sv23411981 0.0 0.4 14576 4360 ?S10:35 0:00 /usr/local/samba3c2/sbin/smbd -D root 11987 0.0 0.4 14736 4544 ?S10:42 0:00 /usr/local/samba3c2/sbin/smbd -D pk38311989 0.0 0.4 14576 4412 ?S10:46 0:00 /usr/local/samba3c2/sbin/smbd -D root 12008 0.0 0.4 14732 4896 ?S11:00 0:01 /usr/local/samba3c2/sbin/smbd -D root 12061 0.0 0.4 14652 4492 ?S11:23 0:00 /usr/local/samba3c2/sbin/smbd -D root 12065 0.0 0.4 14844 4880 ?S11:28 0:04 /usr/local/samba3c2/sbin/smbd -D root 12548 0.0 0.4 14920 4680 ?S13:13 0:00 /usr/local/samba3c2/sbin/smbd -D yc1426 12651 0.0 0.4 14776 4640 ?S13:20 0:00 /usr/local/samba3c2/sbin/smbd -D root 12652 0.0 0.4 14996 4860 ?S13:20 0:01 /usr/local/samba3c2/sbin/smbd -D kr1233 12844 0.0 0.4 14804 4696 ?S13:33 0:00 /usr/local/samba3c2/sbin/smbd -D kr1233 12845 0.0 0.4 14760 4828 ?S13:34 0:00 /usr/local/samba3c2/sbin/smbd -D kr1233 12998 0.0 0.4 14808 4652 ?S13:42 0:00 /usr/local/samba3c2/sbin/smbd -D 1144 13001 0.0 0.4 14788 4776 ?S13:43 0:00 /usr/local/samba3c2/sbin/smbd -D kr1233 13009 0.0 0.4 14772 4452 ?S13:44 0:00 /usr/local/samba3c2/sbin/smbd -D root 13012 0.0 0.4 15012 4756 ?S13:45 0:00 /usr/local/samba3c2/sbin/smbd -D root 13015 0.0 0.4 14640 4412 ?S13:45 0:00 /usr/local/samba3c2/sbin/smbd -D gr24913059 0.0 0.4 14800 4624 ?S14:09 0:00 /usr/local/samba3c2/sbin/smbd -D gr24913066 0.0 0.4 14868 4628 ?S14:12 0:00 /usr/local/samba3c2/sbin/smbd -D gr24913069 0.0 0.4 14840 4568 ?S14:13 0:00 /usr/local/samba3c2/sbin/smbd -D sf1537 13070 0.0 0.4 14748 4700 ?S14:13 0:00 /usr/local/
[Samba] Samba processes domain authenticated user as nobody during logon. bat execution
Beating head on desk again! I have a samba server is running winbind which can access domain. It is working fine and is using domain credentials. I access the samba shares after the user has authenticated against a novell server during the novell logon script. The shares are authenticated with user domain credentials and verified with smbstatus. This works great! If I alternatively use windows networking domain authentication, I have problems. The Win95 station correctly authenticates against NT4 PDC and runs logon.bat from that server. As LOGON.BAT accesses samba shares, samba appears to get user credentials without the Domain Name. Since there are no users on the samba server, this gets morphed into nobody. All services which can be accessed as nobody are attached as nobody, all other services are denied. As a result important tools such as "net use X: /home" do not work when file and directory permissions prohibit access to nobody. During the LOGON.BAT, I issued a net config Computer name \\LGA00D0B724628B User name GPALMER Workgroup LGANET Workstation root directory C:\WINDOWS Software version 4.00.950 Redirector version 4.00 Client for NetWare version 3.26 Registry setting require authentication.. It appears that "net" thinks it is part of the domain; but as stated above, samba attaches as nobody. Samba logs indicate that it is receive user gpalmer and not lganet\gpalmer. >From a DOS window, after logon.bat finishes , I can successfully execute "net use X: /home". Samba gets and processes the full domain credentials. Samba interperets user as nobody without regard to setting in "Log on to windows nt domain" in the "client for microsoft networks" dialog. If the home directory is moved to nt server it will successfully attach during logon.bat. I have exhausted all options I know about. Thanks in advance for any insight you might give. Excerpts from Failure log: At log level 5 [2004/06/22 16:19:12, 3] smbd/reply.c:reply_sesssetup_and_X(1070) No such user gpalmer [] - using guest account . . . [2004/06/22 16:19:13, 3] smbd/service.c:find_service(140) checking for home directory gpalmer gave (NULL) [2004/06/22 16:19:13, 3] smbd/service.c:find_service(209) find_service() failed to find service gpalmer [2004/06/22 16:19:13, 0] smbd/service.c:make_connection(251) lga009027a6e884 (192.168.12.178) couldn't find service gpalmer at loglevel 0 [2004/06/23 08:59:49, 0] smbd/password.c:authorise_login(863) authorise_login: rejected invalid user nobody [2004/06/23 09:04:10, 0] smbd/service.c:make_connection(251) lga009027a6e884 (192.168.12.178) couldn't find service gpalmer Samba version 2.2.8a SMB.CONF #* #server naming server string = LGACHI01 - Chicago Main Server workgroup = LGANET netbios name = LGACHI01 netbios aliases = LGAGLE04 #* #authentication #PDC password server = LGAGLE02 LGAGLE03 logon script = logon.bat encrypt passwords = yes password level = 8 username level = 8 #username map = /usr/local/samba/lbin/map.user smb passwd file = /usr/local/samba/lbin/smbpasswd security = domain domain master = no domain admin group = @root domain logons = no # * #WINS Browsing and naming #wins server wins support = no lm announce = yes lm interval = 120 preferred master = no remote browse sync = 192.168.201.0 192.168.201.255 192.168.201.1 remote announce = 192.168.201.255/LGANET 192.168.12.255/LGANET 192.168.3 1.255/LGANET 192.168.51.255/LGANET local master = no os level = 0 #wins client name resolve order = wins bcast lmhosts host wins server = 192.168.12.28 192.168.201.1 wins proxy = yes dns proxy = no browse list = yes #* #IP Networking time server = yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=819 2 allow hosts = 192.168. 127. interfaces = 192.168.10.2/24 192.168.11.2/24 192.168.12.2/24 192.168.12. 101/24 192.168.12.104/24 oplock break wait time = 100 #* #printing print command = lpr -l -P'%p' %s printing = lprng printcap name = /etc/printcap load printers = yes #* #log files log file = /var/log/samba/log.%m max log size = 50 log level = 0 #* #winbind
Re: [Samba] Samba processes
DON'T SEND USER QUESTIONS TO SAMBA-TECHNICAL. > Just curios under what circumstances the smbd runs as user id process ( unix > id ) Broadly: it runs as a user when doing operations on behalf of that user, and as root when doing system tasks. > and running as root is a security risk? No. If you want to offer smb services then it must run as root. If you don't need the service don't run the daemon. -- Martin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba processes
Hi Am noticing smbd processes are running as root and occassionally I see a child process as userid Just curios under what circumstances the smbd runs as user id process ( unix id ) and running as root is a security risk? Thanks in advance -Abdul -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba