Re: [Samba] Samba 3.4 Panic in Debian
On Mon, Nov 16, 2009 at 08:04:38AM -0600, Dale Schroeder wrote: After upgrading Debian to 3.4.3-1, my mailbox has been overflowing with panic messages similar to what is posted below. Winbind is having some kind of problem with pulling in the AD groups. Any other Debian users seeing this? This looks a bit like https://bugzilla.samba.org/show_bug.cgi?id=6889 which was fixed in 3.4.4. Can you retry with that? Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Dynamic DNS failures with Samba4
Hi, I've used samba3 for years, and it mostly did exactly what I wanted, In the last few weeks I decided to install Samba4. I got it installed and everything seems to be working as expected. I have one small issue, and I'm not really sure if the problem is Samba4, bind, my client PC or something else I haven't considered. I've got one Linux server, which acts as a Samba (4.0.0alpha9-GIT-27087e6) server and a DNS (BIND 9.6.1-P2) server, it is also my PDC. I've got a number of windows clients two of which are currently in the Domain. One PC which is windows XP can update its DNS entries with no issues: 17-Jan-2010 15:51:18.042 gss cred: DNS/dumaresq.lo...@dumaresq.local, GSS_C_ACCEPT, 4294965265 17-Jan-2010 15:51:18.113 gss-api source name (accept) is ganda...@dumaresq.local 17-Jan-2010 15:51:18.113 process_gsstkey(): dns_tsigerror_noerror I have another PC that is windows VISTA which cannot update its DNS entries: 17-Jan-2010 15:54:25.875 gss cred: DNS/dumaresq.lo...@dumaresq.local, GSS_C_ACCEPT, 4294965078 17-Jan-2010 15:54:25.876 failed gss_accept_sec_context: GSSAPI error: Major = Unspecified GSS failure. Minor code may provide more information, Minor = Wrong principal in request. 17-Jan-2010 15:54:25.876 process_gsstkey(): dns_tsigerror_badkey I believe I've got BIND setup correctly since it works for the Windows XP PC but here's the relevant configs: options { directory /var/cache/bind; auth-nxdomain no;# conform to RFC1035 listen-on-v6 { any; }; tkey-gssapi-credential DNS/dumaresq.local; tkey-domain DUMARESQ.LOCAL; }; zone dumaresq.local { type master; file /etc/bind/dumaresq/db.dumaresq; update-policy { grant localhost subdomain * A ; grant DUMARESQ.LOCAL ms-self * A ; }; }; zone 1.168.192.in-addr.arpa { type master; file /etc/bind/dumaresq/db.192; update-policy { grant *.LOCAL wildcard *.1.168.192.in-addr.arpa. PTR; }; }; Here's my smb.conf file: [globals] netbios name= morannon workgroup = dumaresq realm = dumaresq.local server role = domain controller log file= /var/log/samba/log.%m log level = 2 debug level = 2 interfaces = eth1 lo bind interfaces only= yes Is this a problem with Windows vista? I'm assuming that either vista can't get the correct credentials from the KDC (which is Samba) or that Samba is delivering the wrong credentials. I see the following entry in the samba logs for the computer that fails: [Sun Jan 17 15:09:43 2010 EST, 2 auth/kerberos/krb5_init_context.c:74:smb_krb5_debug_wrapper()] Kerberos: TGS-REQ arago...@dumaresq.local from 192.168.1.222 for DNS/dumaresq.lo...@dumaresq.local [canonicalize, renewable, forwardable] So I think samba is doing what it should. I'm lost here, anybody have any thoughts? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Given up on Fedora Ubuntu is 1000-folder simpler
didyou try disabling fedora's firewal with /etc/rc.d/init.d/iptables stop and then running ntsysv and unchecking iptables? Peter Olcott wrote: I spent several days (at least 20 hours) tying to get Fedora 11 Samba server going. I consulted every resource that I knew including this list. When I discovered that Fedora 11 Samba could be browsed immediately upon installation, and a simple reboot disabled this, I gave up. I decided to try Ubuntu. After intallation it took only five minutes of editing the smb.conf file to make my share fully operational. In terms of total cost of ownership Fedora and Red Hat have become big losers. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] performance tweaks??
Has anyone any tips on improving samba performance with debian lenny? I've set up a raid 0 partition on a couple of new WD 1TB disks, formatting the majority of it as a single reiserfs partition. I must admit I should probably have set the blocksize to something other than the default at the time, but now it's well populated, changing stuff like that is going to be a big problem. Performance is pretty poor to put it politely - primary use is a single samba share with a very large directory structure, millions of files. Can anyone suggest any improvements that can stop it being that slow? I regularly see 50+% in waitio. Version in use samba 3.2.5-4lenny7, and I'd rather not change off the formal release path unless it'll make a big improvement. Cheers, Steve -- Steve Holdoway st...@greengecko.co.nz http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba-active directory: ports needed
Greetings we have samba v3.3.x as a domain member of active directory. Samba also uses winbind for user enumeration. What ports need to be opened on the network ACLs to allow samba to connect to active directory? thanks, Ryan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Domain trusts and samba member servers
Well, the idea was to have OLDDOMAIN and NEWDOMAIN authenticating users simultaneously as we migrate people to NEWDOMAIN in a controlled/progressive rollout.. I assume my samba box will no longer act as a domain controller if I make it a member server of the 2008 box, but I would actually like to be wrong on this point. ;-) On Sun, 17 Jan 2010 18:03:13 +1030 malz m...@jetlan.com wrote: As a thought, can you put the Samba box in as a member server of the Server 2008 AD ? Run the 2008 Server in 2003 AD mode and it will work perfectly. I have done this successfully. 2008 AD Server (DNS/AD/WINS) Suse 11.0 Member server (Samba version 3.4.4-1.1-2267-SUSE-CODE11) (FP, Postfix Mail) You won't have to worry about your trust issues this way. Cheers Mal -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Steve Chupack Sent: Sunday, 17 January 2010 2:44 AM To: samba@lists.samba.org Subject: [Samba] Domain trusts and samba member servers Below is something I posted a while ago and got no responses... Maybe it was too convoluted for anyone to bother with, so let me try and put it more simply. I have a Win Server 2008 AD box (NEWDOMAIN) which is trusted by my samba DC (OLDDOMAIN). Users on NEWDOMAIN can access resources on the OLDDOMAIN DC just fine. But the trust relationship is not recognized or respected by my samba member servers in OLDDOMAIN. So, very simply put, even if nobody has the specific howto: Do samba member servers understand interdomain trusts? Thanks for any and all input -- I am at a standstill with a fairly major project and any help at all would be greatly appreciated. I have a suspicion it has something to do with winbind on the member servers, but I'm having no luck. On Thu, 6 Aug 2009 08:39:51 -0400 Steve Chupack steve.chup...@dealer.com wrote: I'm in the process of migrating from a Samba PDC to a Win2k3 PDC (all member servers will remain as Samba boxes). NEWDOMAIN = new Win2k3 PDC OLDDOMAIN = current samba PDC OLDDOMAIN_MEMBER = a current samba box that's a member of OLDDOMAIN I've successfully established a trust relationship between OLDOMAIN and NEWDOMAIN where OLDDOMAIN trusts NEWDOMAIN. Users in NEWDOMAIN have full access to resources on the OLDDOMAIN PDC. Where I'm stuck is granting access to OLDDOMAIN_MEMBER to users in NEWDOMAIN. OLDDOMAIN_MEMBER is joined to OLDDOMAIN and works as expected (Users in OLDDOMAIN can access resources on OLDDOMAIN_MEMBER. But users in NEWDOMAIN do not. Can someone help with the general concept here? Should it work as I've configured it? Does OLDDOMAIN_MEMBER need to be running winbind against OLDDOMAIN PDC, or even NEWDOMAIN? (although I don't see how the latter would work without moving OLDDOMAIN_MEMBER to NEWDOMAIN). Sorry if this is confusing -- tried to make it as clear as possible. Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] how to use m4_pattern_allow
hello what is m4_pattern_allow ?? how to use it ?? I am installing patch of acl-2.2.49.tar.gz but it gives me error stating -- line 1650 :AC_CONFIG_MACRO:m4 line 1650 : use m4_pattern_allow thankx _ New Windows 7: Find the right PC for you. Learn more. http://windows.microsoft.com/shop -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to use m4_pattern_allow
himmat baldaniya wrote: hello what is m4_pattern_allow ?? how to use it ?? I am installing patch of acl-2.2.49.tar.gz but it gives me error stating -- line 1650 :AC_CONFIG_MACRO:m4 line 1650 : use m4_pattern_allow thankx _ New Windows 7: Find the right PC for you. Learn more. http://windows.microsoft.com/shop m4 is a macro-processor that is used quite a bit in Unix programming. Read up on it if you intend to compile code. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] performance tweaks??
On Mon, Jan 18, 2010 at 11:12:19AM +1300, steve wrote: Has anyone any tips on improving samba performance with debian lenny? I've set up a raid 0 partition on a couple of new WD 1TB disks, formatting the majority of it as a single reiserfs partition. I must admit I should probably have set the blocksize to something other than the default at the time, but now it's well populated, changing stuff like that is going to be a big problem. Performance is pretty poor to put it politely - primary use is a single samba share with a very large directory structure, millions of files. Can anyone suggest any improvements that can stop it being that slow? I regularly see 50+% in waitio. Do you have individual directories with huge numbers of files? This is a known performance problem with a workaround: case sensitive = yes preserve case = no short preserve case = no Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f7adf53... s3: For smbcontrol pid pool-usage, print the first 50 bytes of a string via a101505... s3: Fix some nonempty blank lines from 98a495f... Modification of fix for bug 6876 - Delete of an object whose parent folder does not have delete rights fails even if the delete right is set on the object http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f7adf534fdc8b0028028538d264e65d7dd45aa58 Author: Volker Lendecke v...@samba.org Date: Sun Jan 17 14:57:54 2010 +0100 s3: For smbcontrol pid pool-usage, print the first 50 bytes of a string commit a1015051c054428482efe1810025728a8987a2a0 Author: Volker Lendecke v...@samba.org Date: Sun Jan 17 13:52:53 2010 +0100 s3: Fix some nonempty blank lines --- Summary of changes: source3/lib/tallocmsg.c | 27 ++- 1 files changed, 22 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/tallocmsg.c b/source3/lib/tallocmsg.c index b4bea5a..3cfd118 100644 --- a/source3/lib/tallocmsg.c +++ b/source3/lib/tallocmsg.c @@ -1,17 +1,17 @@ /* samba -- Unix SMB/CIFS implementation. Copyright (C) 2001, 2002 by Martin Pool - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. */ @@ -51,6 +51,23 @@ static void msg_pool_usage_helper(const void *ptr, int depth, int max_depth, int return; } + if (strcmp(name, char) == 0) { + /* +* Print out the first 50 bytes of the string +*/ + sprintf_append(state-mem_ctx, state-s, state-len, + state-buflen, + %*s%-30s contains %6lu bytes in %3lu blocks + (ref %d): %*s\n, depth*4, , + name, + (unsigned long)talloc_total_size(ptr), + (unsigned long)talloc_total_blocks(ptr), + talloc_reference_count(ptr), + MIN(50, talloc_get_size(ptr)), + (char *)ptr); + return; + } + sprintf_append(state-mem_ctx, state-s, state-len, state-buflen, %*s%-30s contains %6lu bytes in %3lu blocks (ref %d)\n, depth*4, , @@ -73,7 +90,7 @@ static void msg_pool_usage(struct messaging_context *msg_ctx, struct msg_pool_usage_state state; SMB_ASSERT(msg_type == MSG_REQ_POOL_USAGE); - + DEBUG(2,(Got POOL_USAGE\n)); state.mem_ctx = talloc_init(msg_pool_usage); @@ -90,7 +107,7 @@ static void msg_pool_usage(struct messaging_context *msg_ctx, talloc_destroy(state.mem_ctx); return; } - + messaging_send_buf(msg_ctx, src, MSG_POOL_USAGE, (uint8 *)state.s, strlen(state.s)+1); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa362e8... s3: Protect against an invalid bcc in SMBsendtxt from f7adf53... s3: For smbcontrol pid pool-usage, print the first 50 bytes of a string http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa362e8e68b317fcc4fecbe44f62750e8cee6d32 Author: Volker Lendecke v...@samba.org Date: Tue Nov 10 23:14:58 2009 +0100 s3: Protect against an invalid bcc in SMBsendtxt --- Summary of changes: source3/smbd/message.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/message.c b/source3/smbd/message.c index 82b3dc3..386aca1 100644 --- a/source3/smbd/message.c +++ b/source3/smbd/message.c @@ -245,7 +245,7 @@ void reply_sendtxt(struct smb_request *req) return; } - if (smbd_msg_state == NULL) { + if ((smbd_msg_state == NULL) || (req-buflen 3)) { reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBsendtxt); return; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f461a72... idl: switched to using the WSPP names for the 'neighbour' DRS options from aa362e8... s3: Protect against an invalid bcc in SMBsendtxt http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f461a72ec3aa990c357b754b5311add4bba48485 Author: Andrew Tridgell tri...@samba.org Date: Sun Jan 17 21:59:56 2010 +1100 idl: switched to using the WSPP names for the 'neighbour' DRS options The documentation shows that all these functions in fact use the same flags variable type. To be consistent between functions, and to allow easy reference to the WSPP docs, it is better for us to also use this generic DrsOptions bitfield rather than one per operations. --- Summary of changes: librpc/gen_ndr/drsuapi.h | 21 - librpc/gen_ndr/ndr_drsblobs.c | 12 +++--- librpc/gen_ndr/ndr_drsuapi.c | 64 +--- librpc/gen_ndr/ndr_drsuapi.h |3 - librpc/idl/drsblobs.idl |6 +- librpc/idl/drsuapi.idl| 45 ++-- source3/libnet/libnet_dssync.c| 10 ++-- source3/rpcclient/cmd_drsuapi.c | 10 ++-- source4/dsdb/kcc/kcc_periodic.c |6 +- source4/libnet/libnet_become_dc.c | 36 source4/libnet/libnet_vampire.c | 12 +++--- source4/rpc_server/drsuapi/getncchanges.c |8 ++-- source4/torture/libnet/libnet_BecomeDC.c | 12 +++--- source4/torture/rpc/drsuapi.c | 14 +++--- source4/torture/rpc/dssync.c | 24 +- 15 files changed, 91 insertions(+), 192 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/drsuapi.h b/librpc/gen_ndr/drsuapi.h index a440b7a..5bcbf00 100644 --- a/librpc/gen_ndr/drsuapi.h +++ b/librpc/gen_ndr/drsuapi.h @@ -198,27 +198,6 @@ struct drsuapi_DsReplicaCursorCtrEx { struct drsuapi_DsReplicaCursor *cursors;/* [size_is(count)] */ }; -/* bitmap drsuapi_DsReplicaNeighbourFlags */ -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE ( 0x0010 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP ( 0x0020 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS ( 0x0040 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_USE_ASYNC_INTERSIDE_TRANSPORT ( 0x0080 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_ASYNC_REP ( 0x0100 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_IGNORE_ERROR ( 0x0100 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_TWO_WAY_SYNC ( 0x0200 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_CRITICAL_ONLY ( 0x0400 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS ( 0x0800 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_IN_PROGRESS ( 0x0001 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_SYNC_PACKET ( 0x0002 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED ( 0x0020 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_SPECIAL_SECRET_PROCESSING ( 0x0080 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_PREEMPTED ( 0x0100 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_IGNORE_CHANGE_NOTIFICATIONS ( 0x0400 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_DISABLE_SCHEDULED_SYNC ( 0x0800 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES ( 0x1000 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_NO_CHANGE_NOTIFICATIONS ( 0x2000 ) -#define DRSUAPI_DS_REPLICA_NEIGHBOUR_PARTIAL_ATTRIBUTE_SET ( 0x4000 ) - enum drsuapi_DsExtendedOperation #ifndef USE_UINT_ENUMS { diff --git a/librpc/gen_ndr/ndr_drsblobs.c b/librpc/gen_ndr/ndr_drsblobs.c index d2b374b..3102251 100644 --- a/librpc/gen_ndr/ndr_drsblobs.c +++ b/librpc/gen_ndr/ndr_drsblobs.c @@ -523,7 +523,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_repsFromTo1(struct ndr_push *ndr, int ndr_fl NDR_CHECK(ndr_push_WERROR(ndr, NDR_SCALARS, r-result_last_attempt)); NDR_CHECK(ndr_push_relative_ptr1(ndr, r-other_info)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_repsFromTo1OtherInfo(r-other_info, ndr-iconv_convenience, ndr-flags))); - NDR_CHECK(ndr_push_drsuapi_DsReplicaNeighbourFlags(ndr, NDR_SCALARS, r-replica_flags)); + NDR_CHECK(ndr_push_drsuapi_DrsOptions(ndr, NDR_SCALARS, r-replica_flags)); NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r-schedule, 84)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); NDR_CHECK(ndr_push_drsuapi_DsReplicaHighWaterMark(ndr, NDR_SCALARS, r-highwatermark)); @@ -565,7 +565,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_repsFromTo1(struct ndr_pull *ndr, int ndr_fl r-other_info = NULL; } NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 971f6a4... s3: Fix the format string for smbcontrol pool-usage from f461a72... idl: switched to using the WSPP names for the 'neighbour' DRS options http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 971f6a4a5bd348b2e45ad8e9f354c714c8cf9e2c Author: Volker Lendecke v...@samba.org Date: Sun Jan 17 23:07:39 2010 +0100 s3: Fix the format string for smbcontrol pool-usage With the dot I have seen printf to not print anything --- Summary of changes: source3/utils/smbcontrol.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index 7fab6eb..4ccea26 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -122,7 +122,7 @@ static void print_string_cb(struct messaging_context *msg, struct server_id pid, DATA_BLOB *data) { - printf(%.*s, (int)data-length, (const char *)data-data); + printf(%*s, (int)data-length, (const char *)data-data); num_replies++; } -- Samba Shared Repository
Build status as of Mon Jan 18 07:00:03 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-01-17 00:00:05.0 -0700 +++ /home/build/master/cache/broken_results.txt 2010-01-18 00:00:04.0 -0700 @@ -1,4 +1,4 @@ -Build status as of Sun Jan 17 07:00:04 2010 +Build status as of Mon Jan 18 07:00:03 2010 Build counts: Tree Total Broken Panic @@ -6,17 +6,17 @@ ccache 0 0 0 distcc 0 0 0 ldb 30 30 0 -libreplace 0 0 0 +libreplace 2 1 0 lorikeet 0 0 0 pidl 1 1 0 ppp 0 0 0 -rsync1 0 0 +rsync2 0 0 samba-docs 0 0 0 samba-web0 0 0 -samba_3_current 28 28 2 -samba_3_master 28 27 5 -samba_3_next 28 28 6 -samba_4_0_test 30 29 0 -talloc 2 0 0 -tdb 2 0 0 +samba_3_current 29 29 2 +samba_3_master 29 29 5 +samba_3_next 29 29 6 +samba_4_0_test 31 30 0 +talloc 4 0 0 +tdb 4 2 0