Web lists-archives.com

Re: [Samba] Connection problem due to tdb_lock failed




On Mon, 18 Jun 2018 09:31:21 +0000
Oren Kishon <orenk@xxxxxxxxx> wrote:

> We are running Samba on an embedded Linux machine, Kernel 4.9.75,
> Using local XFS, nothing special. We have patches to Samba which I
> havn't found to be related to the tdb engine:
> https://github.com/urisimchoni/samba/commits/ctera-master.

I think Uri should comment on his patches.

> 
> Our smb.conf is below.
> 
> PS:
> This happens in several customers machines with the same AD
> environment. They would not like to restart their Samba servers in
> their machines. Is there any other info we can gather? Thank you.
> 
> smb.conf:
> 
> [global]
> 	netbios name = R-CGW-01
> 	fruit:nfs_aces = no
> 	fruit:veto_appledouble = no
> 	server string =
> 	encrypt passwords = yes
> 	ntlm auth = yes
> 	server signing = disabled
> 	log level = 1
> 	logging = file
> 	debug pid = yes
> 	read only = no
> 	guest account = nobody
> 	deadtime = 10
> 	enable core files = no
> 	max smbd processes = 6000
> 	passdb backend = smbpasswd
> 	socket options = TCP_KEEPIDLE=120 TCP_KEEPCNT=3
> TCP_KEEPINTVL=5 idmap negative cache time = 10
> 	rpc modify share security = no
> 	restrict anonymous = 2
> 	client max protocol = SMB3
> 	min receivefile size = 0
> 	smb2 leases = yes
> 	security=ads
> 	workgroup=CLIENT
> 	realm=CLIENT.COM
> 	kerberos method = secrets only
> 	machine password timeout = 0
> 	kerberos encryption types = all
> 	allow trusted domains = yes
> 	winbind use default domain = yes
> 	winbind additional group sids = S-1-1-0
> 	client ldap sasl wrapping = sign
> 	saf:ttl = 86400
> 	winbind max clients = 6100
> 	idmap config * : backend = passdb
> 	idmap config * : range = 0-199999
> 	idmap config CLIENT:backend = rid
> 	idmap config CLIENT:range = 200000-4999999
> 	idmap config CLIENT2:backend = rid
> 	idmap config CLIENT2:range = 5000001-5999999
> 	map to guest = never
> 	max log size = 50
> 	lock directory = /var/vol/3/.ctera/samba/lock
> 	state directory = /var/vol/3/.ctera/samba
> 	cache directory = /var/vol/3/.ctera/samba/cache
> 	gencache:hash_size = 10000
> 
> [cloud]
> 	path=/var/vol/cloud
> 	comment=
> 	wide links=no
> 	vfs objects = fruit streams_xattr acl_xattr shadow_copy2
> 	use sendfile = true
> 	strict sync=yes
> 	acl_xattr:ignore system acls = yes
> 	force unknown acl user = yes
> 	shadow:snapdir = .snapshots
> 	shadow:snapdirseverywhere = yes
> 	csc policy = manual
> 	admin users=
> 	guest ok = no
> 	read only = no
> 	store dos attributes = yes
> 	map archive = no
> 	map hidden = no
> 	map readonly = yes
> 	map system = no
> 	nt acl support=yes
> 	map acl inherit=yes
> 	inherit acls=yes
> 	create mask = 0666
> 	directory mask = 0777
> 	ea support = no
> 	valid users="+BUILTIN\Administrators"
> 	invalid users=
> 	read list=
> 	write list="+BUILTIN\Administrators"
> 	acl allow execute always = no
> 	allocation roundup size = 0


Can I suggest you read 'man smb.conf' there are lots of errors and
default lines, but two jump out:

passdb backend = smbpasswd
This is old school, you should be using the 'tdbsam' backend.

idmap config * : backend = passdb
This is wrong, you should be using the 'tdb' backend.

Finally, have you read the reply from Andrew ?
>From his post, it looks like you have shot yourself in the foot ;-)

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba