Web lists-archives.com

[Samba] winbind service panics "randomly"




Hi all,
on a recently installed samba file server, the winbind service crashes
apparently randomly. Every few hours it's necessary to  restart the winbind
service and then it works for a few more hours. Any ideas are welcome.
1) the environment: 2 debian stretch DC's with round-robind bind+dhcp with
dns-update. 1 fileserver also (AD backend) on debian stretch. All on self
compiled samba 4.8.5 with, a hopefully thorough, reading of the wiki.
Several windows 10 and ubuntu clients. About 30 user accounts.
2) DC smb.conf (for the other DC is basically the same) :
[global]
        realm = EUROHIDRA.LOCAL
        workgroup = EUROHIDRA
        netbios name = EHSERVER
        interfaces = lo br0
        bind interfaces only = Yes
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
        log level = 1
        log file = /var/log/samba/samba.log
        username map = /usr/local/samba/etc/user.map
        server services = -dns

        passwd program = /usr/bin/passwd %u
        time server =yes
        unix password sync = yes
        dedicated keytab file = /etc/krb5.keytab
        kerberos method = secrets and keytab
        winbind refresh tickets = Yes
        winbind use default domain = yes

#Disable printing share
        load printers = no
        printing = bsd
        printcap name = /dev/null
        disable spoolss = yes

3) FileServer smb.conf (stripped of the shares section)
[global]
        security = ADS
        workgroup = EUROHIDRA
        realm = EUROHIDRA.LOCAL
        netbios name = EHFS
        interfaces = lo br0
        bind interfaces only = yes
        log file = /var/log/samba/%U.log
        log level = 2
        username map = /usr/local/samba/etc/user.map

        idmap config EUROHIDRA : backend = ad
        idmap config EUROHIDRA : range = 10000-999999
        idmap config EUROHIDRA : schema_mode = rfc2307
        idmap config EUROHIDRA : unix_nss_info = yes
        idmap config * : backend = tdb
        idmap config * : range = 3000-7999

        vfs objects = acl_xattr
        map acl inherit = yes
        store dos attributes = yes

        kerberos method = secrets and keytab
        dedicated keytab file = /etc/krb5.keytab
        winbind refresh tickets = Yes

        #only for ext4. remove for other FS's
#       strict allocate = yes
#       min receivefile size = 16384
#        use sendfile = yes
#       server min protocol = SMB2
#       write cache size = 65536

The commented sections were commented as an attempt to troubleshoot the
issue without success

4) relevant part of log (level 2 and, yes I did  read the Trouble-Shooting
section of the Samba HOWTO)
[2018/11/13 17:22:52.262442,  2]
../source3/smbd/server.c:807(remove_child_pid)
  Could not find child 21430 -- ignoring
[2018/11/13 17:35:33.758050,  1] ../source3/lib/messages.c:879(send_all_fn)
  send_all_fn: messaging_send_buf to 21600 failed:
NT_STATUS_OBJECT_NAME_NOT_FOUND
[2018/11/13 17:37:52.366208,  2]
../source3/smbd/server.c:807(remove_child_pid)
  Could not find child 21615 -- ignoring
[2018/11/13 17:48:03.853944,  1] ../source3/lib/messages.c:879(send_all_fn)
  send_all_fn: messaging_send_buf to 21672 failed:
NT_STATUS_OBJECT_NAME_NOT_FOUND
[2018/11/13 17:50:38.270121,  0] ../lib/util/fault.c:79(fault_report)
  ===============================================================
[2018/11/13 17:50:38.270209,  0] ../lib/util/fault.c:80(fault_report)
  INTERNAL ERROR: Signal 11 in pid 18595 (4.8.5)
  Please read the Trouble-Shooting section of the Samba HOWTO
[2018/11/13 17:50:38.270271,  0] ../lib/util/fault.c:82(fault_report)
  ===============================================================
[2018/11/13 17:50:38.270312,  0] ../source3/lib/util.c:815(smb_panic_s3)
  PANIC (pid 18595): internal error
[2018/11/13 17:50:38.281804,  0] ../lib/util/fault.c:261(log_stack_trace)
  BACKTRACE: 56 stack frames:
   #0 /usr/local/samba/lib/libsamba-util.so.0(log_stack_trace+0x1f)
[0x7f3883256a26]
   #1 /usr/local/samba/lib/libsmbconf.so.0(smb_panic_s3+0x6d)
[0x7f387f5a3e81]
   #2 /usr/local/samba/lib/libsamba-util.so.0(smb_panic+0x28)
[0x7f38832569f1]
   #3 /usr/local/samba/lib/libsamba-util.so.0(+0x216b5) [0x7f38832566b5]
   #4 /usr/local/samba/lib/libsamba-util.so.0(+0x216ca) [0x7f38832566ca]
   #5 /lib/x86_64-linux-gnu/libpthread.so.0(+0x110c0) [0x7f38850360c0]
   #6
/usr/local/samba/lib/private/libsamba3-util-samba4.so(strlower_m+0x34)
[0x7f387e8f1fac]
   #7 /usr/local/samba/sbin/winbindd(fill_domain_username_talloc+0x4a)
[0x563baa688ae9]
   #8 /usr/local/samba/sbin/winbindd(+0x78965) [0x563baa6d1965]
   #9
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #10 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #11 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #12 /usr/local/samba/lib/private/libdcerpc-samba4.so(+0xafb9)
[0x7f3882bddfb9]
   #13
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #14 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #15 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #16 /usr/local/samba/lib/private/libdcerpc-samba4.so(+0xabf1)
[0x7f3882bddbf1]
   #17
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #18 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
 #19 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #20 /usr/local/samba/lib/libdcerpc-binding.so.0(+0x1f069)
[0x7f38836d9069]
   #21
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #22 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #23 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #24 /usr/local/samba/lib/libdcerpc-binding.so.0(+0x1e5ac)
[0x7f38836d85ac]
   #25
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #26 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #27 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #28 /usr/local/samba/sbin/winbindd(+0x6504e) [0x563baa6be04e]
   #29
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #30 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #31 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #32 /usr/local/samba/sbin/winbindd(+0x60e21) [0x563baa6b9e21]
   #33
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #34 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #35 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #36 /usr/local/samba/sbin/winbindd(+0x5fd36) [0x563baa6b8d36]
   #37
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #38 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #39 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #40 /usr/local/samba/lib/private/libLIBWBCLIENT-OLD-samba4.so(+0x2074)
[0x7f387cffa074]
   #41
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #42 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #43 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #44 /usr/local/samba/lib/private/libLIBWBCLIENT-OLD-samba4.so(+0x1ab2)
[0x7f387cff9ab2]
   #45
/usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a)
[0x7f38827a0f80]
   #46 /usr/local/samba/lib/private/libtevent.so.0(+0x7055) [0x7f38827a1055]
   #47 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_done+0x25)
[0x7f38827a107d]
   #48 /usr/local/samba/lib/private/libsmb-transport-samba4.so(+0x26ac)
[0x7f387cdf46ac]
   #49 /usr/local/samba/lib/private/libtevent.so.0(+0xe5a1) [0x7f38827a85a1]
   #50 /usr/local/samba/lib/private/libtevent.so.0(+0xebd9) [0x7f38827a8bd9]
   #51 /usr/local/samba/lib/private/libtevent.so.0(+0xb8d5) [0x7f38827a58d5]
   #52 /usr/local/samba/lib/private/libtevent.so.0(_tevent_loop_once+0x10f)
[0x7f388279f1b1]
   #53 /usr/local/samba/sbin/winbindd(main+0xe3f) [0x563baa684291]
   #54 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)
[0x7f387c3ff2e1]
   #55 /usr/local/samba/sbin/winbindd(_start+0x2a) [0x563baa67ccea]
[2018/11/13 17:50:38.282812,  0] ../source3/lib/dumpcore.c:315(dump_core)
  dumping core in /var/log/samba/cores/winbindd
[2018/11/13 17:51:05.594280,  2]
../source3/param/loadparm.c:319(max_open_files)
  rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
[2018/11/13 17:51:05.595186,  2]
../source3/lib/interface.c:345(add_interface)
  added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
[2018/11/13 17:51:05.595218,  2]
../source3/lib/interface.c:345(add_interface)
  added interface br0 ip=192.168.1.148 bcast=192.168.1.255
netmask=255.255.255.0
[2018/11/13 17:51:05.595408,  2]
../source3/lib/interface.c:345(add_interface)
  added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
[2018/11/13 17:51:05.595435,  2]
../source3/lib/interface.c:345(add_interface)
  added interface br0 ip=192.168.1.148 bcast=192.168.1.255
netmask=255.255.255.0
[2018/11/13 17:51:05.618759,  0]
../source3/winbindd/winbindd_cache.c:3160(initialize_winbindd_cache)
  initialize_winbindd_cache: clearing cache and re-creating with version
number 2
[2018/11/13 17:51:05.621688,  0]
../lib/util/become_daemon.c:138(daemon_ready)
  daemon_ready: STATUS=daemon 'winbindd' finished starting up and ready to
serve connections
[2018/11/13 17:52:52.470073,  2]
../source3/smbd/server.c:807(remove_child_pid)
  Could not find child 21733 -- ignoring
[2018/11/13 18:00:33.934992,  1] ../source3/lib/messages.c:879(send_all_fn)

Googling returned some (old) unresolved or unrelated threads so no help
from there.
A few extras that I believe are irrelevant, but still...
1) DC2 is on a ESXI Virtual Machine
2) Both DCs and Fileserver use bonded (2x)1Gb/s ethernet
3) No firewall, apparmour or similar. All external access is through VPN on
the DCs
4) Everything else appears to work fine. Bind, dhcp, wbinfo, getent, RSA,
GPO's. Can create and delete users and groups etc.

Thank you all for any assistance.
Best regards,
Carlos
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba