[Bug 666450] New: smbd crash on start, cannot opnen secrets.tdb
https://bugzilla.novell.com/show_bug.cgi?id=666450 https://bugzilla.novell.com/show_bug.cgi?id=666450#c0 Summary: smbd crash on start, cannot opnen secrets.tdb Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: x86-64 OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Samba AssignedTo: samba-maintainers@SuSE.de ReportedBy: Joachim.Reichelt@helmholtz-hzi.de QAContact: samba-maintainers@SuSE.de Found By: --- Blocker: --- Created an attachment (id=409705) --> (http://bugzilla.novell.com/attachment.cgi?id=409705) strace -f `which smbd` > 1 2&>a User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0b9) Gecko/20110110 Firefox/4.0b9 I cannot start smbd. It immideately crashes silently. Reproducible: Always Steps to Reproduce: rcsmbd start ps -ef | grep smbd (is empty) To see what is going on I did an strace: strace -F /usr/sbin/smbd after: rpm -e samba ... (all pakages with samba in the name rm -rf /etc/samba /var/lib/sambe /var/log/samba zypper in samba-client samba strace -f `which smbd` > 1 2&>a File a is attached -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c1
--- Comment #1 from Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c2
Lars Müller
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c3
Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c4
--- Comment #4 from Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c5
Lars Müller
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c6
Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c7
Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c8
Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c9
Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c10
--- Comment #10 from Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c11
Chuck Taylor
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c12
--- Comment #12 from Chuck Taylor
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c13
--- Comment #13 from Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c14
Li Bin
Created an attachment (id=415186) --> (http://bugzilla.novell.com/attachment.cgi?id=415186) [details] /etc/apparmor.d/usr.sbin.*mbd as tar
Working files for samba: /etc/apparmor.d/usr.sbin.smbd /etc/apparmor.d/usr.sbin.nmbd
With this file the rcsmb start successfully, but the rcnmb start failed. Mar 2 13:47:50 ATong nmbd[17259]: [2011/03/02 13:47:50.869205, 0] nmbd/nmbd.c:861(main) Mar 2 13:47:50 ATong nmbd[17259]: error opening config file -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c15
--- Comment #15 from Joachim Reichelt
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c16
--- Comment #16 from Eberhard Harbrink
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c17
Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c18
Eberhard Harbrink
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c19
James McDonough
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c20
Davide Vernè
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c21
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c22
--- Comment #22 from Heidi Lahtinen
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c23
--- Comment #23 from Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c24
John Harmon
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c25
Jeff Mahoney
I upgraded an old server and tested with Jeff's packages (latest) and ran into at least one file that is not covered by the AppArmor profile there and will cause issues issues;
[2011/03/17 20:48:32.485909, 1] lib/server_mutex.c:64(grab_named_mutex) Could not open mutex.tdb: Permission denied
/var/lib/samba/mutex.tdb
Can you attach your /var/log/audit/audit.log? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c26
Heidi Lahtinen
Can you attach your /var/log/audit/audit.log?
Sorry Jeff, we ran into other issues on the server (not related to the upgrade or AppArmor) and lazed the entire system, including logs. However I did not run into any other files other than that mutex.tdb that it complained about. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c27
P Linnell
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c28
Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c29
--- Comment #29 from Heidi Lahtinen
Test packages again at:
Works like coffee in the morning - push 'em out? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c30
Dmitri Kolobov
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c31
Christian Boltz
...parent=2686 profile="/usr/sbin/smbd" name="/mnt/d04/pub/" pid=10299 ...
You are opening a can of worms ;-) because samba shares can basically be every directory on your system depending on the samba config. The profile has @{HOMEDIRS}/** lrwk, which means read and write permissions for home directories (/home/*). There are two options to solve this in a clean way: a) edit /etc/apparmor.d/tunables/home or (better) /etc/apparmor.d/tunables/home.d/site.local and add your /mnt/d04/pub directory to @{HOMEDIRS} b) have a separate tunable for samba shares, maybe /etc/apparmor.d/tunables/samba. It could contain: @{SMBSHARE}=@{HOMEDIRS} /mnt/d04/pub (default value should be @{HOMEDIRS}) Jeff, what do you think about having a separate @{SMBSHARE} tunable? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c32
--- Comment #32 from P Linnell
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c33
Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c34
--- Comment #34 from Dmitri Kolobov
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c35
--- Comment #35 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c36
David Disseldorp
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c37
--- Comment #37 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c38
--- Comment #38 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c39
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c40
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com