Package: samba Version: 3.0.23a-1 Severity: grave Justification: possible breakage when upgrading from earlier versions, regression, unusable feature
Hi, I upgraded a server from sarge to etch, but a new smbd refuses to work. I tracked down that the problem had first appeared in 3.0.23a-1. 3.0.22-1, which I have installed now, works fine as did smbd shipped with sarge. I have passdb backend = ldapsam:ldap://localhost, tdbsam option in smb.conf. smbd 3.0.23 appears to "start", but it kind of hangs, ONLY kill -9 can kill it. The following errors start appearing in /var/log/samba/log.smbd: smbd version 3.0.23d started. Copyright Andrew Tridgell and the Samba Team 1992-2006 [2007/01/29 13:37:13, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:13, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 1 try! [2007/01/29 13:37:14, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:14, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 2 try! [2007/01/29 13:37:15, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:15, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 3 try! [2007/01/29 13:37:16, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:16, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 4 try! [2007/01/29 13:37:17, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:17, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 5 try! [2007/01/29 13:37:18, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:18, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 6 try! [2007/01/29 13:37:19, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:19, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 7 try! [2007/01/29 13:37:20, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:20, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 8 try! [2007/01/29 13:37:21, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:21, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 9 try! [2007/01/29 13:37:22, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:22, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 10 try! [2007/01/29 13:37:23, 0] lib/smbldap.c:smb_ldap_setup_conn(638) ldap_initialize: Time limit exceeded [2007/01/29 13:37:23, 1] lib/smbldap.c:another_ldap_try(1150) Connection to LDAP server failed for the 11 try! .... and so on forever... It keeps retrying.... It took me a while to determine what was wrong. Actually, the bug lies in fact that I have two passdb backends specified as: passdb backend = ldapsam:ldap://localhost, tdbsam and smbd fails to parse this option properly, which is perfectly valid as per official documentation (scoll to the end): http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html So consider the following debuging output: samba 3.0.23a and later: ------------- # smbd -S -d10 -i | grep smb_ldap_setup_connection smb_ldap_setup_connection: ldap://localhost, tdbsam smb_ldap_setup_connection: ldap://localhost, tdbsam smb_ldap_setup_connection: ldap://localhost, tdbsam smb_ldap_setup_connection: ldap://localhost, tdbsam .... and futher retries -------------- samba 3.0.22 and earlier: -------------- # smbd -S -d10 -i | grep smb_ldap_setup_connection smb_ldap_setup_connection: ldap://localhost -------------- So in the first case "ldap://localhost, tdbsam" gets passed to ldap_initialize() as LDAP server URI which is obviously wrong. No wonder that function fails (though error could more accurate than "Time limit exceeded"). Away samba <= 3.0.22 does the right thing. This bug is regression, it prevents me from specifying a fallback backend and may break perfectly valid configs when upgrading from sarge to etch - hence grave severity. I think it must be fixed for etch. -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (1001, 'testing'), (500, 'testing-proposed-updates') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-686 Locale: LANG=lt_LT, LC_CTYPE=lt_LT (charmap=ISO-8859-13) Versions of packages samba depends on: ii debconf 1.5.11 Debian configuration management sy ii libacl1 2.2.41-1 Access control list shared library ii libattr1 2.4.32-1 Extended attribute shared library ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries ii libcomer 1.39+1.40-WIP-2006.11.14+dfsg-1 common error description library ii libcupsy 1.2.7-2 Common UNIX Printing System(tm) - ii libkrb53 1.4.4-6 MIT Kerberos runtime libraries ii libldap2 2.1.30-13.2mdx1 OpenLDAP libraries ii libpam-m 0.79-4 Pluggable Authentication Modules f ii libpam-r 0.79-4 Runtime support for the PAM librar ii libpam0g 0.79-4 Pluggable Authentication Modules l ii libpopt0 1.10-3 lib for parsing cmdline parameters ii logrotat 3.7.1-3 Log rotation utility ii lsb-base 3.1-22 Linux Standard Base 3.1 init scrip ii netbase 4.28 Basic TCP/IP networking system ii samba-co 3.0.22-1 Samba common files used by both th Versions of packages samba recommends: ii smbldap-tools 0.9.2-3 Scripts to manage Unix and Samba a -- debconf information: samba/nmbd_from_inetd: samba/log_files_moved: samba/tdbsam: false * samba/generate_smbpasswd: true * samba/run_mode: daemons -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
