Kernel Traffic
Latest | Archives | People | Topics
Wine
Latest | Archives | People | Topics
GNUe
Latest | Archives | People | Topics
Czech
Home | News | RSS Feeds | Mailing Lists | Authors Info | Mirrors | Stalled Traffic
 

Samba Traffic #3 For 14 Dec 1999

By Peter Samuelson

Table Of Contents

Introduction

As discussed in Issue #1, article 12, the samba-bugs mailing list is being decommissioned in favor of samba and the others. This has had a very noticeable effect in the last week, as both samba and samba-ntdom seemed to have a lot more bug reports and tech-support questions than before. The weighty technical discussions are still there if you look, but are getting a little harder to find. In other news, we are starting to hear talk of moving the new and exciting Samba 2.1.0 branch toward a stable release. There might be even money, at this point, on whether the Samba team will end up merging the neat new features into what is now the stable (2.0.x) branch, or just stabilize the 2.1.0 branch; either option could prove problematic. Needless to say, nobody has started talking yet about actual release dates for Samba 2.2 (as the next major release will be known). Perhaps now is a perfect time to start up that office pool to bet on what day the new release hits the FTP sites. Alternatively, you can place bets on whether it will beat Windows 2000 out the door.

Mailing List Stats For This Week

We looked at 343 posts in 704K.

There were 177 different contributors. 53 posted more than once. posted last week too.

The top posters of the week were:

1. New Plans for NMBD

4 Dec 1999 (1 post) Archive Link: "NetBIOS Kernel Project - another nmbd rewrite!"

People: Luke Leighton

Luke Leighton was interested in reorganizing the nmbd subsystem into multiple modules. He posted one of his Master Plans for this on samba-technical, soliciting volunteers to help him flesh it out. Nobody responded. The one-post thread full of grand ideas is easier to quote than to summarize:
i just created a "proxy" system which currently has two uses: a port 137 redirector and a port 139 redirector. this means that, AT LAST, we can write a proper "NetBIOS Kernel". the proposal includes the creation of: finally, nmblookup will be able to read node status responses while nmbd is running, because nbtd will redirect the botched response up a unix pipe to nmblookup. finally, we will be able to write UDP mailslot client code that works, because we can have nbtd redirect the UDP response back to the client. hooray. ok. so. any takers? :-) :-) me? oh, i'm going to write an msrpc agent, run a unix socket back-end off of the smbd msrpc \PIPE\ code, and then split smbd into several daemons, like samrd and lsarpcd and svcctld, which i've been meaning to do since 1997!

2. Problems With SMBPASSWD in the Development Code

5 Dec 1999 - 10 Dec 1999 (30 posts) Archive Link: "smbpasswd not finding smbpasswd file"

People: Jerry CarterSander Striker

It appears that something in the Samba HEAD branch code has broken the smbpasswd utility. Joel Martin complained of the error message: Domain password server not available.
Can't setup password database vectors.
Lots of people checked in, confirming that they were having the same problem. Grant Wallace suggested working around it by telling CVS to check out month-old code. As no solution seemed forthcoming, Sander Striker posed the general question: is anyone running recent CVS builds and not affected by this bug? Not long after, Jerry Carter responded:
I'm working on it.
Alessandro Bruni, meanwhile, was working around it by using smbpasswd from Samba 2.0.6. The next day, under a new thread, Jerry thought he had improved matters:
Would those who are interested, please grab a new copy of the code and see if smbpasswd behaves better this time?
He added that his Solaris server was still having trouble. Everyone else started checking in again with new error messages, most of which included "Connection refused". Jerry eventually figured out:
Yes, well apparently you need to run smbd, nmdb and the new lsarpcd daemons.
Easier said than done, according to Sander Striker:
Right, but in the current cvs version the lsarpc deamon doesn't get build as far as I know (correct me if I'm wrong). How do we get this to run?
And even with lsarpcd running, apparently things still don't work properly, according to Jerry:
Still trying to work out what else is going on here.
The 2.1.0 branch of code, it would seem, is not called "prealpha" for nothing.

3. Help! Win95 Broke and I Don't Care!

5 Dec 1999 (1 post) Archive Link: "trace required of w9x to nt pdc (domain controller)"

People: Luke Leighton

Luke Leighton, posting on samba-ntdom and samba-technical, needs help. It seems that Windows95 and its service pack progeny are no longer able to connect to the latest development Samba versions, due to changes in RPC responses, specifically GetDC. However, Luke personally despises That Operating System, so someone else will have to track it down:
personally, i couldn't care less if 9x can't talk to samba, however i understand that others may not feel the same way about 9x that i do. that doesn't mean that i'm going to install 9x or even go near it. so :) that means that some kind soul needs to make a network trace, preferably with netmon, of a win9x host "discovering" an NT pdc, and then sending me the UDP 138 traffic portions so that i can compare and then code...
If anyone out there still uses Windows95 and wants to use it with future versions of Samba, he says,
this is your opportunity to make sure that you can.

4. Storing Profiles in Home Directories

6 Dec 1999 - 8 Dec 1999 (6 posts) Archive Link: "profiles in home"

People: Klaus KappelKevin ColbySeth VidalJens SkripczynskiOndrej HanakAndy Polyakov

Ondrej Hanak had read somewhere that storing profiles in home directories was a bad idea, and wanted to know the details. Klaus Kappel, on samba-ntdom, answered:
AFAIK, it was a matter of design und usability. some users might delete or move the directory profiles by accident or ignorance. I think this problem is not yet solved. ;-)
Jens Skripczynski said it was a client-side problem, i.e. there is not much Samba can do about it. Later, Kevin Colby explained more fully:
Actually, as I understand it, it has to do with some subtleties in the way NT "logs out" versus the way 9x "logs out". Something about how NT doesn't reconnect the profile share until after the next login session starts, so if it were a user's home, the loggin in user may not have permission to the share, and hence, no profile. There really is no "solution" on the samba end in that case. NT is just funky like that.
Seth Vidal, though, said:
just make a separate profile share on your samba server and wa-la the problem is gone.
Andy Polyakov posted a config file snippet implementing a clever variation: a separate "profiles" share with auto-generated symlinks back to the profiles in the home directories.

5. Splitting Up Samba Daemons, or "Luke Develops Too Fast"

8 Dec 1999 - 9 Dec 1999 (12 posts) Archive Link: "major architectural "split""

People: Luke LeightonAlan HourihaneTim PotterJeremy AllisonAndrew TridgellChris Tooley

Luke Leighton unveiled yet another new Master Plan on samba-ntdom and samba-technical:
i liked unix sockets so much when i wrote smb-agent that i decided to write an msrpc-agent too. the purpose of this is to be able to split the currently massive smbd program into several smaller daemons, such as lsarpc, netlogond, spoolssd, svcctld etc. if people want to add their own daemons (both client and server side) then this should be very, very easy to do.
(It must be noted that what Luke considers "very, very easy" may not be what most people would think.) This split would have a number of advantages, he said, including the possibility of mixing and matching development code with stable code (in different daemons). He continued,
i am not looking forward to having to modify 2.0.x and cvs main to do this, but once it is done, it will DEFINITELY make development of samba MSRPC services so much easier.
Alan Hourihane was quite excited about this idea.
I always shudder when I have to kill an smbd process as it kills so many other things. Being able to kill a specific service in cases of trouble will definately improve things over here.
Chris Tooley agreed, and wondered whether the config file would also be split up. Tim Potter was much less enthusiastic:
Can you make a branch or something to do all this major stuff in? I get the impression that people (i.e everyone who uses this stuff for work related purposes) really want a stable Samba with all the PDC stuff in it instead of having to take a punt at whether the latest CVS HEAD actually compiles.
He had several ideas for getting a stable release, including:
give luke his own branch (-:
Jeremy Allison agreed on all points except the Luke Branch idea:
We tried this before. It had to be abandoned :-(.
Luke acknowledged that his fast-paced development style was not well suited to stable releases, but maintained that, in this case the new architecture would, in the long run, improve matters:
that's just the way i work (commit 4 to 8 times a day) and i rely on you nice people to give me feedback on things i forgot (thank you! thank you!) adding this SMB<->MSRPC interface into samba will make it easier to create snapshots of different daemons,. i really, really do not want to get into the situation where here we are one year later and the development branch still hasn't been merged with the release branch. on a per-daemon basis, i want to be able to cut that time to a maximum of three weeks. ABSOLUTE maximum. that's simply not going to happen with the current architecture.
Tridge reminded him,
but sometime, eventually, we have to do a STABLE release.
He went on to point out some difficulties with Luke's style of development:
You don't like doing the work to make code stable. Fine. But please don't be too critical about those of us who do try to make the damn stuff stable. It might not be as sexy but it does take a lot of work. I am also pretty convinced that no matter when we decide to try to merge your development code in, by the time we are done you will once again be complaining that we shouldn't be using that old crud and should instead be using your all-new way of doing things whatever that might be.
Finally,
I just don't trust you in the branch that we are aiming to make stable, you don't care enough about stability.
Jeremy Allison agreed:
Luke - this new code has to be severly examined by someone other than you before we can possibly accept it. This means security review, error return corrections (which you admit you don't always do :-) and many other things. No way can we just take this code sight unseen. You are changing too much. You have done this before. Be careful. This new code might be wonderful. It might not. Until other Team members have reviewed the changes it is too dangerous to accept into stable. Way too dangerous :-).

6. Bug in Auxilliary Utility Code

8 Dec 1999 (5 posts) Archive Link: "util.c:get_trusted_serverlist()"

People: Jerry CarterLuke Leighton

Jerry Carter found what seemed to be a bug in the get_trusted_serverlist() function:
if (lp_server_role() == ROLE_DOMAIN_PDC), then shouldn't our name always be in the list of trusted servers? Right now in smbpasswd.c, this is returning NULL up to clientgen.c:get_any_dc_name() and is breaking things.
Luke Leighton wasn't sure why the problem was occuring:
the code checks lp_workgroup() == domain to return lp_passwordserver() list. therefore, what is your workgroup?
Jerry answered,
I've had so much fun trying to figure out what you've been doing lately. ;) Hmm....where to start?
Then he posted several bits of Samba code, annotated with notes of what he thought was going on. Finally, he wrote,
if you want to follow this through with a debugger, simply start at the pwdb_initialise (False) call in smbpasswd.c:main(). Could you make sense of this for me please?
Luke was convinced.
ok, it's a mess. i fix it.
Thanks to e-mail timestamps, we know that it took him exactly eight minutes and eight seconds.
fixed. can u test?

7. Strange File Locking Bug

8 Dec 1999 - 10 Dec 1999 (3 posts) Archive Link: "'fcntl lock of file' failing, Sol-2.6, Samba-2.0.6"

People: Andrew RakowskiDavid Collier-Brown

Andrew Rakowski seeing Samba die with a message about fcntl failing. He posted a comprehensive bug report, including details of his OS, compiler versions, and selected portions of: smb.conf, log file output, a syscall trace and the output from his configure run. (Note to all you beta testers out there: software developers love bug reports with this much detail.) He tracked down the problem himself, and posted his findings the next day. As it turned out, Andrew had built Samba on an AFS partition, which supports different locking capabilities than UFS, which he installed on. Thus, although the configure script includes tests to determine what types of file locking are available, these tests were defeated. His conclusion:
Moving the configure and build process to a ufs filesystem solves the problem. Ideally, test/fcntl_lock.c should try creating it's test file in the lock directory (LOCKDIR - if it exists), in which case this would test whether locking will work during runtime.
(Another note to beta testers: if you trace and fix your own bugs, developers will really love you!) David Collier-Brown agreed that taking pains to do the locking test on the right filesystem would probably be better, but that wouldn't stop this sort of problem from occuring in other circumstances.

8. Fun With Windows95 Drive Letters

9 Dec 1999 - 10 Dec 1999 (15 posts) Archive Link: "Mapping Drive Z"

People: Mike HarrisChris TooleyCelso WebberLee Taylor

Chris Tooley was having trouble with Windows95: he wanted to map a share to drive Z during logon. Windows wouldn't do it, claiming that Z: was in use, which didn't seem to be true. Mike Harris suggested the pragmatic approach:
I'd let Win9x have it's way with the default Z: drive and map home to U: in the logon.bat script
. According to Chris, this was not feasible because of
about 8 billion other shortcuts, all of which will be broken if we map the new share of those things to a different drive letter. This wouldn't be a problem if we had users that understood the concept of changing the driver letter in the shortcuts.
Celso Webber had some information:
this is a WinBlows 9x issue. As far as I can tell, Winblows 9x maps internally drive Z: for profiles, and when the user interface is available for use, you don't see that drive mapped anymore.
Lee Taylor, in between answering his helpdesk calls, also replied:
What I have done though is put a "NET USE L: \\<Samba Server>\Netlogon /YES" so that "L:" is always the netlogon drive. Also I have set "logon drive = l:" so that my WinNT clients use the same drive.
Others suggested using a batch file on the local system that did NET USE Z: /DELETE to free up drive Z. Strangely enough, considering this was Windows95, nobody seemed to have an elegant solution to the problem.

9. Miscellaneous Quick Questions & Answers

3 Dec 1999 - 8 Dec 1999 (18 posts) Archive Link: "(miscellany)"

People: Win98 Resource KitJason DiegmullerPeter HolzerEric MaquilingDon McCallJeremy AllisonDaniel PolomboDavid Collier-BrownDave Collier-Brown

As mentioned in the introduction to this newsletter, there has been a noticeable increase in quick-question-quick-answer threads lately, especially on the samba list. Here are a few highlights: Thread: group policies under win98
Problem: Andrew Bell couldn't get group policies to work under Windows98.
Solution: Matej Ondrusek quoted the Windows98 Resource Kit:
If you want to use group policies, you must install that capability on each computer running Windows 98 by either using a custom setup script when you install Windows 98 or using the Add/Remove Programs option in Control Panel.
Thread: Approach to permissions, UNIX usernames, and UNIX groups ..
Problem:
Is there a way to tell SAMBA to assign files being written to the group of the subdirectory the file is being written to?

Solution: Michael Szengel noted that setting the SetGID bit on a directory would do what Jason wanted, and Peter Holzer added,
On Linux you can also get this behaviour on all directories by mounting the file system with the "bsdgroups" option. No need to set setgid bits on a gazillion of directories.
Thread: Using the Connect as: field in NT fails to authenticate
Problem: Duane Ryan was having trouble getting NT to connect to the same fileserver for two shares under two separate sets of credentials (usernames/passwords) under NT.
Solution: This comes up periodically and usually someone suggests the ugly hack of using an IP address for the server one of the times, rather than its NetBIOS name, so that NT will not realize it's the same box. This time, though, Eric Maquiling had a different approach:
Are you doing something like this, because this works for me: 'net use * \\machine\share * /user:othermachinename\userid'? If you have accounts on 2 non trusted domains, you could also do: 'net use * \\machine\share * /user:domain_name\userid'
Thread: samba without tcp/ip
Problem: Someone named Joe wondered:
Is it possible to access a samba server without using tcp/ip?

Solution: Don McCall took this one:
No, I don't know of any way to do this - Samba and the CIFS protocol it sits on top of is implemented on the NBT protocol (NetBios over TCP/iP); there is no 'netbeui' (the local lan protocol that Microsoft uses if you don't want to use tcpip) implementation for Samba that I know of...
Thread: Solaris 2.4 and 2.0.6: socket ?
Problem: Christian Barth was having smbd crash on startup, on Solaris 2.4.
Solution: Jeremy Allison knew why:
Amazingly, it seems Solaris 2.4 - 2.5.1 shipped with a completely broken recv() call. Solaris 2.6 and above are ok. You need to change the recv calls in lib/util_sock.c to use read() for these versions of Solaris......
He mentioned that this was fixed (well, worked around) for the next Samba release. Thread: rookie - mount nt share from Solaris 2.6?
Problem: Joel Riedesel wanted smbfs for Solaris. He wanted to share files from NT. He had already tried, and found to be unstable, various NFS servers on NT.
Solution: Daniel Polombo confirmed that smbfs is Linux-specific, but added:
You can use Sharity (a professionnal product, that you may find expensive) or Sharity-light (formerly known as Rumba), the latter being actually a port of an older version of smbfs.
Thread: Samba 1.9 Y2K ?
Problem: Jean-Philippe Battu asked about the Y2K status of Samba 1.9.18p10 on HP/UX 10 and 11.
Solution: Jeremy Allison reassured him:
If the underlying OS is Y2K complient, then this version of Samba will be too.
Thread: permission problems
Problem: Craig Hansen was having occasional problems where one Windows user was overwriting a file on a Samba share and the file, which was formerly writable by other users, no longer was.
Solution: Steve Litt and Dave Collier-Brown both referred him to the force group, directory mode and create mask parameters in smb.conf. Dave added,
This is similar to a recurring problem with Win apps: Many Windows applications rename their data files to datafile.bak and create new ones, thus changing their ownership and permissions so that members of the same Unix group can't edit them. Setting force create mask = 0660 will keep the new file editable by members of the group.

 

 

 

 

 

 

Sharon And Joy
 

Kernel Traffic is grateful to be developed on a computer donated by Professor Greg Benson and Professor Allan Cruse in the Department of Computer Science at the University of San Francisco. This is the same department that invented FlashMob Computing. Kernel Traffic is hosted by the generous folks at kernel.org. All pages on this site are copyright their original authors, and distributed under the terms of the GNU General Public License version 2.0.