[Pkg-samba-maint] Bug#520794: samba: smbd memory usage always increase - memory leak
Massimiliano Ferrero
m.ferrero at midhgard.it
Sun Mar 22 19:16:24 UTC 2009
Package: samba
Version: 2:3.2.5-4
Severity: important
Short description: after upgrade from etch to lenny we are experiencing a memory
leak in smbd processes.
We have a production system made of two samba server, pdc and bdc for a domain;
user backend is in openldap, managed through ldap-account-manager
The pdc acts as file server for about 50 clients, clients are mixed operating
systems: there are still about 10 Win95/98, about 35 Windows XP, one Windows 2000
server and three Windows 2003 servers, almost all into the domain.
Until two weeks ago the two samba server were on debian etch and the system was
stable, no problems reported, we had upgraded to etch around september 2007, so
the system has been stable for at least one and a half year.
We use munin to monitor server memory and other counters: we discovered that since
samba upgrade to 3.2.5 memory usage has started to increase linearly. Before memory
usage was constant.
There is one pc with an application active 24/7 and the smbd correspondig to this
process is using about 350 MB ram and increasing
ps auxn|grep smbd
1000 7296 0.0 0.0 3144 764 pts/1 S+ 20:04 0:00 grep smbd
0 8528 0.0 0.3 16668 3772 ? Ss Mar18 0:19 /usr/sbin/smbd -D
0 8534 0.0 0.2 16360 2084 ? S Mar18 0:01 /usr/sbin/smbd -D
1000 8535 2.7 33.7 362000 349932 ? S Mar18 191:14 /usr/sbin/smbd -D
0 9251 0.0 0.4 17616 4176 ? S Mar18 0:04 /usr/sbin/smbd -D
0 9415 0.0 1.3 25740 14252 ? S Mar18 4:47 /usr/sbin/smbd -D
10024 13280 0.0 0.6 18520 6992 ? S Mar20 0:07 /usr/sbin/smbd -D
0 16733 0.0 0.5 18252 5864 ? S Mar18 0:10 /usr/sbin/smbd -D
0 23226 0.0 0.6 18376 6596 ? S Mar18 0:07 /usr/sbin/smbd -D
The fourth process is the one that is using 350 MB ram
The process has used 191 minutes of cpu, this is consistent with the client application
being active for about one week without shutdown.
I suppose we do not see other processes in such a situation because there are no other
clients running 24 hours a day.
We are using vfs_full_audit, I read in mainstream samba changelog for 3.2.8:
* Fix a bad memleak in vfs_full_audit.
Has this bug been fixed in 3.2.5-4 for lenny? Could we be experiencing this bug?
If so is it possible to backport the relevant patch to lenny source?
If it is necessary to verify if the bug is this one I can disable vfs_full_audit and run the server
in this condition for a week.
Thanks for your help
Best regards
Massimiliano Ferrero
Here is /etc/samba/smb.conf
[global]
workgroup = DOMAIN
netbios name = PDC
server string = %h (Linux Server)
encrypt passwords = true
lanman auth = Yes
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=admin,dc=domain,dc=com
ldap suffix = dc=domain,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap ssl = No
ldap passwd sync = Yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
Dos charset = 850
Unix charset = ISO8859-1
syslog = 0
log level = 0
log file = /var/log/samba/log.client
max log size = 1000
unix extensions = Yes
logon script = scripts\logon.bat
logon path =
preferred master = Yes
domain master = Yes
domain logons = Yes
os level = 85
dns proxy = No
wins support = Yes
vfs objects = full_audit
full_audit:prefix = %u|%I
full_audit:success = chdir chmod chmod_acl chown close connect disconnect fchmod fchmod_acl fchown
mkdir open opendir read rename rmdir sendfile unlink write
full_audit:failure = chdir chmod chmod_acl chown close connect disconnect fchmod fchmod_acl fchown
mkdir open opendir read rename rmdir sendfile unlink write
full_audit:facility = LOCAL3
full_audit:priority = INFO
load printers = yes
printing = cups
printcap name = cups
use client driver = No
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
map to guest = Bad User
guest account = username
# invalid users = root
[netlogon]
path = /home/netlogon
write list = @"Domain Admins"
msdfs root = Yes
... other shares follow
-- System Information:
Debian Release: 5.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages samba depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0 1.5.24 Debian configuration management sy
ii libacl1 2.2.47-2 Access control list shared library
ii libattr1 1:2.4.43-2 Extended attribute shared library
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libcomerr2 1.41.3-1 common error description library
ii libcups2 1.3.8-1lenny4.1 Common UNIX Printing System(tm) -
ii libgnutls26 2.4.2-6+lenny1 the GNU TLS library - runtime libr
ii libkrb53 1.6.dfsg.4~beta1-5 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.11-1~midhgard+1 OpenLDAP libraries
ii libpam-modules 1.0.1-5 Pluggable Authentication Modules f
ii libpam-runtime 1.0.1-5 Runtime support for the PAM librar
ii libpam0g 1.0.1-5 Pluggable Authentication Modules l
ii libpopt0 1.14-4 lib for parsing cmdline parameters
ii libtalloc1 1.2.0~git20080616-1 hierarchical pool based memory all
ii libwbclient0 2:3.2.5-4 client library for interfacing wit
ii logrotate 3.7.1-5 Log rotation utility
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
ii procps 1:3.2.7-11 /proc file system utilities
ii samba-common 2:3.2.5-4 Samba common files used by both th
ii update-inetd 4.31 inetd configuration file updater
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
samba recommends no packages.
Versions of packages samba suggests:
pn ldb-tools <none> (no description available)
ii openbsd-inetd [inet-superse 0.20080125-2 The OpenBSD Internet Superserver
ii smbldap-tools 0.9.4-1 Scripts to manage Unix and Samba a
-- debconf information:
samba/nmbd_from_inetd:
samba/log_files_moved:
samba/tdbsam: false
* samba/generate_smbpasswd: true
* samba/run_mode: daemons
More information about the Pkg-samba-maint
mailing list