[Pkg-samba-maint] Bug#928355: Samba doesn't register the service connection when users access the shares

[Paulo Cesar]

Package: samba
Version: 2:4.2.14+dfsg-0+deb8u12
Severity: normal

Hello,

When searching for information about users who have connected to a certain share in our file sharing service, we realize that the Samba suite's "service.c" module no longer registers this connection in the service logs (/var/log/samba/log.smbd, in our configuration). In previous versions of Debian, as well as in the currently stable (stretch), the Samba daemon recorded the following message when a user connected to the share:
[2019/04/30 09:36:16.865504,  2] ../source3/smbd/service.c:841(make_connection_snum)
  Computer_Name (Source IP Address:Port) connect to service share_name initially as user username (uid=65534, gid=65534) (pid 6804)

And when the user disconnects from the share:
[2019/04/30 09:36:20.817461,  2] ../source3/smbd/service.c:1120(close_cnum)
  Computer_Name (Source IP Address:Port) closed connection to service share_name

To reproduce the situation it is necessary to access a share, on the Samba file server, with a valid user, as in the following example:
smbclient //192.168.1.10/sharename -U username -W DOMAINNAME

The messages previously displayed are no longer registered in the log file even with the policy "log level = 2 auth:3".

Our Samba file service configuration in use is the following:
[global]
  workgroup = DOMAINNAME
  netbios name = SERVER
  netbios aliases = SERVEROLD
  passdb backend = ldapsam:"ldaps://ldap.server.name ldaps://other.ldap.server.name" 
  ldap admin dn = uid=bind-account,ou=organization,dc=mydcname1,dc=mydcname2
  ldap suffix = ou=organization,dc=mydcname1,dc=mydcname2
  ldap passwd sync = no
  ldap ssl = no
  ldap timeout = 5
  admin users = @smb-org-administrators
  dns proxy = no
  name resolve order = wins bcast
  server string =
  load printers = no
  unix charset = utf8
  nt acl support = yes
  unix extensions = no
  msdfs root = yes
  max log size = 0
  log level = 2 auth:3
  wins support  = yes
  preferred master = Yes
  local master = Yes
  domain master = Yes
  os level = 233
  domain logons = yes
  time server   = yes
  logon drive  = u:
  logon path   =
  logon home = \\archives\homes
  logon script = %U.bat
  guest account = nobody
  passwd program = /usr/bin/passwd %u
  passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
  lanman auth = yes
  ntlm auth = yes
  client lanman auth = yes
  client ntlmv2 auth = yes
  security = user
  encrypt passwords = true
  guest account = nobody
  kernel oplocks = no
  case sensitive = no
  hide files = /lost+found/
  veto files = /.DS_Store/._.DS_Store/.Trash-*/
  load printers = No
  printing = bsd
  printcap name = /dev/null
  disable spoolss = yes
  socket options = TCP_NODELAY
  vfs objects = full_audit
                full_audit:facility = LOCAL5
                full_audit:priority = NOTICE
                full_audit:prefix = %u|%U|%I|%S
                full_audit:success = mkdir rmdir open pwrite rename unlink
                full_audit:failure = mkdir rmdir open pwrite rename unlink


[netlogon]
  path = /etc/samba/netlogon
  root preexec = /etc/samba/scripts/preset.sh %U
  writeable = no


I believe that previous versions available in GNU/Debian 8 (jessie) are also affected by this behavior. Since it brings a lot of relevant information to the service administration, used since the Samba beginning, I believe that it would be important to evaluate the problem and forward some correction, if possible.

Regards.

-- System Information:
Debian Release: 8.11
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages samba depends on:
ii  adduser                              3.113+nmu3
ii  dpkg                                 1.17.27
ii  libbsd0                              0.7.0-2
ii  libc6                                2.19-18+deb8u10
ii  libhdb9-heimdal [heimdal-hdb-api-8]  1.6~rc2+dfsg-9+deb8u1
ii  libldb1                              2:1.1.20-0+deb8u2
ii  libpam-modules                       1.1.8-3.1+deb8u2+b1
ii  libpam-runtime                       1.1.8-3.1+deb8u2
ii  libpopt0                             1.16-10
ii  libpython2.7                         2.7.9-2+deb8u2
ii  libtalloc2                           2.1.2-0+deb8u1
ii  libtdb1                              1.3.6-0+deb8u1
ii  libtevent0                           0.9.28-0+deb8u1
ii  lsb-base                             4.1+Debian13+nmu1
ii  multiarch-support                    2.19-18+deb8u10
ii  procps                               2:3.3.9-9+deb8u1
ii  python                               2.7.9-1
ii  python-dnspython                     1.12.0-1
ii  python-ntdb                          1.0-5
ii  python-samba                         2:4.2.14+dfsg-0+deb8u12
ii  python2.7                             2.7.9-2+deb8u2
ii  samba-common                         2:4.2.14+dfsg-0+deb8u12
ii  samba-common-bin                     2:4.2.14+dfsg-0+deb8u12
ii  samba-dsdb-modules                   2:4.2.14+dfsg-0+deb8u12
ii  samba-libs                           2:4.2.14+dfsg-0+deb8u12
ii  tdb-tools                            1.3.6-0+deb8u1
ii  update-inetd                         4.43

Versions of packages samba recommends:
ii  attr               1:2.4.47-2
ii  logrotate          3.8.7-1+b1
ii  samba-vfs-modules  2:4.2.14+dfsg-0+deb8u12

Versions of packages samba suggests:
pn  bind9          <none>
pn  bind9utils     <none>
pn  ctdb           <none>
pn  ldb-tools      <none>
pn  ntp            <none>
pn  smbldap-tools  <none>
pn  winbind        <none>

-- no debconf information
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20190502/5669157c/attachment.html>