[Pkg-samba-maint] Bug#1009855: samba: Panic or segfault
Jan Šín
netadmin at zshloubetin.cz
Tue Apr 19 10:58:24 BST 2022
Package: samba
Version: 2:4.13.13+dfsg-1~deb11u3
Severity: high
Dear Maintainer,
I have two debian servers. The one is SAMBA AD and the second works as
fileserver with user data.
I upgraded samba to these packages on weekend:
libnss-winbind 2:4.13.13+dfsg-1~deb11u3
libpam-winbind 2:4.13.13+dfsg-1~deb11u3
libsmbclient 2:4.13.13+dfsg-1~deb11u3
libwbclient0 2:4.13.13+dfsg-1~deb11u3
python3-samba 2:4.13.13+dfsg-1~deb11u3
samba 2:4.13.13+dfsg-1~deb11u3
samba-common 2:4.13.13+dfsg-1~deb11u3
samba-common-bin 2:4.13.13+dfsg-1~deb11u3
samba-dsdb-modules 2:4.13.13+dfsg-1~deb11u3
samba-libs 2:4.13.13+dfsg-1~deb11u3
samba-vfs-modules 2:4.13.13+dfsg-1~deb11u3
smbclient 2:4.13.13+dfsg-1~deb11u3
winbind 2:4.13.13+dfsg-1~deb11u3
Processes starts to panic very often on fileserver after upgrade. One
example:
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.569350, 0] ../../lib/dbwrap/dbwrap.c:190(dbwrap_lock_order_unlock)
dub 19 11:36:16 fileserver smbd_audit[22624]: dbwrap_lock_order_unlock:
db /run/samba/locking.tdb at order 1 unlocked
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.569427, 0] ../../lib/util/fault.c:159(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]:
===============================================================
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.569460, 0] ../../lib/util/fault.c:160(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]: INTERNAL ERROR: lock
order violation in pid 22624 (4.13.13-Debian)
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.569489, 0] ../../lib/util/fault.c:164(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]: If you are running a
recent Samba version, and if you think this problem is not yet fixed in
the latest versions, please consider reporting this bug, see
https://wiki.samba.org/index.php/Bug_Reporting
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.569518, 0] ../../lib/util/fault.c:169(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]:
===============================================================
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.569543, 0] ../../lib/util/fault.c:170(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]: PANIC (pid 22624): lock
order violation in 4.13.13-Debian
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.569902, 0]
../../source3/locking/share_mode_lock.c:980(share_mode_lock_destructor)
dub 19 11:36:16 fileserver smbd_audit[22618]:
share_mode_lock_destructor: g_lock_unlock failed: NT_STATUS_NOT_FOUND
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.569949, 0] ../../lib/util/fault.c:159(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22618]:
===============================================================
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.569980, 0] ../../lib/util/fault.c:160(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22618]: INTERNAL ERROR: Could
not unlock share mode
dub 19 11:36:16 fileserver smbd_audit[22618]: in pid 22618
(4.13.13-Debian)
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.570016, 0] ../../lib/util/fault.c:274(log_stack_trace)
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.570025, 0] ../../lib/util/fault.c:164(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]: BACKTRACE: 30 stack frames:
dub 19 11:36:16 fileserver smbd_audit[22618]: If you are running a
recent Samba version, and if you think this problem is not yet fixed in
the latest versions, please consider reporting this bug, see
https://wiki.samba.org/index.php/Bug_Reporting
dub 19 11:36:16 fileserver smbd_audit[22624]: #0
/usr/lib/i386-linux-gnu/libsamba-util.so.0(log_stack_trace+0x30)
[0xb7b4e140]
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.570062, 0] ../../lib/util/fault.c:169(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]: #1
/usr/lib/i386-linux-gnu/libsamba-util.so.0(smb_panic_log+0x76) [0xb7b4e296]
dub 19 11:36:16 fileserver smbd_audit[22618]:
===============================================================
dub 19 11:36:16 fileserver smbd_audit[22624]: #2
/usr/lib/i386-linux-gnu/libsamba-util.so.0(smb_panic+0x31) [0xb7b4e431]
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.570099, 0] ../../lib/util/fault.c:170(smb_panic_log)
dub 19 11:36:16 fileserver smbd_audit[22624]: #3
/usr/lib/i386-linux-gnu/samba/libdbwrap.so.0(dbwrap_lock_order_unlock+0xd8)
[0xb75a40f8]
dub 19 11:36:16 fileserver smbd_audit[22618]: PANIC (pid 22618): Could
not unlock share mode
dub 19 11:36:16 fileserver smbd_audit[22618]: in 4.13.13-Debian
dub 19 11:36:16 fileserver smbd_audit[22624]: #4
/usr/lib/i386-linux-gnu/samba/liblibsmb.so.0(g_lock_unlock+0xb5)
[0xb71645c5]
dub 19 11:36:16 fileserver smbd_audit[22624]: #5
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(get_share_mode_lock+0x2be)
[0xb7c418ae]
dub 19 11:36:16 fileserver smbd_audit[22624]: #6
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(get_existing_share_mode_lock+0x36)
[0xb7c35b26]
dub 19 11:36:16 fileserver smbd_audit[22624]: #7
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(+0x20887e) [0xb7dc487e]
dub 19 11:36:16 fileserver smbd_audit[22624]: #8
/usr/lib/i386-linux-gnu/samba/liblibsmb.so.0(+0x3b06e) [0xb716f06e]
dub 19 11:36:16 fileserver smbd_audit[22624]: #9
/usr/lib/i386-linux-gnu/samba/liblibsmb.so.0(+0x3c221) [0xb7170221]
dub 19 11:36:16 fileserver smbd_audit[22624]: #10
/usr/lib/i386-linux-gnu/samba/libmessages-dgm.so.0(+0x587a) [0xb733987a]
dub 19 11:36:16 fileserver smbd_audit[22624]: #11
/usr/lib/i386-linux-gnu/samba/libmessages-dgm.so.0(+0x3a91) [0xb7337a91]
dub 19 11:36:16 fileserver smbd_audit[22624]: #12
/usr/lib/i386-linux-gnu/samba/libmessages-dgm.so.0(+0x3ca8) [0xb7337ca8]
dub 19 11:36:16 fileserver smbd_audit[22624]: #13
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_invoke_fd_handler+0x78)
[0xb77d1878]
dub 19 11:36:16 fileserver smbd_audit[22624]: #14
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xd1e8) [0xb77d81e8]
dub 19 11:36:16 fileserver smbd_audit[22624]: #15
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb1f2) [0xb77d61f2]
dub 19 11:36:16 fileserver smbd_audit[22624]: #16
/usr/lib/i386-linux-gnu/libtevent.so.0(_tevent_loop_once+0x84) [0xb77d0f94]
dub 19 11:36:16 fileserver smbd_audit[22624]: #17
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_loop_wait+0x2a)
[0xb77d121a]
dub 19 11:36:16 fileserver smbd_audit[22624]: #18
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb182) [0xb77d6182]
dub 19 11:36:16 fileserver smbd_audit[22624]: #19
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(smbd_process+0x8e3)
[0xb7d80343]
dub 19 11:36:16 fileserver smbd_audit[22624]: #20
/usr/sbin/smbd(+0xe040) [0x44c040]
dub 19 11:36:16 fileserver smbd_audit[22624]: #21
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_invoke_fd_handler+0x78)
[0xb77d1878]
dub 19 11:36:16 fileserver smbd_audit[22624]: #22
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xd1e8) [0xb77d81e8]
dub 19 11:36:16 fileserver smbd_audit[22624]: #23
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb1f2) [0xb77d61f2]
dub 19 11:36:16 fileserver smbd_audit[22624]: #24
/usr/lib/i386-linux-gnu/libtevent.so.0(_tevent_loop_once+0x84) [0xb77d0f94]
dub 19 11:36:16 fileserver smbd_audit[22624]: #25
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_loop_wait+0x2a)
[0xb77d121a]
dub 19 11:36:16 fileserver smbd_audit[22624]: #26
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb182) [0xb77d6182]
dub 19 11:36:16 fileserver smbd_audit[22624]: #27
/usr/sbin/smbd(main+0x2275) [0x4451c5]
dub 19 11:36:16 fileserver smbd_audit[22624]: #28
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0x106) [0xb75cee46]
dub 19 11:36:16 fileserver smbd_audit[22624]: #29
/usr/sbin/smbd(_start+0x31) [0x4453b1]
dub 19 11:36:16 fileserver smbd_audit[22624]: [2022/04/19
11:36:16.570463, 0] ../../source3/lib/util.c:838(smb_panic_s3)
dub 19 11:36:16 fileserver smbd_audit[22624]: smb_panic(): calling
panic action [/usr/share/samba/panic-action 22624]
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.570674, 0] ../../lib/util/fault.c:274(log_stack_trace)
dub 19 11:36:16 fileserver smbd_audit[22618]: BACKTRACE: 29 stack frames:
dub 19 11:36:16 fileserver smbd_audit[22618]: #0
/usr/lib/i386-linux-gnu/libsamba-util.so.0(log_stack_trace+0x30)
[0xb7b4e140]
dub 19 11:36:16 fileserver smbd_audit[22618]: #1
/usr/lib/i386-linux-gnu/libsamba-util.so.0(smb_panic_log+0x76) [0xb7b4e296]
dub 19 11:36:16 fileserver smbd_audit[22618]: #2
/usr/lib/i386-linux-gnu/libsamba-util.so.0(smb_panic+0x31) [0xb7b4e431]
dub 19 11:36:16 fileserver smbd_audit[22618]: #3
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(+0x83287) [0xb7c3f287]
dub 19 11:36:16 fileserver smbd_audit[22618]: #4
/usr/lib/i386-linux-gnu/libtalloc.so.2(+0x36ec) [0xb77e56ec]
dub 19 11:36:16 fileserver smbd_audit[22618]: #5
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(+0x1a20d0) [0xb7d5e0d0]
dub 19 11:36:16 fileserver smbd_audit[22618]: #6
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(create_file_default+0x35c)
[0xb7d5f5dc]
dub 19 11:36:16 fileserver smbd_audit[22618]: #7
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(+0xbc819) [0xb7c78819]
dub 19 11:36:16 fileserver smbd_audit[22618]: #8
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(smb_vfs_call_create_file+0xf8)
[0xb7d66ca8]
dub 19 11:36:16 fileserver smbd_audit[22618]: #9
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(smbd_smb2_request_process_create+0xcc6)
[0xb7d9d166]
dub 19 11:36:16 fileserver smbd_audit[22618]: #10
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(smbd_smb2_request_dispatch+0xf18)
[0xb7d93508]
dub 19 11:36:16 fileserver smbd_audit[22618]: #11
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(+0x1d807c) [0xb7d9407c]
dub 19 11:36:16 fileserver smbd_audit[22618]: #12
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_invoke_fd_handler+0x78)
[0xb77d1878]
dub 19 11:36:16 fileserver smbd_audit[22618]: #13
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xd1e8) [0xb77d81e8]
dub 19 11:36:16 fileserver smbd_audit[22618]: #14
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb1f2) [0xb77d61f2]
dub 19 11:36:16 fileserver smbd_audit[22618]: #15
/usr/lib/i386-linux-gnu/libtevent.so.0(_tevent_loop_once+0x84) [0xb77d0f94]
dub 19 11:36:16 fileserver smbd_audit[22618]: #16
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_loop_wait+0x2a)
[0xb77d121a]
dub 19 11:36:16 fileserver smbd_audit[22618]: #17
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb182) [0xb77d6182]
dub 19 11:36:16 fileserver smbd_audit[22618]: #18
/usr/lib/i386-linux-gnu/samba/libsmbd-base.so.0(smbd_process+0x8e3)
[0xb7d80343]
dub 19 11:36:16 fileserver smbd_audit[22618]: #19
/usr/sbin/smbd(+0xe040) [0x44c040]
dub 19 11:36:16 fileserver smbd_audit[22618]: #20
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_invoke_fd_handler+0x78)
[0xb77d1878]
dub 19 11:36:16 fileserver smbd_audit[22618]: #21
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xd1e8) [0xb77d81e8]
dub 19 11:36:16 fileserver smbd_audit[22618]: #22
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb1f2) [0xb77d61f2]
dub 19 11:36:16 fileserver smbd_audit[22618]: #23
/usr/lib/i386-linux-gnu/libtevent.so.0(_tevent_loop_once+0x84) [0xb77d0f94]
dub 19 11:36:16 fileserver smbd_audit[22618]: #24
/usr/lib/i386-linux-gnu/libtevent.so.0(tevent_common_loop_wait+0x2a)
[0xb77d121a]
dub 19 11:36:16 fileserver smbd_audit[22618]: #25
/usr/lib/i386-linux-gnu/libtevent.so.0(+0xb182) [0xb77d6182]
dub 19 11:36:16 fileserver smbd_audit[22618]: #26
/usr/sbin/smbd(main+0x2275) [0x4451c5]
dub 19 11:36:16 fileserver smbd_audit[22618]: #27
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0x106) [0xb75cee46]
dub 19 11:36:16 fileserver smbd_audit[22618]: #28
/usr/sbin/smbd(_start+0x31) [0x4453b1]
dub 19 11:36:16 fileserver smbd_audit[22618]: [2022/04/19
11:36:16.571049, 0] ../../source3/lib/util.c:838(smb_panic_s3)
dub 19 11:36:16 fileserver smbd_audit[22618]: smb_panic(): calling
panic action [/usr/share/samba/panic-action 22618]
dub 19 11:36:17 fileserver smbd_audit[22618]: [2022/04/19
11:36:17.540353, 0] ../../source3/lib/util.c:845(smb_panic_s3)
dub 19 11:36:17 fileserver smbd_audit[22618]: smb_panic(): action
returned status 0
dub 19 11:36:17 fileserver smbd_audit[22618]: [2022/04/19
11:36:17.540437, 0] ../../source3/lib/dumpcore.c:315(dump_core)
dub 19 11:36:17 fileserver smbd_audit[22618]: dumping core in
/var/log/samba/cores/smbd
dub 19 11:36:17 fileserver smbd_audit[22618]:
dub 19 11:36:17 fileserver smbd_audit[22624]: [2022/04/19
11:36:17.541866, 0] ../../source3/lib/util.c:845(smb_panic_s3)
dub 19 11:36:17 fileserver smbd_audit[22624]: smb_panic(): action
returned status 0
dub 19 11:36:17 fileserver smbd_audit[22624]: [2022/04/19
11:36:17.541940, 0] ../../source3/lib/dumpcore.c:315(dump_core)
dub 19 11:36:17 fileserver smbd_audit[22624]: dumping core in
/var/log/samba/cores/smbd
Due to massive process killing (panic action) it is very slow to get to
shares and work with them. I have 5-9 panic mail per minute :-(
I already try to stop samba, delete all *.tdb files from /run/samba.
After samba start they succesfully created again. But it not helping.
I added part :
oplocks = False
level2 oplocks = False
to some shares and it helped. These shares works as fast as usual but
processes are still panicing.
Due to this server is virtualized, I move it to another physical server
to test HW problem. Still panic action. So not HW problem.
I founded similar problem on
https://forums.debian.net/viewtopic.php?f=10&t=151765 but there is no
solution.
Do you have any advise what to do?
I really appreciate your help.
-- Package-specific info:
* /etc/samba/smb.conf present, and attached
* /var/lib/samba/dhcp.conf not present
-- System Information:
Debian Release: 11.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable')
Architecture: i386 (i686)
Kernel: Linux 5.10.0-13-686-pae (SMP w/4 CPU threads)
Locale: LANG=cs_CZ.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages samba depends on:
ii adduser 3.118
ii dpkg 1.20.9
ii init-system-helpers 1.60
ii libbsd0 0.11.3-1
ii libc6 2.31-13+deb11u3
ii libgnutls30 3.7.1-5
ii libldb2 2:2.2.3-2~deb11u1
ii libpam-modules 1.4.0-9+deb11u1
ii libpam-runtime 1.4.0-9+deb11u1
ii libpopt0 1.18-2
ii libpython3.9 3.9.2-1
ii libtalloc2 2.3.1-2+b1
ii libtasn1-6 4.16.0-2
ii libtdb1 1.4.3-1+b1
ii libtevent0 0.10.2-1
ii libwbclient0 2:4.13.13+dfsg-1~deb11u3
ii lsb-base 11.1.0
ii procps 2:3.3.17-5
ii python3 3.9.2-3
ii python3-dnspython 2.0.0-1
ii python3-samba 2:4.13.13+dfsg-1~deb11u3
ii samba-common 2:4.13.13+dfsg-1~deb11u3
ii samba-common-bin 2:4.13.13+dfsg-1~deb11u3
ii samba-libs 2:4.13.13+dfsg-1~deb11u3
ii tdb-tools 1.4.3-1+b1
Versions of packages samba recommends:
ii attr 1:2.4.48-6
ii logrotate 3.18.0-2
ii python3-markdown 3.3.4-1
ii samba-dsdb-modules 2:4.13.13+dfsg-1~deb11u3
ii samba-vfs-modules 2:4.13.13+dfsg-1~deb11u3
Versions of packages samba suggests:
pn bind9 <none>
pn bind9utils <none>
pn ctdb <none>
pn ldb-tools <none>
ii ntp 1:4.2.8p15+dfsg-1
ii smbldap-tools 0.9.11-2
pn ufw <none>
ii winbind 2:4.13.13+dfsg-1~deb11u3
-- debconf information:
samba-common/title:
samba/run_mode: daemons
samba/generate_smbpasswd: true
-------------- next part --------------
#======================= Global Settings =======================
[global]
security = ADS
workgroup = ZSHLOUBETIN
realm = ZSHLOUBETIN.ZSHLOUBETIN.CZ
netbios name = FILESERVER
# local master = yes
# preferred master = yes
# domain master = yes
# idmap_ldb:use rfc2307 = yes
#### Debugging/Accounting ####
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
log level = 1
# Cap the size of the individual log files (in KiB).
max log size = 50000
# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
# syslog only = no
# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
# syslog = 0
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
#socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072 SO_KEEPALIVE
time server = Yes
Dos charset = 852
Unix charset = UTF-8
preserve case = Yes
short preserve case = Yes
case sensitive = no
map acl inherit = Yes
hide unreadable = Yes
nt acl support = yes
store dos attributes = yes
unix extensions = no
# The following parameter is useful only if you have the linpopup package
# installed. The samba maintainer and the linpopup maintainer are
# working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash
# Important: The ranges of the default (*) idmap config
# and the domain(s) must not overlap!
# Default idmap config used for BUILTIN and local windows accounts/groups
idmap config *:backend = tdb
idmap config *:range = 70001-80000
# idmap config for domain
idmap config ZSHLOUBETIN:backend = ad
idmap config ZSHLOUBETIN:schema_mode = rfc2307
#idmap config ZSHLOUBETIN:range = 90000-9999999
idmap config ZSHLOUBETIN:range = 200-60000
idmap config ZSHLOUBETIN:unix_nss_info = yes
# Use settings from AD for login shell and home directory
#winbind nss info = rfc2307
#winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = yes
winbind offline logon = yes
template homedir = /home/%U
#template shell = /bin/bash
# nechceme tisknout
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
hostname lookups = Yes
usershare path=
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
# By default, the home directories are exported read-only. Change the
# next parameter to 'no' if you want to be able to write to them.
read only = no
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0700
# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.
# The following parameter makes sure that only "username" can connect
# to \\server\username
# This might need tweaking when using external authentication schemes
valid users = %S
hide files = /desktop.ini/$RECYCLE.BIN/
follow symlinks = yes
wide links = yes
# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
[netlogon]
comment = Network Logon Service
path = /home/group/netlogon
guest ok = yes
read only = yes
browseable = no
# Un-comment the following and create the profiles directory to store
# users profiles (see the "logon path" option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
[profiles]
comment = Users profiles
path = /home/%U/profiles
guest ok = no
browseable = no
create mask = 0600
directory mask = 0700
follow symlinks = yes
wide links = yes
;[printers]
; comment = All Printers
; browseable = no
; path = /var/spool/samba
; printable = yes
; guest ok = no
; read only = yes
; create mask = 0700
# Windows clients look for this share name as a source of downloadable
# printer drivers
;[print$]
; comment = Printer Drivers
; path = /var/lib/samba/printers
; browseable = yes
; read only = yes
; guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# You may need to replace 'lpadmin' with the name of the group your
# admin users are members of.
# Please note that you also need to set appropriate Unix permissions
# to the drivers directory for these users to have write rights in it
; write list = root, @lpadmin
# A sample share for sharing your CD-ROM with others.
;[cdrom]
; comment = Samba server's CD-ROM
; read only = yes
; locking = no
; path = /cdrom
; guest ok = yes
# The next two parameters show how to auto-mount a CD-ROM when the
# cdrom share is accesed. For this to work /etc/fstab must contain
# an entry like this:
#
# /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
#
# The CD-ROM gets unmounted automatically after the connection to the
#
# If you don't want to use auto-mounting/unmounting make sure the CD
# is mounted on /cdrom
#
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom
[public]
comment = Public Stuff
path = /home/group/public
valid users = @ucitele
write list = @ucitele administrator
force create mode = 0666
force directory mode = 0777
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
[install]
comment = Instalacky
path = /home/group/install
public = yes
writeable = yes
printable = no
write list = @Administrators
force create mode = 0665
force directory mode = 0775
[ucitele]
comment = Ucitele
path = /home/group/ucitele
public = yes
writeable = yes
printable = no
; write list = @ucitele
force create mode = 0660
force directory mode = 0770
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
[vyuka_soft]
comment = Vyukovy Software
path = /home/group/vyuka_soft
writeable = yes
printable = no
force create mode = 0640
force directory mode = 0750
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
[vyuka_data]
comment = Vyuka Data
path = /home/group/vyuka_data
writeable = yes
printable = no
force create mode = 0660
force directory mode = 0770
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
[management]
comment = Vedeni Skoly
path = /home/group/management
writeable = yes
printable = no
force create mode = 0660
force directory mode = 0770
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
[ucto]
comment = ucetnictvi a veci okolo
path = /home/group/ucto
writeable = yes
printable = no
force create mode = 0660
force directory mode = 0770
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
[bakalari]
comment = Bakalari
path = /home/group/bakalari
writeable = yes
printable = no
valid users = @bakalari @ucitele
force create mode = 0770
force directory mode = 0770
force group = bakalari
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
oplocks = False
level2 oplocks = False
[jidelna]
comment = Jidelna
path = /home/group/jidelna
writeable = yes
printable = no
force create mode = 0660
force directory mode = 0770
force group = jidelna
valid users = @jidelna
write list = @jidelna
; recycler
vfs object = recycle full_audit
recycle:repository = .deleted/%U
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = No
recycle:maxsize = 100000000
recycle:exclude = *.tmp,*.temp
; audit
full_audit:failure = connect disconnect open pwrite mkdirat unlinkat fstat
full_audit:success = mkdirat renameat unlinkat open pwrite connect disconnect
full_audit:prefix = %u|%I|%m|%S
full_audit:facility = LOCAL7
full_audit:priority = NOTICE
oplocks = False
level2 oplocks = False
[userdata]
comment = data uzivatelu
path = /home/
read only = no
browseable = no
More information about the Pkg-samba-maint
mailing list