[Bug 1792400] Re: smbd failed in host when both lxd container and host have smbd
Christian Ehrhardt
1792400 at bugs.launchpad.net
Tue Oct 9 12:19:04 UTC 2018
Without any containers it (re-)starts fine:
systemctl restart smbd; sleep 2s; systemctl status smbd
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
Loaded: loaded (/etc/init.d/smbd; bad; vendor preset: enabled)
Active: active (running) since Tue 2018-10-09 11:58:52 UTC; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 8925 ExecStop=/etc/init.d/smbd stop (code=exited, status=0/SUCCESS)
Process: 8932 ExecStart=/etc/init.d/smbd start (code=exited, status=0/SUCCESS)
Tasks: 3
Memory: 21.7M
CPU: 200ms
CGroup: /system.slice/smbd.service
├─8943 /usr/sbin/smbd -D
├─8944 /usr/sbin/smbd -D
└─8947 /usr/sbin/smbd -D
Oct 09 11:58:52 x systemd[1]: Starting LSB: start Samba SMB/CIFS daemon (smbd)...
Oct 09 11:58:52 x smbd[8932]: * Starting SMB/CIFS daemon smbd
Oct 09 11:58:52 x smbd[8932]: ...done.
Oct 09 11:58:52 x systemd[1]: Started LSB: start Samba SMB/CIFS daemon (smbd).
But if I add a container with a smb binary it will fail to restart:
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
Loaded: loaded (/etc/init.d/smbd; bad; vendor preset: enabled)
Active: active (exited) since Tue 2018-10-09 12:02:41 UTC; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 12732 ExecStop=/etc/init.d/smbd stop (code=exited, status=0/SUCCESS)
Process: 12739 ExecStart=/etc/init.d/smbd start (code=exited, status=0/SUCCESS)
Oct 09 12:02:41 x systemd[1]: Starting LSB: start Samba SMB/CIFS daemon (smbd)...
Oct 09 12:02:41 x smbd[12739]: * Starting SMB/CIFS daemon smbd
Oct 09 12:02:41 x smbd[12739]: ...done.
Oct 09 12:02:41 x systemd[1]: Started LSB: start Samba SMB/CIFS daemon (smbd).
This will block (as initially reported) and be non-obvious until one realizes the process from the container is what blocks this.
Installing from proposed
root at x:~# apt install samba
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
libwbclient0 python-samba samba-common samba-common-bin samba-libs
Suggested packages:
bind9 bind9utils ctdb ldb-tools smbldap-tools winbind heimdal-clients
Recommended packages:
samba-dsdb-modules samba-vfs-modules
The following packages will be upgraded:
libwbclient0 python-samba samba samba-common samba-common-bin samba-libs
6 upgraded, 0 newly installed, 0 to remove and 23 not upgraded.
Need to get 7759 kB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 python-samba amd64 2:4.3.11+dfsg-0ubuntu0.16.04.17 [1059 kB]
Get:2 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 samba-common-bin amd64 2:4.3.11+dfsg-0ubuntu0.16.04.17 [506 kB]
Get:3 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 samba-libs amd64 2:4.3.11+dfsg-0ubuntu0.16.04.17 [5172 kB]
Get:4 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 libwbclient0 amd64 2:4.3.11+dfsg-0ubuntu0.16.04.17 [30.3 kB]
Get:5 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 samba amd64 2:4.3.11+dfsg-0ubuntu0.16.04.17 [908 kB]
Get:6 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 samba-common all 2:4.3.11+dfsg-0ubuntu0.16.04.17 [83.7 kB]
Fetched 7759 kB in 1s (5118 kB/s)
Preconfiguring packages ...
(Reading database ... 47300 files and directories currently installed.)
Preparing to unpack .../python-samba_2%3a4.3.11+dfsg-0ubuntu0.16.04.17_amd64.deb ...
Unpacking python-samba (2:4.3.11+dfsg-0ubuntu0.16.04.17) over (2:4.3.11+dfsg-0ubuntu0.16.04.16) ...
Preparing to unpack .../samba-common-bin_2%3a4.3.11+dfsg-0ubuntu0.16.04.17_amd64.deb ...
Unpacking samba-common-bin (2:4.3.11+dfsg-0ubuntu0.16.04.17) over (2:4.3.11+dfsg-0ubuntu0.16.04.16) ...
Preparing to unpack .../samba-libs_2%3a4.3.11+dfsg-0ubuntu0.16.04.17_amd64.deb ...
Unpacking samba-libs:amd64 (2:4.3.11+dfsg-0ubuntu0.16.04.17) over (2:4.3.11+dfsg-0ubuntu0.16.04.16) ...
Preparing to unpack .../libwbclient0_2%3a4.3.11+dfsg-0ubuntu0.16.04.17_amd64.deb ...
Unpacking libwbclient0:amd64 (2:4.3.11+dfsg-0ubuntu0.16.04.17) over (2:4.3.11+dfsg-0ubuntu0.16.04.16) ...
Preparing to unpack .../samba_2%3a4.3.11+dfsg-0ubuntu0.16.04.17_amd64.deb ...
Unpacking samba (2:4.3.11+dfsg-0ubuntu0.16.04.17) over (2:4.3.11+dfsg-0ubuntu0.16.04.16) ...
Preparing to unpack .../samba-common_2%3a4.3.11+dfsg-0ubuntu0.16.04.17_all.deb ...
Unpacking samba-common (2:4.3.11+dfsg-0ubuntu0.16.04.17) over (2:4.3.11+dfsg-0ubuntu0.16.04.16) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.4) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for ufw (0.35-0ubuntu2) ...
Setting up libwbclient0:amd64 (2:4.3.11+dfsg-0ubuntu0.16.04.17) ...
Setting up samba-libs:amd64 (2:4.3.11+dfsg-0ubuntu0.16.04.17) ...
Setting up python-samba (2:4.3.11+dfsg-0ubuntu0.16.04.17) ...
Setting up samba-common (2:4.3.11+dfsg-0ubuntu0.16.04.17) ...
Setting up samba-common-bin (2:4.3.11+dfsg-0ubuntu0.16.04.17) ...
Setting up samba (2:4.3.11+dfsg-0ubuntu0.16.04.17) ...
Installing new version of config file /etc/init.d/nmbd ...
Installing new version of config file /etc/init.d/samba-ad-dc ...
Installing new version of config file /etc/init.d/smbd ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.4) ...
Processing triggers for ureadahead (0.100.0-19) ...
---
Trying to restart again:
# systemctl restart smbd; sleep 2s; systemctl status smbd
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
Loaded: loaded (/etc/init.d/smbd; bad; vendor preset: enabled)
Active: active (running) since Tue 2018-10-09 12:05:11 UTC; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 14092 ExecStop=/etc/init.d/smbd stop (code=exited, status=0/SUCCESS)
Process: 14099 ExecStart=/etc/init.d/smbd start (code=exited, status=0/SUCCESS)
Tasks: 3
Memory: 14.0M
CPU: 196ms
CGroup: /system.slice/smbd.service
├─14110 /usr/sbin/smbd -D
├─14111 /usr/sbin/smbd -D
└─14114 /usr/sbin/smbd -D
Oct 09 12:05:11 x systemd[1]: Starting LSB: start Samba SMB/CIFS daemon (smbd)...
Oct 09 12:05:11 x smbd[14099]: * Starting SMB/CIFS daemon smbd
Oct 09 12:05:11 x smbd[14099]: ...done.
Oct 09 12:05:11 x systemd[1]: Started LSB: start Samba SMB/CIFS daemon (smbd).
---
Starting a background process
md5sum /dev/urandom &
[1] 15863
# ps axlf | grep -e md5 -e smbd
0 0 15863 6310 20 0 7720 660 - R ? 1:43 \_ md5sum /dev/urandom
0 0 15919 6310 20 0 14620 984 pipe_w S+ ? 0:00 \_ grep --color=auto -e md5 -e smbd
5 0 15855 1 20 0 336632 16104 poll_s Ss ? 0:00 /usr/sbin/smbd -D
1 0 15857 15855 20 0 328524 4460 poll_s S ? 0:00 \_ /usr/sbin/smbd -D
1 0 15859 15855 20 0 336632 6312 poll_s S ? 0:00 \_ /usr/sbin/smbd -D
put the pid 15863 in /var/run/samba/smbd.pid to "simulate" a stale
pidfile.
# systemctl restart smbd; sleep 2s; systemctl status smbd
[1]+ Terminated md5sum /dev/urandom
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
Loaded: loaded (/etc/init.d/smbd; bad; vendor preset: enabled)
Active: active (running) since Tue 2018-10-09 12:10:00 UTC; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 15923 ExecStop=/etc/init.d/smbd stop (code=exited, status=0/SUCCESS)
Process: 15955 ExecStart=/etc/init.d/smbd start (code=exited, status=0/SUCCESS)
Tasks: 3
Memory: 7.7M
CPU: 138ms
CGroup: /system.slice/smbd.service
├─15855 /usr/sbin/smbd -D
├─15857 /usr/sbin/smbd -D
└─15859 /usr/sbin/smbd -D
Oct 09 12:10:00 x systemd[1]: Starting LSB: start Samba SMB/CIFS daemon (smbd)...
Oct 09 12:10:00 x smbd[15955]: * Starting SMB/CIFS daemon smbd
Oct 09 12:10:00 x smbd[15955]: ...done.
Oct 09 12:10:00 x systemd[1]: Started LSB: start Samba SMB/CIFS daemon (smbd).
The other process was killed AND the intended service not restarted.
After the fix this behaves like this:
ps axlf | grep -e md5 -e smbd
0 0 17341 6310 20 0 7720 764 - R ? 2:04 \_ md5sum /dev/urandom
0 0 17433 6310 20 0 14620 1092 pipe_w S+ ? 0:00 \_ grep --color=auto -e md5 -e smbd
5 0 17427 1 20 0 336632 15820 poll_s Ss ? 0:00 /usr/sbin/smbd -D
1 0 17428 17427 20 0 328524 4376 poll_s S ? 0:00 \_ /usr/sbin/smbd -D
1 0 17430 17427 20 0 336632 6536 poll_s S ? 0:00 \_ /usr/sbin/smbd -D
again putting 17341 into the pidfile to simulate a stale pidfile.
It is no more killing the wrong process by accident now.
---
Both changes working as intended now.
Also none of our tests along found issues with the changes.
Marking verified.
Note: I'd be fine to give this a few extra days in proposed just to be
sure, unless there is a new security update or any such - then lets push
this out before that one.
** Tags removed: verification-needed verification-needed-xenial
** Tags added: verification-done verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1792400
Title:
smbd failed in host when both lxd container and host have smbd
Status in samba package in Ubuntu:
Fix Released
Status in samba source package in Trusty:
Triaged
Status in samba source package in Xenial:
Fix Committed
Bug description:
[Impact]
* Issue: the current init script
* won't start samba related services on the host if there is a process
of the same binary in a container
* might on stop affect a process that it was not intended to stop
* Solution: Fix init scripts to
* start action to have a safer process detection with containers around
* stop action to not affect unintended processes due to stale pidfiles
[Test Case]
* 1. Start a container
* 2. Start samba in the Container (or winbind or nmbd)
* 3. Start samba in the host (or winbind or nmbd)
=> it will not start as such a binary is already running
* #2 and #3 can be switched, and then as 4. restart smbd in the host
=> it will shut down but not re-start
Fixed: The container process should have no influence
This also fixes issues where the pidfile would not be updated
* install and start smbd
* "Simulate" a corrupted pidfile by putting the PID of a different
process in it
* stop the sambd service
=> without the fixes this will drag down the other process you put in
the pidfile
Fixed: a stale pidfile entry should not let non-smbd (or winbind,
nmbd) processes be affected
[Regression Potential]
* We tried to think of all edge cases of these start/stop actions but
didn't come up with one that is broken. Aside from missing one of those
cases there might be non-archive scripts that expect the old behavior.
But even for thse no critical ones came to my mind so far.
Worst case there'd be a combination that leads to the service
no(re-)starting after the SRU - so thinking about potential cases is
important.
[Other Info]
* n/a
---
Setup: install smbd in host and lxd-container.
Now restart smbd in host:
service smbd restart
All is OK.
Problem: nmap shows "closed" on ports 139 and 445. And users cannot use smbd server in host.
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
Loaded: loaded (/etc/init.d/smbd; bad; vendor preset: enabled)
Active: active (exited) since Die 2016-10-18 17:35:23 CEST; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 24218 ExecStop=/etc/init.d/smbd stop (code=exited, status=0/SUCCESS)
Process: 21980 ExecReload=/etc/init.d/smbd reload (code=exited, status=0/SUCCESS)
Process: 25190 ExecStart=/etc/init.d/smbd start (code=exited, status=0/SUCCESS)
Okt 18 17:35:22 speedy systemd[1]: Starting LSB: start Samba SMB/CIFS daemon (smbd)...
Okt 18 17:35:23 speedy smbd[25190]: * Starting SMB/CIFS daemon smbd
Okt 18 17:35:23 speedy smbd[25190]: ...done.
Okt 18 17:35:23 speedy systemd[1]: Started LSB: start Samba SMB/CIFS daemon (smbd).
ps axf | grep smbd:
25356 pts/2 S+ 0:00 | \_ grep --color=auto smbd
19915 ? Ss 0:08 \_ /usr/sbin/smbd -D
19919 ? S 0:00 \_ /usr/sbin/smbd -D
However, netstat -tpln | grep "smbd" returns nothing and also nmap
shows "closed" on ports 139 and 445.
Workaround [1]:
change /etc/init.d/smbd:
if ! start-stop-daemon --start --quiet --oknodo --exec /usr/sbin/smbd -- -D ; then
to
if ! start-stop-daemon --start --quiet --oknodo --pidfile
/var/run/samba/smbd.pid --exec /usr/sbin/smbd -- -D ; then
I reported this to:
https://discuss.linuxcontainers.org/t/samba-in-host-and-container/2523
apt-cache policy samba
samba:
Installed: 2:4.3.11+dfsg-0ubuntu0.16.04.15
Candidate: 2:4.3.11+dfsg-0ubuntu0.16.04.16
Version table:
2:4.3.11+dfsg-0ubuntu0.16.04.16 500
500 http://de.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
*** 2:4.3.11+dfsg-0ubuntu0.16.04.15 500
500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
100 /var/lib/dpkg/status
2:4.3.8+dfsg-0ubuntu1 500
500 http://de.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
1. https://serverfault.com/questions/810544/samba-daemon-does-not-
work-as-systemd-service-but-works-in-foreground
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1792400/+subscriptions
More information about the foundations-bugs
mailing list