Description of problem: On RHEL5b2 and stock FC6 using samba-3.0.23c-2 (I also tried 3.0.24-1.fc6) I can cause a crash every time when trying to connect to the following share: [global] workgroup = EXAMPLE netbios name = station10 map archive = yes map system = yes map hidden = yes follow symlinks = no security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd [sales] comment = Sales department files path = /srv/samba/sales guest ok = no read only = yes force create mode = 0660 force directory mode = 2770 force group = sales write list = @sales If I comment out the "write list", no crash. To connect to the share I use: $ smbclient //station10/sales -U guru Password: <thepass> Domain=[STATION10] OS=[Unix] Server=[Samba 3.0.23c-2] tree connect failed: Call returned zero bytes (EOF) $ Here is the log output from Samba: [2007/02/23 13:43:11, 1] smbd/service.c:make_connection_snum(941) station10 (10.100.0.10) connect to service sales initially as user guru (uid=500, gid=503) (pid 3069) [2007/02/23 13:43:12, 1] smbd/service.c:close_cnum(1141) station10 (10.100.0.10) closed connection to service sales [2007/02/23 13:43:23, 0] lib/fault.c:fault_report(41) =============================================================== [2007/02/23 13:43:23, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 3072 (3.0.23c-2) Please read the Trouble-Shooting section of the Samba3-HOWTO [2007/02/23 13:43:23, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2007/02/23 13:43:23, 0] lib/fault.c:fault_report(45) =============================================================== [2007/02/23 13:43:23, 0] lib/util.c:smb_panic(1614) PANIC (pid 3072): internal error [2007/02/23 13:43:23, 0] lib/util.c:log_stack_trace(1721) BACKTRACE: 21 stack frames: #0 smbd(log_stack_trace+0x2d) [0xe0125d] #1 smbd(smb_panic+0x5d) [0xe0138d] #2 smbd [0xdecd7a] #3 [0x53e420] #4 /lib/libc.so.6(strlen+0x33) [0x8822e3] #5 /lib/libc.so.6(__strdup+0x25) [0x882025] #6 /lib/libnsl.so.1(nis_list+0x62f) [0x99ec5f] #7 /lib/libnss_nisplus.so.2(_nss_nisplus_setnetgrent+0x94) [0xa177c4] #8 /lib/libc.so.6(innetgr+0xb6) [0x9003c6] #9 smbd(user_in_netgroup+0x65) [0xc37a65] #10 smbd(token_contains_name_in_list+0x23d) [0xc3a46d] #11 smbd(is_share_read_only_for_token+0x98) [0xc3a768] #12 smbd(change_to_user+0x442) [0xc78eb2] #13 smbd [0xc984a8] #14 smbd(make_connection+0x194) [0xc99914] #15 smbd(reply_tcon_and_X+0x217) [0xc5d1d7] #16 smbd [0xc94a70] #17 smbd(smbd_process+0x7ab) [0xc95b9b] #18 smbd(main+0xbd0) [0xeaf8e0] #19 /lib/libc.so.6(__libc_start_main+0xdc) [0x82bf2c] #20 smbd [0xc1ffb1] [2007/02/23 13:43:23, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd
This seems to be a bug in libnss_nisplus not in samba. To workaround it you can use + instead of @ in the write list, unless you really want to check a NIS netgroup there.
Should be fixed in latest rhel5, this bug seem to be fixed in glibc-2.5-7 and latest rhel5 have 2.5-12