Bug 462541 - Samba crashes when mounting home shares
Samba crashes when mounting home shares
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: samba (Show other bugs)
9
All Linux
medium Severity high
: ---
: ---
Assigned To: Simo Sorce
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-09-16 19:58 EDT by Mike Harris
Modified: 2008-10-17 13:26 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-17 13:26:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
[global] section of smb.conf (869 bytes, application/octet-stream)
2008-09-17 13:50 EDT, Mike Harris
no flags Details
smb-local.conf, included by smb.conf (622 bytes, application/octet-stream)
2008-09-17 13:51 EDT, Mike Harris
no flags Details

  None (edit)
Description Mike Harris 2008-09-16 19:58:29 EDT
Description of problem:
Samba crashes when mounting home shares.

Version-Release number of selected component (if applicable):
samba-3.2.3-0.20.fc9.i386

How reproducible:
Quite.

Steps to Reproduce:
1. Attempt to mount any home share, with any user.
  
Actual results:
Samba crashes.

Expected results:
Samba shouldn't crash.

Additional info:
Relevant section in smb.conf:
[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   valid users = %S
   create mode = 0664
   directory mode = 0775


Log messages after the crash:
(trying as anonymous user)
*** glibc detected *** smbd: free(): invalid pointer: 0xb840c1d0 ***
======= Backtrace: =========
/lib/libc.so.6[0x41c874]
/lib/libc.so.6(cfree+0x96)[0x41e8d6]
smbd(str_list_substitute+0x13c)[0xb7d68e7c]
smbd[0xb7b604d6]
smbd(authorise_login+0xca)[0xb7b606aa]
smbd[0xb7bcd17b]
smbd(make_connection+0x26c)[0xb7bce13c]
smbd(reply_tcon_and_X+0x21b)[0xb7b8429b]
smbd[0xb7bc7527]
smbd(smbd_process+0x2b2)[0xb7bc9b12]
smbd(main+0x1052)[0xb7fb5542]
/lib/libc.so.6(__libc_start_main+0xe6)[0x3c55d6]
smbd[0xb7b44931]
======= Memory map: ========
00110000-0012c000 r-xp 00000000 08:07 58516      /lib/ld-2.8.so
0012c000-0012d000 r--p 0001c000 08:07 58516      /lib/ld-2.8.so
0012d000-0012e000 rw-p 0001d000 08:07 58516      /lib/ld-2.8.so
0012e000-0012f000 r-xp 0012e000 00:00 0          [vdso]
0012f000-0016f000 r-xp 00000000 08:05 70056      /usr/lib/libldap-2.4.so.2.0.6
0016f000-00171000 rw-p 0003f000 08:05 70056      /usr/lib/libldap-2.4.so.2.0.6
00171000-0017f000 r-xp 00000000 08:05 69966      /usr/lib/liblber-2.4.so.2.0.6
0017f000-00180000 rw-p 0000d000 08:05 69966      /usr/lib/liblber-2.4.so.2.0.6
00180000-001ad000 r-xp 00000000 08:05 66236      /usr/lib/libgssapi_krb5.so.2.2
001ad000-001ae000 rw-p 0002d000 08:05 66236      /usr/lib/libgssapi_krb5.so.2.2
001ae000-0024b000 r-xp 00000000 08:05 65988      /usr/lib/libkrb5.so.3.3
0024b000-0024e000 rw-p 0009c000 08:05 65988      /usr/lib/libkrb5.so.3.3
0024e000-00272000 r-xp 00000000 08:05 66269      /usr/lib/libk5crypto.so.3.1
00272000-00273000 rw-p 00024000 08:05 66269      /usr/lib/libk5crypto.so.3.1
00273000-00275000 r-xp 00000000 08:07 58669      /lib/libcom_err.so.2.1
00275000-00276000 rw-p 00001000 08:07 58669      /lib/libcom_err.so.2.1
00276000-002ad000 r-xp 00000000 08:05 69156      /usr/lib/libcups.so.2
002ad000-002af000 rw-p 00037000 08:05 69156      /usr/lib/libcups.so.2
002af000-002c2000 r-xp 00000000 08:07 66312      /lib/libz.so.1.2.3
002c2000-002c3000 rw-p 00012000 08:07 66312      /lib/libz.so.1.2.3
002c3000-002d8000 r-xp 00000000 08:07 66361      /lib/libpthread-2.8.so
002d8000-002d9000 r--p 00014000 08:07 66361      /lib/libpthread-2.8.so
002d9000-002da000 rw-p 00015000 08:07 66361      /lib/libpthread-2.8.so
002da000-002dc000 rw-p 002da000 00:00 0
002dc000-00303000 r-xp 00000000 08:07 66333      /lib/libm-2.8.so
00303000-00304000 r--p 00026000 08:07 66333      /lib/libm-2.8.so
00304000-00305000 rw-p 00027000 08:07 66333      /lib/libm-2.8.so
00305000-0030e000 r-xp 00000000 08:07 66222      /lib/libcrypt-2.8.so
0030e000-0030f000 r--p 00009000 08:07 66222      /lib/libcrypt-2.8.so
0030f000-00310000 rw-p 0000a000 08:07 66222      /lib/libcrypt-2.8.so
00310000-00337000 rw-p 00310000 00:00 0
00337000-00342000 r-xp 00000000 08:07 58525      /lib/libpam.so.0.81.12
00342000-00343000 rw-p 0000a000 08:07 58525      /lib/libpam.so.0.81.12
00343000-0034a000 r-xp 00000000 08:07 66352      /lib/libacl.so.1.1.0
0034a000-0034b000 rw-p 00006000 08:07 66352      /lib/libacl.so.1.1.0
0034b000-0034f000 r-xp 00000000 08:07 66351      /lib/libattr.so.1.1.0
0034f000-00350000 rw-p 00003000 08:07 66351      /lib/libattr.so.1.1.0
00350000-00361000 r-xp 00000000 08:07 66363      /lib/libresolv-2.8.so
00361000-00362000 r--p 00010000 08:07 66363      /lib/libresolv-2.8.so
00362000-00363000 rw-p 00011000 08:07 66363      /lib/libresolv-2.8.so
00363000-00365000 rw-p 00363000 00:00 0
00365000-0037b000 r-xp 00000000 08:07 66336      /lib/libnsl-2.8.so
0037b000-0037c000 r--p 00015000 08:07 66336      /lib/libnsl-2.8.so
0037c000-0037d000 rw-p 00016000 08:07 66336      /lib/libnsl-2.8.so
0037d000-0037f000 rw-p 0037d000 00:00 0
0037f000-00382000 r-xp 00000000 08:07 66232      /lib/libdl-2.8.so
00382000-00383000 r--p 00002000 08:07 66232      /lib/libdl-2.8.so
00383000-00384000 rw-p 00003000 08:07 66232      /lib/libdl-2.8.so
00384000-0038c000 r-xp 00000000 08:07 66334      /lib/libpopt.so.0.0.0
0038c000-0038d000 rw-p 00007000 08:07 66334      /lib/libpopt.so.0.0.0
0038d000-00394000 r-xp 00000000 08:05 69153      /usr/lib/libtalloc.so.1
00394000-00395000 r--p 00006000 08:05 69153      /usr/lib/libtalloc.so.1
00395000-00396000 rw-p 00007000 08:05 69153      /usr/lib/libtalloc.so.1
00396000-003a3000 r-xp 00000000 08:05 70493      /usr/lib/libtdb.so.1
003a3000-003a4000 r--p 0000c000 08:05 70493      /usr/lib/libtdb.so.1
003a4000-003a5000 rw-p 0000d000 08:05 70493      /usr/lib/libtdb.so.1
003a5000-003ad000 r-xp 00000000 08:05 64930      /usr/lib/libwbclient.so.0
003ad000-003ae000 r--p 00007000 08:05 64930      /usr/lib/libwbclient.so.0
003ae000-003af000 rw-p 00008000 08:05 64930      /usr/lib/libwbclient.so.0
003af000-00512000 r-xp 00000000 08:07 66172      /lib/libc-2.8.so
00512000-00514000 r--p 00163000 08:07 66172      /lib/libc-2.8.so
00514000-00515000 rw-p 00165000 08:07 66172      /lib/libc-2.8.so
00515000-00518000 rw-p 00515000 00:00 0
00518000-00530000 r-xp 00000000 08:05 69084      /usr/lib/libsasl2.so.2.0.22
00530000-00531000 rw-p 00017000 08:05 69084      /usr/lib/libsasl2.so.2.0.22
00531000-00578000 r-xp 00000000 08:07 66372      /lib/libssl.so.0.9.8g
00578000-0057c000 rw-p 00046000 08:07 66372      /lib/libssl.so.0.9.8g
0057c000-006b3000 r-xp 00000000 08:07 58655      /lib/libcrypto.so.0.9.8g
006b3000-006c7000 rw-p 00136000 08:07 58655      /lib/libcrypto.so.0.9.8g
006c7000-006ca000 rw-p 006c7000 00:00 0
006ca000-006d2000 r-xp 00000000 08:05 66456      /usr/lib/libkrb5support.so.0.1
006d2000-006d3000 rw-p 00007000 08:05 66456      /usr/lib/libkrb5support.so.0.1
006d3000-006d5000 r-xp 00000000 08:07 58564      /lib/libkeyutils-1.2.so
006d5000-006d6000 rw-p 00001000 08:07 58564      /lib/libkeyutils-1.2.so
006d6000-0074e000 r-xp 00000000 08:05 68663      /usr/lib/libgnutls.so.13.9.1
0074e000-00754000 rw-p 00077000 08:05 68663      /usr/lib/libgnutls.so.13.9.1
00754000-0076c000 r-xp 00000000 08:07 58675      /lib/libaudit.so.0.0.0
0076c000-0076d000 r--p 00017000 08:07 58675      /lib/libaudit.so.0.0.0
0076d000-0076e000 rw-p 00018000 08:07 58675      /lib/libaudit.so.0.0.0
0076e000-00788000 r-xp 00000000 08:07 66381      /lib/libselinux.so.1
00788000-00789000 r--p 00019000 08:07 66381      /lib/libselinux.so.1
00789000-0078a000 rw-p 0001a000 08:07 66381      /lib/libselinux.so.1
0078a000-0079a000 r-xp 00000000 08:05 69989      /usr/lib/libtasn1.so.3.0.14
0079a000-0079b000 rw-p 00010000 08:05 69989      /usr/lib/libtasn1.so.3.0.14
0079b000-00808000 r-xp 00000000 08:07 66401      /lib/libgcrypt.so.11.4.3
00808000-0080a000 rw-p 0006c000 08:07 66401      /lib/libgcrypt.so.11.4.3
0080a000-0080d000 r-xp 00000000 08:07 66394      /lib/libgpg-error.so.0.4.0
0080d000-0080e000 rw-p 00002000 08:07 66394      /lib/libgpg-error.so.0.4.0
0080e000-00816000 r-xp 00000000 08:07 66366      /lib/librt-2.8.so
00816000-00817000 r--p 00007000 08:07 66366      /lib/librt-2.8.so
00817000-00818000 rw-p 00008000 08:07 66366      /lib/librt-2.8.so
00818000-0081a000 r-xp 00000000 08:05 1184562    /usr/lib/gconv/UTF-16.so
0081a000-0081b000 r--p 00001000 08:05 1184562    /usr/lib/gconv/UTF-16.so
0081b000-0081c000 rw-p 00002000 08:05 1184562    /usr/lib/gconv/UTF-16.so
0081c000-0081e000 r-xp 00000000 08:05 1185152    /usr/lib/gconv/IBM850.so
0081e000-0081f000 r--p 00001000 08:05 1185152    /usr/lib/gconv/IBM850.so
0081f000-00820000 rw-p 00002000 08:05 1185152    /usr/lib/gconv/IBM850.so
00820000-0082a000 r-xp 00000000 08:07 66354      /lib/libnss_files-2.8.so
0082a000-0082b000 r--p 0000a000 08:07 66354      /lib/libnss_files-2.8.so
0082b000-0082c000 rw-p 0000b000 08:07 66354      /lib/libnss_files-2.8.so
0082c000-00839000 r-xp 00000000 08:07 66163      /lib/libgcc_s-4.3.0-20080428.so.1
00839000-0083a000 rw-p 0000c000 08:07 66163      /lib/libgcc_s-4.3.0-20080428.so.1
b7700000-b7721000 rw-p b7700000 00:00 0
b7721000-b7800000 ---p b7721000 00:00 0
b7838000-b784e000 rw-s 00000000 08:09 778756     /var/lib/samba/connections.tdb
b784e000-b7861000 rw-s 00000000 08:09 32453      /var/lib/samba/group_mapping.ldb
b7861000-b7863000 rw-s 00000000 08:09 778770     /var/lib/samba/account_policy.tdb
b7863000-b7865000 rw-s 00000000 08:09 778763     /var/lib/samba/ntprinters.tdb
b7865000-b7867000 rw-s 00000000 08:09 778762     /var/lib/samba/ntdrivers.tdb
b7867000-b7868000 rw-s 00000000 08:09 778771     /var/lib/samba/gencache.tdb
b7868000-b7872000 rw-s 00000000 08:09 778760     /var/lib/samba/locking.tdb
b7872000-b787c000 rw-s 00000000 08:09 778759     /var/lib/samba/brlock.tdb
b787c000-b787d000 rw-s 00000000 08:09 778764     /var/lib/samba/ntforms.tdb
b787d000-b788d000 r--s 00000000 08:05 633279     /usr/lib/samba/valid.dat
b788d000-b7a8d000 r--p 00000000 08:05 196233     /usr/lib/locale/locale-archive
b7a8d000-b7aad000 r--s 00000000 08:05 632841     /usr/lib/samba/lowcase.dat
b7aad000-b7acd000 r--s 00000000 08:05 633274     /usr/lib/samba/upcase.dat
b7acd000-b7ad6000 rw-p b7acd000 00:00 0
b7ad6000-b7ad7000 rw-s 00000000 08:09 778766     /var/lib/samba/sessionid.tdb
b7ad7000-b7ad8000 rw-s 00000000 08:09 778755     /var/lib/samba/messages.tdb
b7ad8000-b7ada000 rw-s 00000000 08:09 32679      /var/lib/samba/private/secrets.tdb
b7ada000-b7ae1000 r--s 00000000 08:05 1185517    /usr/lib/gconv/gconv-modules.cache
b7ae1000-b80d8000 r-xp 00000000 08:05 130228     /usr/sbin/smbd
b80d8000-b80e1000 r--p 005f6000 08:05 130228     /usr/sbin/smbd
b80e1000-b80e9000 rw-p 005ff000 08:05 130228     /usr/sbin/smbd
b80e9000-b80eb000 rw-p b80e9000 00:00 0
b83b7000-b8487000 rw-p b83b7000 00:00 0          [heap]
bfbc2000-bfbd7000 rw-p bffeb000 00:00 0          [stack]
Comment 1 Guenther Deschner 2008-09-17 06:08:36 EDT
Ok, I assume you are using security=share, correct ?

Can you please also paste relevant parts of your [global] section in smb.conf ?
Comment 2 Mike Harris 2008-09-17 13:50:25 EDT
Created attachment 316994 [details]
[global] section of smb.conf

Here's the [global] section of smb.conf.

It includes another file, attached next.
Comment 3 Mike Harris 2008-09-17 13:51:30 EDT
Created attachment 316995 [details]
smb-local.conf, included by smb.conf

Only 2 users have extra settings here. Users without sections here also crash samba.
Comment 4 Mike Harris 2008-09-29 18:47:18 EDT
Any new updates on this bug?
Comment 5 Mike Harris 2008-10-17 13:26:20 EDT
This seems to be fixed in samba-3.2.4-0.21.fc9.i386.

Note You need to log in before you can comment on or make changes to this bug.