Description of problem: Samba crashes when mounting home shares. Version-Release number of selected component (if applicable): samba-3.2.3-0.20.fc9.i386 How reproducible: Quite. Steps to Reproduce: 1. Attempt to mount any home share, with any user. Actual results: Samba crashes. Expected results: Samba shouldn't crash. Additional info: Relevant section in smb.conf: [homes] comment = Home Directories browseable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 Log messages after the crash: (trying as anonymous user) *** glibc detected *** smbd: free(): invalid pointer: 0xb840c1d0 *** ======= Backtrace: ========= /lib/libc.so.6[0x41c874] /lib/libc.so.6(cfree+0x96)[0x41e8d6] smbd(str_list_substitute+0x13c)[0xb7d68e7c] smbd[0xb7b604d6] smbd(authorise_login+0xca)[0xb7b606aa] smbd[0xb7bcd17b] smbd(make_connection+0x26c)[0xb7bce13c] smbd(reply_tcon_and_X+0x21b)[0xb7b8429b] smbd[0xb7bc7527] smbd(smbd_process+0x2b2)[0xb7bc9b12] smbd(main+0x1052)[0xb7fb5542] /lib/libc.so.6(__libc_start_main+0xe6)[0x3c55d6] smbd[0xb7b44931] ======= Memory map: ======== 00110000-0012c000 r-xp 00000000 08:07 58516 /lib/ld-2.8.so 0012c000-0012d000 r--p 0001c000 08:07 58516 /lib/ld-2.8.so 0012d000-0012e000 rw-p 0001d000 08:07 58516 /lib/ld-2.8.so 0012e000-0012f000 r-xp 0012e000 00:00 0 [vdso] 0012f000-0016f000 r-xp 00000000 08:05 70056 /usr/lib/libldap-2.4.so.2.0.6 0016f000-00171000 rw-p 0003f000 08:05 70056 /usr/lib/libldap-2.4.so.2.0.6 00171000-0017f000 r-xp 00000000 08:05 69966 /usr/lib/liblber-2.4.so.2.0.6 0017f000-00180000 rw-p 0000d000 08:05 69966 /usr/lib/liblber-2.4.so.2.0.6 00180000-001ad000 r-xp 00000000 08:05 66236 /usr/lib/libgssapi_krb5.so.2.2 001ad000-001ae000 rw-p 0002d000 08:05 66236 /usr/lib/libgssapi_krb5.so.2.2 001ae000-0024b000 r-xp 00000000 08:05 65988 /usr/lib/libkrb5.so.3.3 0024b000-0024e000 rw-p 0009c000 08:05 65988 /usr/lib/libkrb5.so.3.3 0024e000-00272000 r-xp 00000000 08:05 66269 /usr/lib/libk5crypto.so.3.1 00272000-00273000 rw-p 00024000 08:05 66269 /usr/lib/libk5crypto.so.3.1 00273000-00275000 r-xp 00000000 08:07 58669 /lib/libcom_err.so.2.1 00275000-00276000 rw-p 00001000 08:07 58669 /lib/libcom_err.so.2.1 00276000-002ad000 r-xp 00000000 08:05 69156 /usr/lib/libcups.so.2 002ad000-002af000 rw-p 00037000 08:05 69156 /usr/lib/libcups.so.2 002af000-002c2000 r-xp 00000000 08:07 66312 /lib/libz.so.1.2.3 002c2000-002c3000 rw-p 00012000 08:07 66312 /lib/libz.so.1.2.3 002c3000-002d8000 r-xp 00000000 08:07 66361 /lib/libpthread-2.8.so 002d8000-002d9000 r--p 00014000 08:07 66361 /lib/libpthread-2.8.so 002d9000-002da000 rw-p 00015000 08:07 66361 /lib/libpthread-2.8.so 002da000-002dc000 rw-p 002da000 00:00 0 002dc000-00303000 r-xp 00000000 08:07 66333 /lib/libm-2.8.so 00303000-00304000 r--p 00026000 08:07 66333 /lib/libm-2.8.so 00304000-00305000 rw-p 00027000 08:07 66333 /lib/libm-2.8.so 00305000-0030e000 r-xp 00000000 08:07 66222 /lib/libcrypt-2.8.so 0030e000-0030f000 r--p 00009000 08:07 66222 /lib/libcrypt-2.8.so 0030f000-00310000 rw-p 0000a000 08:07 66222 /lib/libcrypt-2.8.so 00310000-00337000 rw-p 00310000 00:00 0 00337000-00342000 r-xp 00000000 08:07 58525 /lib/libpam.so.0.81.12 00342000-00343000 rw-p 0000a000 08:07 58525 /lib/libpam.so.0.81.12 00343000-0034a000 r-xp 00000000 08:07 66352 /lib/libacl.so.1.1.0 0034a000-0034b000 rw-p 00006000 08:07 66352 /lib/libacl.so.1.1.0 0034b000-0034f000 r-xp 00000000 08:07 66351 /lib/libattr.so.1.1.0 0034f000-00350000 rw-p 00003000 08:07 66351 /lib/libattr.so.1.1.0 00350000-00361000 r-xp 00000000 08:07 66363 /lib/libresolv-2.8.so 00361000-00362000 r--p 00010000 08:07 66363 /lib/libresolv-2.8.so 00362000-00363000 rw-p 00011000 08:07 66363 /lib/libresolv-2.8.so 00363000-00365000 rw-p 00363000 00:00 0 00365000-0037b000 r-xp 00000000 08:07 66336 /lib/libnsl-2.8.so 0037b000-0037c000 r--p 00015000 08:07 66336 /lib/libnsl-2.8.so 0037c000-0037d000 rw-p 00016000 08:07 66336 /lib/libnsl-2.8.so 0037d000-0037f000 rw-p 0037d000 00:00 0 0037f000-00382000 r-xp 00000000 08:07 66232 /lib/libdl-2.8.so 00382000-00383000 r--p 00002000 08:07 66232 /lib/libdl-2.8.so 00383000-00384000 rw-p 00003000 08:07 66232 /lib/libdl-2.8.so 00384000-0038c000 r-xp 00000000 08:07 66334 /lib/libpopt.so.0.0.0 0038c000-0038d000 rw-p 00007000 08:07 66334 /lib/libpopt.so.0.0.0 0038d000-00394000 r-xp 00000000 08:05 69153 /usr/lib/libtalloc.so.1 00394000-00395000 r--p 00006000 08:05 69153 /usr/lib/libtalloc.so.1 00395000-00396000 rw-p 00007000 08:05 69153 /usr/lib/libtalloc.so.1 00396000-003a3000 r-xp 00000000 08:05 70493 /usr/lib/libtdb.so.1 003a3000-003a4000 r--p 0000c000 08:05 70493 /usr/lib/libtdb.so.1 003a4000-003a5000 rw-p 0000d000 08:05 70493 /usr/lib/libtdb.so.1 003a5000-003ad000 r-xp 00000000 08:05 64930 /usr/lib/libwbclient.so.0 003ad000-003ae000 r--p 00007000 08:05 64930 /usr/lib/libwbclient.so.0 003ae000-003af000 rw-p 00008000 08:05 64930 /usr/lib/libwbclient.so.0 003af000-00512000 r-xp 00000000 08:07 66172 /lib/libc-2.8.so 00512000-00514000 r--p 00163000 08:07 66172 /lib/libc-2.8.so 00514000-00515000 rw-p 00165000 08:07 66172 /lib/libc-2.8.so 00515000-00518000 rw-p 00515000 00:00 0 00518000-00530000 r-xp 00000000 08:05 69084 /usr/lib/libsasl2.so.2.0.22 00530000-00531000 rw-p 00017000 08:05 69084 /usr/lib/libsasl2.so.2.0.22 00531000-00578000 r-xp 00000000 08:07 66372 /lib/libssl.so.0.9.8g 00578000-0057c000 rw-p 00046000 08:07 66372 /lib/libssl.so.0.9.8g 0057c000-006b3000 r-xp 00000000 08:07 58655 /lib/libcrypto.so.0.9.8g 006b3000-006c7000 rw-p 00136000 08:07 58655 /lib/libcrypto.so.0.9.8g 006c7000-006ca000 rw-p 006c7000 00:00 0 006ca000-006d2000 r-xp 00000000 08:05 66456 /usr/lib/libkrb5support.so.0.1 006d2000-006d3000 rw-p 00007000 08:05 66456 /usr/lib/libkrb5support.so.0.1 006d3000-006d5000 r-xp 00000000 08:07 58564 /lib/libkeyutils-1.2.so 006d5000-006d6000 rw-p 00001000 08:07 58564 /lib/libkeyutils-1.2.so 006d6000-0074e000 r-xp 00000000 08:05 68663 /usr/lib/libgnutls.so.13.9.1 0074e000-00754000 rw-p 00077000 08:05 68663 /usr/lib/libgnutls.so.13.9.1 00754000-0076c000 r-xp 00000000 08:07 58675 /lib/libaudit.so.0.0.0 0076c000-0076d000 r--p 00017000 08:07 58675 /lib/libaudit.so.0.0.0 0076d000-0076e000 rw-p 00018000 08:07 58675 /lib/libaudit.so.0.0.0 0076e000-00788000 r-xp 00000000 08:07 66381 /lib/libselinux.so.1 00788000-00789000 r--p 00019000 08:07 66381 /lib/libselinux.so.1 00789000-0078a000 rw-p 0001a000 08:07 66381 /lib/libselinux.so.1 0078a000-0079a000 r-xp 00000000 08:05 69989 /usr/lib/libtasn1.so.3.0.14 0079a000-0079b000 rw-p 00010000 08:05 69989 /usr/lib/libtasn1.so.3.0.14 0079b000-00808000 r-xp 00000000 08:07 66401 /lib/libgcrypt.so.11.4.3 00808000-0080a000 rw-p 0006c000 08:07 66401 /lib/libgcrypt.so.11.4.3 0080a000-0080d000 r-xp 00000000 08:07 66394 /lib/libgpg-error.so.0.4.0 0080d000-0080e000 rw-p 00002000 08:07 66394 /lib/libgpg-error.so.0.4.0 0080e000-00816000 r-xp 00000000 08:07 66366 /lib/librt-2.8.so 00816000-00817000 r--p 00007000 08:07 66366 /lib/librt-2.8.so 00817000-00818000 rw-p 00008000 08:07 66366 /lib/librt-2.8.so 00818000-0081a000 r-xp 00000000 08:05 1184562 /usr/lib/gconv/UTF-16.so 0081a000-0081b000 r--p 00001000 08:05 1184562 /usr/lib/gconv/UTF-16.so 0081b000-0081c000 rw-p 00002000 08:05 1184562 /usr/lib/gconv/UTF-16.so 0081c000-0081e000 r-xp 00000000 08:05 1185152 /usr/lib/gconv/IBM850.so 0081e000-0081f000 r--p 00001000 08:05 1185152 /usr/lib/gconv/IBM850.so 0081f000-00820000 rw-p 00002000 08:05 1185152 /usr/lib/gconv/IBM850.so 00820000-0082a000 r-xp 00000000 08:07 66354 /lib/libnss_files-2.8.so 0082a000-0082b000 r--p 0000a000 08:07 66354 /lib/libnss_files-2.8.so 0082b000-0082c000 rw-p 0000b000 08:07 66354 /lib/libnss_files-2.8.so 0082c000-00839000 r-xp 00000000 08:07 66163 /lib/libgcc_s-4.3.0-20080428.so.1 00839000-0083a000 rw-p 0000c000 08:07 66163 /lib/libgcc_s-4.3.0-20080428.so.1 b7700000-b7721000 rw-p b7700000 00:00 0 b7721000-b7800000 ---p b7721000 00:00 0 b7838000-b784e000 rw-s 00000000 08:09 778756 /var/lib/samba/connections.tdb b784e000-b7861000 rw-s 00000000 08:09 32453 /var/lib/samba/group_mapping.ldb b7861000-b7863000 rw-s 00000000 08:09 778770 /var/lib/samba/account_policy.tdb b7863000-b7865000 rw-s 00000000 08:09 778763 /var/lib/samba/ntprinters.tdb b7865000-b7867000 rw-s 00000000 08:09 778762 /var/lib/samba/ntdrivers.tdb b7867000-b7868000 rw-s 00000000 08:09 778771 /var/lib/samba/gencache.tdb b7868000-b7872000 rw-s 00000000 08:09 778760 /var/lib/samba/locking.tdb b7872000-b787c000 rw-s 00000000 08:09 778759 /var/lib/samba/brlock.tdb b787c000-b787d000 rw-s 00000000 08:09 778764 /var/lib/samba/ntforms.tdb b787d000-b788d000 r--s 00000000 08:05 633279 /usr/lib/samba/valid.dat b788d000-b7a8d000 r--p 00000000 08:05 196233 /usr/lib/locale/locale-archive b7a8d000-b7aad000 r--s 00000000 08:05 632841 /usr/lib/samba/lowcase.dat b7aad000-b7acd000 r--s 00000000 08:05 633274 /usr/lib/samba/upcase.dat b7acd000-b7ad6000 rw-p b7acd000 00:00 0 b7ad6000-b7ad7000 rw-s 00000000 08:09 778766 /var/lib/samba/sessionid.tdb b7ad7000-b7ad8000 rw-s 00000000 08:09 778755 /var/lib/samba/messages.tdb b7ad8000-b7ada000 rw-s 00000000 08:09 32679 /var/lib/samba/private/secrets.tdb b7ada000-b7ae1000 r--s 00000000 08:05 1185517 /usr/lib/gconv/gconv-modules.cache b7ae1000-b80d8000 r-xp 00000000 08:05 130228 /usr/sbin/smbd b80d8000-b80e1000 r--p 005f6000 08:05 130228 /usr/sbin/smbd b80e1000-b80e9000 rw-p 005ff000 08:05 130228 /usr/sbin/smbd b80e9000-b80eb000 rw-p b80e9000 00:00 0 b83b7000-b8487000 rw-p b83b7000 00:00 0 [heap] bfbc2000-bfbd7000 rw-p bffeb000 00:00 0 [stack]
Ok, I assume you are using security=share, correct ? Can you please also paste relevant parts of your [global] section in smb.conf ?
Created attachment 316994 [details] [global] section of smb.conf Here's the [global] section of smb.conf. It includes another file, attached next.
Created attachment 316995 [details] smb-local.conf, included by smb.conf Only 2 users have extra settings here. Users without sections here also crash samba.
Any new updates on this bug?
This seems to be fixed in samba-3.2.4-0.21.fc9.i386.