On 05/27/2010 08:51 AM, Gordon Messmer wrote:
> On 05/27/2010 05:55 AM, Jerry Franz wrote:
>
>> I have *twenty* virtual machines I deploy updates to before it ever
>> touches my production systems. Not everything is testable on
>> non-production machines.
>>
> ...
>
>> Now back to fix
On 05/27/2010 05:55 AM, Jerry Franz wrote:
>
> I have *twenty* virtual machines I deploy updates to before it ever
> touches my production systems. Not everything is testable on
> non-production machines.
...
> Now back to fixing the SELinux configuration on a machine I had to put
> in 'permissive'
On Thu, 2010-05-27 at 05:55 -0700, Jerry Franz wrote:
> On 05/26/2010 08:23 PM, Gordon Messmer wrote:
> > On 05/26/2010 08:44 AM, Benjamin Franz wrote:
> >
> > [...]
> >> The *theoretical* system security improvement of SELinux is trumped by
> >> the *practical* observation that I have had exis
On 05/26/2010 08:23 PM, Gordon Messmer wrote:
> On 05/26/2010 08:44 AM, Benjamin Franz wrote:
>
> [...]
>> The *theoretical* system security improvement of SELinux is trumped by
>> the *practical* observation that I have had existing systems broken by
>> SELinux multiple times on the mere handf
On 05/26/2010 08:44 AM, Benjamin Franz wrote:
>
> I can make a useful argument from experience. Over the last few years,
> as Redhat has progressively deployed SELinux, I have had *several*
> incidents (the most recent only a few weeks ago) where updates to
> SELinux broke existing, stable, systems
On 5/26/2010 5:16 PM, Gordon Messmer wrote:
>
>> Isn't the context associated with the program itself,
>> not its parent?
>
> The context is inherited from the process which calls exec() if there is
> no transition defined. If there is a transition, it is associated with
> the path.
>
>> Is this d
On 05/26/2010 07:54 AM, Brunner, Brian T. wrote:
>>
>> you can't make a useful argument out of ignorance.
>
> You are being religious, and wrong. See below.
You also can't make a useful argument out of name-calling.
People frequently use the label "religious" derisively when someone
advocates a
On 05/25/2010 10:44 PM, Les Mikesell wrote:
>
> That still doesn't explain why there is a difference in smbd's context when
> its
> parent is an explicitly started shell vs. the implict one that starts when the
> script file is executed.
SELinux domain transitions are handled by the kernel. If y
> The *theoretical* system security improvement of SELinux is trumped by
> the *practical* observation that I have had existing systems broken by
> SELinux multiple times on the mere handful of systems I have run it on
> in enforcing mode, but have yet to see a single one of several dozen
> (
Benjamin wrote:
> On 05/26/2010 07:40 AM, Craig White wrote:
>>
>> you can't make a useful argument out of ignorance. If you don't want to
>> use SELinux, then disable it. Otherwise, learn to understand how it
>> operates and deal with it.
>>
>> one certain way to cause issues with SELinux is to co
On 05/26/2010 07:40 AM, Craig White wrote:
>
> you can't make a useful argument out of ignorance. If you don't want to
> use SELinux, then disable it. Otherwise, learn to understand how it
> operates and deal with it.
>
> one certain way to cause issues with SELinux is to copy files created in
> ot
>
> you can't make a useful argument out of ignorance.
You are being religious, and wrong. See below.
> If you don't want to use SELinux, then disable it.
This is a good idea. Disabling SELinux is the first thing that should
be done, since (as this conversation proves plainly) what we don't
On Tue, 2010-05-25 at 23:36 -0400, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 09:09:33PM -0500, Jay Leafey wrote:
>
> > In your case, there should have been AVC errors showing up in the
> > audit log related to smbd. Using restorecon to fix up the security
> > context on the files in /etc/sam
JohnS wrote:
> On Tue, 2010-05-25 at 21:27 -0400, Whit Blauvelt wrote:
>
>> But if someone can tell me why selinux thinks it's sane to block
>> "/etc/init.d/smb start" while leaving "sh /etc/init.d/smb start" and even
>> /some/random/dir/smb start" wide open ... I just can't believe some happy
>>
On Tue, 2010-05-25 at 21:27 -0400, Whit Blauvelt wrote:
> But if someone can tell me why selinux thinks it's sane to block
> "/etc/init.d/smb start" while leaving "sh /etc/init.d/smb start" and even
> /some/random/dir/smb start" wide open ... I just can't believe some happy
> hacker at NSA though
On May 26, 2010, at 1:44 AM, Les Mikesell wrote:
> Gordon Messmer wrote:
>>
>> No. With that file removed, smbd probably wouldn't have been able to
>> write to the directory. If it was able to, it probably would have
>> run
>> into trouble with the next file. If smbd started up in the contex
On Tue, 2010-05-25 at 17:24 -0500, Les Mikesell wrote:
> On 5/25/2010 5:09 PM, Whit Blauvelt wrote:
> > On Tue, May 25, 2010 at 06:05:34PM -0400, Whit Blauvelt wrote:
> >
> >> where "smb" is RH's version and /etc/init.d/smb is Cent's. I can't quite
> >> imagine that a difference between overwriting
Gordon Messmer wrote:
>
> No. With that file removed, smbd probably wouldn't have been able to
> write to the directory. If it was able to, it probably would have run
> into trouble with the next file. If smbd started up in the context
> which was configured for it, everything would work nor
On 05/25/2010 08:09 PM, Whit Blauvelt wrote:
>
> So with selinux, in general any script that selinux would stop from running
> due to the script's own extra selinux file tags can be run if Evil Intruder
> simply invokes the same script with its shell first - sh or perl or python
> or whatever? That
On 05/25/2010 08:36 PM, Whit Blauvelt wrote:
>
> Thoughtful advice. Thanks. Is there some method to duplicate basic
> configuration files across selinux servers without running restorecon for
> each set of files that's copied over - that is, to copy them with their
> selinux labels intact?
Usually
On 05/25/2010 06:44 PM, Whit Blauvelt wrote:
>
> And that still doesn't say why it starts having a problem with
> /var/cache/samba/messages.tbd. Does it?
That's simply the first file which was denied by policy. If that one
had been removed, the next one would have caused problems.
>> That file
On 05/25/2010 04:39 PM, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 06:23:02PM -0400, Todd Denniston wrote:
>> i.e. you may need to:
>> A) restorecon /etc/init.d/smb and any other samba files that you have
>> copied/edited.
>
> It doesn't work with the smb file which is virgin, as installed by
On Tue, May 25, 2010 at 09:09:33PM -0500, Jay Leafey wrote:
> In your case, there should have been AVC errors showing up in the
> audit log related to smbd. Using restorecon to fix up the security
> context on the files in /etc/samba might have resolved the issue
> quickly... but I guess the tric
Whit Blauvelt wrote, On 05/25/2010 11:09 PM:
> On Tue, May 25, 2010 at 10:03:38PM -0400, Jason Pyeron wrote:
>
>> If you look at it as the two different commands, then they may have different
>> permissions, owners, contexts, etc...
>>
>> /bin/sh vs /etc/init.d/smb
>>
>> I am just logically guessi
On Tue, May 25, 2010 at 10:03:38PM -0400, Jason Pyeron wrote:
> If you look at it as the two different commands, then they may have different
> permissions, owners, contexts, etc...
>
> /bin/sh vs /etc/init.d/smb
>
> I am just logically guessing here but ...
Let me follow your logic here. So th
On May 25, 2010, at 9:44 PM, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 08:52:58PM -0400, Ross Walker wrote:
>
>> Selinux alerts are in /var/log/audit/audit.log
>
> Thank you for that. Cryptic, but there it is.
>
>> The problem is if smbd doesn't create the messages.tdb file then it
>> won't
Whit Blauvelt wrote:
Then why was it also happy with "sh /etc/init.d/smb start" but not
"/etc/init.d/smb start". I'm happy to become more educated on this. But if
invoking a major daemon startup that selinux wants to block is as easy as
that, selinux is window dressing, not security.
What am I
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Whit Blauvelt
> Sent: Tuesday, May 25, 2010 21:27
> To: CentOS mailing list
> Subject: Re: [CentOS] Odd failure of smbd to start from
> init.d - CentOS 5.4 - i
On Tue, May 25, 2010 at 08:52:58PM -0400, Ross Walker wrote:
> Selinux alerts are in /var/log/audit/audit.log
Thank you for that. Cryptic, but there it is.
> The problem is if smbd doesn't create the messages.tdb file then it
> won't have the selinux rights.
I don't follow you. What else coul
On Tue, May 25, 2010 at 07:46:56PM -0500, Les Mikesell wrote:
> I would have looked at selinux first for any "odd failure", but I thought it
> related to the process itself and couldn't see any way that the process would
> be
> different when started as "sh /etc/init.d/smb restart" than simply
On May 25, 2010, at 8:25 PM, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 07:55:12PM -0400, Whit Blauvelt wrote:
>> On Tue, May 25, 2010 at 04:33:53PM -0700, Jerry Franz wrote:
>>
>>> Are you running with SELinux on?
>
> You were right Jerry!
>
> echo 0 > /selinux/enforce
>
> and then /etc/init
Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 07:55:12PM -0400, Whit Blauvelt wrote:
>> On Tue, May 25, 2010 at 04:33:53PM -0700, Jerry Franz wrote:
>>
>>> Are you running with SELinux on?
>
> You were right Jerry!
>
> echo 0 > /selinux/enforce
>
> and then /etc/init.d/smb restart works! Thank
On Tue, May 25, 2010 at 07:55:12PM -0400, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 04:33:53PM -0700, Jerry Franz wrote:
>
> > Are you running with SELinux on?
You were right Jerry!
echo 0 > /selinux/enforce
and then /etc/init.d/smb restart works! Thank you much Jerry!
Now why doesn't th
At Tue, 25 May 2010 18:05:34 -0400 CentOS mailing list
wrote:
>
> On Tue, May 25, 2010 at 05:47:00PM -0400, Robert Heller wrote:
>
> > Was this file *copied* from the Redhat 5.4 system(s) or created fresh
> > under CentOS?
>
> If you mean /etc/init.d/smb, it's CentOS's version. The entire dif
On Tue, May 25, 2010 at 04:33:53PM -0700, Jerry Franz wrote:
> Are you running with SELinux on?
Now there's a good question, it turns out. I'd assumed CentOS followed the
pattern of most distros in having it not be in strictest mode
out-of-the-box, but in /etc/selinux/config:
SELINUX=enforcing
On Tue, May 25, 2010 at 06:23:02PM -0400, Todd Denniston wrote:
> I have not been following this thread closely, but perhaps Robert was
> pointing at SELINUX and the
> need to keep the SE permissions intact as you copy/edit the file.
>
> i.e. you may need to:
> A) restorecon /etc/init.d/smb and a
Les,
At risk of clogging mail boxes, see below, and note this line in the middle:
open("/var/cache/samba/messages.tdb", O_RDWR|O_CREAT, 0600) = -1 EACCES
(Permission denied)
Now, if I copy that modified smb file elsewhere and run it, for one
difference output stops without returning to prompt a
On 05/25/2010 04:11 PM, Whit Blauvelt wrote:
> Hi Brian,
>
> I've been all over the environment comparisons before, I think. The question
> currently is:
>
> What can be the difference between
>
> "/home/smb restart" - which works, and
> "/etc/init.d/smb restart" - which fails
>
> when a diff betwe
Hi Brian,
I've been all over the environment comparisons before, I think. The question
currently is:
What can be the difference between
"/home/smb restart" - which works, and
"/etc/init.d/smb restart" - which fails
when a diff between the two smb files shows no difference?
This is with both
> [mailto:centos-boun...@centos.org] On Behalf Of Whit Blauvelt
> Sent: Tuesday, May 25, 2010 6:18 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] Odd failure of smbd to start from
> init.d - CentOS 5.4
>
> On Tue, May 25, 2010 at 06:09:40PM -0400, Whit Blauvelt wrote:
>
> >
On 5/25/2010 5:09 PM, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 06:05:34PM -0400, Whit Blauvelt wrote:
>
>> where "smb" is RH's version and /etc/init.d/smb is Cent's. I can't quite
>> imagine that a difference between overwriting or appending path.txt is at
>> the root of what I'm seeing thoug
On Wed, May 26, 2010 at 12:17 AM, Whit Blauvelt wrote:
> On Tue, May 25, 2010 at 06:09:40PM -0400, Whit Blauvelt wrote:
>
> > Correction: that wasn't a virgin version of Cent's. More in a moment.
>
> This gets more bizarre. To a virgin version of Cent's /etc/init.d/smb -
> it's
> a perfect match:
Whit Blauvelt wrote, On 05/25/2010 06:05 PM:
> On Tue, May 25, 2010 at 05:47:00PM -0400, Robert Heller wrote:
>
>> Was this file *copied* from the Redhat 5.4 system(s) or created fresh
>> under CentOS?
>
> If you mean /etc/init.d/smb, it's CentOS's version. The entire difference
> between the two
On Tue, May 25, 2010 at 06:09:40PM -0400, Whit Blauvelt wrote:
> Correction: that wasn't a virgin version of Cent's. More in a moment.
This gets more bizarre. To a virgin version of Cent's /etc/init.d/smb - it's
a perfect match:
# diff ./smb /etc/init.d/smb
#
That's right, no diff!
Yet if I
On Tue, May 25, 2010 at 06:05:34PM -0400, Whit Blauvelt wrote:
> where "smb" is RH's version and /etc/init.d/smb is Cent's. I can't quite
> imagine that a difference between overwriting or appending path.txt is at
> the root of what I'm seeing though.
Correction: that wasn't a virgin version of C
On Tue, May 25, 2010 at 05:47:00PM -0400, Robert Heller wrote:
> Was this file *copied* from the Redhat 5.4 system(s) or created fresh
> under CentOS?
If you mean /etc/init.d/smb, it's CentOS's version. The entire difference
between the two, just for the record, is:
# diff smb /etc/init.d/smb
10
On Tue, May 25, 2010 at 05:38:59PM -0400, Robert Heller wrote:
> Wondering aloud: where the smbpasswd *data* files copied? If so how,
> exactly? And from what version of samba were the smbpasswd *data*
> created with? And are the permissions of the smbpasswd *data* what they
> should be? Just g
At Tue, 25 May 2010 17:26:26 -0400 CentOS mailing list
wrote:
>
> Following up, that appears to be /var/cache/samba/messages.tdb it can't
> intialize. Which sits there with the same permissions on the not-working
> CentOS 5.4 systems as on the working Redhat 5.4 systems. Now what could
> create
At Tue, 25 May 2010 15:11:45 -0400 CentOS mailing list
wrote:
>
> Just a follow up note: We've got the same problem again on another fresh
> install. Totally different hardware - so the hardware hypothesis bites the
> dust. Since other people aren't seeing this, the remaining suspect is our
> c
Following up, that appears to be /var/cache/samba/messages.tdb it can't
intialize. Which sits there with the same permissions on the not-working
CentOS 5.4 systems as on the working Redhat 5.4 systems. Now what could
create a problem for that when started from "/etc/init.d/smb start" but not
from "
Finally, a clue!
Upgraded from the stock smbd version from the 5.4 iso to 3.0.33-3.28.el5,
and now an error message makes it into /var/log/messages:
May 24 15:29:12 xyz smbd[2674]: [2010/05/24 15:29:12, 0]
lib/messages.c:message_init(132)
May 24 15:29:12 xyz smbd[2674]: ERROR: Failed to initi
Just a follow up note: We've got the same problem again on another fresh
install. Totally different hardware - so the hardware hypothesis bites the
dust. Since other people aren't seeing this, the remaining suspect is our
configuration files. We're using an smbpasswd backed, and in both these
cases
On 5/21/2010 4:37 PM, Ross Walker wrote:
> On May 21, 2010, at 3:48 PM, Whit Blauvelt wrote:
>
>> On Fri, May 21, 2010 at 03:12:02PM -0400, Ross Walker wrote:
>>
>>> What happens when you manually try to execute the above commands?
>>
>> # /bin/bash -c 'ulimit -S -c 0>/dev/null 2>&1 ; smbd -D'
>>
On May 21, 2010, at 3:48 PM, Whit Blauvelt wrote:
> On Fri, May 21, 2010 at 03:12:02PM -0400, Ross Walker wrote:
>
>> What happens when you manually try to execute the above commands?
>
> # /bin/bash -c 'ulimit -S -c 0 >/dev/null 2>&1 ; smbd -D'
>
> Not sure what that might in theory do, but it w
On Thu, May 20, 2010 at 10:29 PM, Jason Pyeron wrote:
>> From: Tom H
>> Sent: Thursday, May 20, 2010 22:22
>> >> # rpm -V samba
>> >> S.5T c /etc/rc.d/init.d/smb
>> >> S.5T c /etc/samba/smbusers
>> >> ...T c /etc/sysconfig/samba
>> > I'm not sure but I really think you have the wro
On Fri, 2010-05-21 at 15:01 -0400, Whit Blauvelt wrote:
> On Fri, May 21, 2010 at 02:36:30PM -0400, Whit Blauvelt wrote:
>
> > Here's the path seen within the init.d/smb script (from an inserted echo
> > $PATH > file):
> >
> > /sbin:/usr/sbin:/bin:/usr/bin
>
> And if I set that path in a consol
On Fri, May 21, 2010 at 03:12:02PM -0400, Ross Walker wrote:
> What happens when you manually try to execute the above commands?
# /bin/bash -c 'ulimit -S -c 0 >/dev/null 2>&1 ; smbd -D'
Not sure what that might in theory do, but it works:
# ps aux | grep mbd | grep -v grep
root 7870 0.0
On May 21, 2010, at 2:47 PM, Whit Blauvelt wrote:
> + /bin/bash -c 'ulimit -S -c 0 >/dev/null 2>&1 ; smbd -D'
What happens when you manually try to execute the above commands?
-Ross
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/ma
On Fri, May 21, 2010 at 02:36:30PM -0400, Whit Blauvelt wrote:
> Here's the path seen within the init.d/smb script (from an inserted echo
> $PATH > file):
>
> /sbin:/usr/sbin:/bin:/usr/bin
And if I set that path in a console session, smbd still works when called
directly:
# export PATH=/sbin:/
On Fri, May 21, 2010 at 07:49:16AM -0400, Kwan Lowe wrote:
> My gut tells me it's not hardware but willing to take it :)
>
> Have you tried adding a "set -x" to the top of the the smb startup
> scripts? I didn't see any such output in your replies so far.
Here you go:
# ./smb start
+ '[' -f /e
On Thu, May 20, 2010 at 08:52:31PM -0500, Les Mikesell wrote:
> What shell does the script specify at the top and what is found following
> $PATH?
Here's from the console:
# echo $PATH
/usr/kerberos/sbin:/usr/kerberos/bin:/home/OpenBase/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/u
On Fri, May 21, 2010 at 03:39:53AM -0700, John Doe wrote:
> What's the return value?
> service smb start
> echo $?
# service smb start
Starting SMB services: [ OK ]
Starting NMB services:
# echo $?
0
# ps aux | grep mbd
root 2520 0.0 0.0 107732
On Fri, 2010-05-21 at 13:00 -0400, Whit Blauvelt wrote:
> On Fri, May 21, 2010 at 11:54:26AM -0400, Ross Walker wrote:
>
> > # sh -x
On Fri, May 21, 2010 at 12:52:51PM -0400, m.r...@5-cent.us wrote:
> A suggestion: in the script, add
> env > /tmp/smb.env
>
> or whatever you want to call it. Then you can compare and contrast with
> your environment.
Good idea. I'll try it when the system's back up. Someone's hunting up a
repla
On Fri, May 21, 2010 at 11:54:26AM -0400, Ross Walker wrote:
> # sh -x
> On 5/21/2010 10:56 AM, Whit Blauvelt wrote:
>> On Fri, May 21, 2010 at 10:24:00AM -0500, Les Mikesell wrote:
>>
>>> The only difference here 'should' be that explicitly running 'sh' will
>>> invoke your own shell aliases and search PATH to execute sh, where if
>>> you omit it you'll get the #!/bi
On 5/21/2010 10:56 AM, Whit Blauvelt wrote:
> On Fri, May 21, 2010 at 10:24:00AM -0500, Les Mikesell wrote:
>
>> The only difference here 'should' be that explicitly running 'sh' will
>> invoke your own shell aliases and search PATH to execute sh, where if
>> you omit it you'll get the #!/bin/sh in
On Fri, May 21, 2010 at 10:24:00AM -0500, Les Mikesell wrote:
> The only difference here 'should' be that explicitly running 'sh' will
> invoke your own shell aliases and search PATH to execute sh, where if
> you omit it you'll get the #!/bin/sh interpreter specified in the script
> itself. Is
On May 21, 2010, at 11:24 AM, Les Mikesell
wrote:
> On 5/21/2010 9:44 AM, Whit Blauvelt wrote:
>> On Fri, May 21, 2010 at 10:04:36AM -0400, Ross Walker wrote:
>>
>>> By any chance did someone add smbd to xinetd?
>>>
>>> If so then xinetd has the port open and the smbd process will not
>>> bin
On May 21, 2010, at 10:44 AM, Whit Blauvelt wrote:
> On Fri, May 21, 2010 at 10:04:36AM -0400, Ross Walker wrote:
>
>> By any chance did someone add smbd to xinetd?
>>
>> If so then xinetd has the port open and the smbd process will not
>> bind.
>
> Nope. Not sure that would explain why a sligh
On 5/21/2010 9:44 AM, Whit Blauvelt wrote:
> On Fri, May 21, 2010 at 10:04:36AM -0400, Ross Walker wrote:
>
>> By any chance did someone add smbd to xinetd?
>>
>> If so then xinetd has the port open and the smbd process will not bind.
>
> Nope. Not sure that would explain why a slight difference in
On Fri, May 21, 2010 at 10:04:36AM -0400, Ross Walker wrote:
> By any chance did someone add smbd to xinetd?
>
> If so then xinetd has the port open and the smbd process will not bind.
Nope. Not sure that would explain why a slight difference in how it's
invoked, through the same init.d script,
On May 20, 2010, at 9:21 AM, Whit Blauvelt wrote:
> Hi,
>
> We've got a fresh CentOS 5.4 box, and the only glitch so far is that
> /etc/init.d/smb doesn't start smbd. It claims it does - shows "[ok]"
> - but
> only nmbd ends up running. Even setting a higher debugging level in
> the smbd
> fl
On Thu, May 20, 2010 at 9:30 PM, Whit Blauvelt wrote:
> On Thu, May 20, 2010 at 06:17:10PM -0700, Benjamin Franz wrote:
>
>> Have you looked in /var/log/messages for errors from smbd? I don't
>> remember seeing that anywhere in your T/S list.
>
> Yup. I've grepped all the logs. Nothing from smbd a
From: Whit Blauvelt
> "service smb restart" - does NOT get smbd running (although
> shows "OK")
> "sh /etc/init.d/smb restart" - DOES get smbd running
> "/etc/init.d/smb restart" - does NOT get smbd running (although shows
> "OK")
> "bash /etc/init.d/smb restart" - DOES get smbd running
What's
On Thu, 2010-05-20 at 22:22 -0400, Tom H wrote:
> On Thu, May 20, 2010 at 9:42 PM, John Stan wrote:
> > On Thu, May 20, 2010 at 6:39 PM, Whit Blauvelt wrote:
> >>> Maybe try "rpm -V samba" to verify all the samba files. You get any
> >>> output then you have problems.
> >>
> >> I take it this o
> -Original Message-
> From: Tom H
> Sent: Thursday, May 20, 2010 22:22
> To: CentOS mailing list
> Subject: Re: [CentOS] Odd failure of smbd to start from
> init.d - CentOS 5.4
>
> On Thu, May 20, 2010 at 9:42 PM, John Stan wrote:
> > On Thu, May 20,
> -Original Message-
> From: Whit Blauvelt
> Sent: Thursday, May 20, 2010 17:42
> Subject: Re: [CentOS] Odd failure of smbd to start from
> init.d - CentOS 5.4
>
> More data:
>
> "service smb restart" - does NOT get smbd running (although
&
On Thu, May 20, 2010 at 9:42 PM, John Stan wrote:
> On Thu, May 20, 2010 at 6:39 PM, Whit Blauvelt wrote:
>>> Maybe try "rpm -V samba" to verify all the samba files. You get any
>>> output then you have problems.
>>
>> I take it this output:
>>
>> # rpm -V samba
>> S.5T c /etc/rc.d/init.d/s
Whit Blauvelt wrote:
>
> Also, since "sh /etc/init.d/smb (re)start" works but "/etc/init.d/smb
> (re)start" doesn't, I can't see how the difference between those two
> invocations would change the handling of the lock files. It's still the same
> script being run. Just some change in the environme
On Thu, May 20, 2010 at 6:39 PM, Whit Blauvelt wrote:
>> Maybe try "rpm -V samba" to verify all the samba files. You get any
>> output then you have problems.
>
> I take it this output:
>
> # rpm -V samba
> S.5T c /etc/rc.d/init.d/smb
> S.5T c /etc/samba/smbusers
> ...T c /etc/sysc
On Thu, May 20, 2010 at 06:17:10PM -0700, Benjamin Franz wrote:
> Have you looked in /var/log/messages for errors from smbd? I don't
> remember seeing that anywhere in your T/S list.
Yup. I've grepped all the logs. Nothing from smbd at all. I also enabled
kern and daemon logs, just in case those
On 05/20/2010 05:28 PM, Whit Blauvelt wrote:
> On Thu, May 20, 2010 at 04:55:29PM -0700, Jerry Franz wrote:
>
>
>> I would start by comparing the values of all the environment variables
>> between running as /bin/sh and /bin/bash:
>>
>> env> bash_env.txt
>> /bin/sh
>> env> sh_env.txt
>> exit
On Thu, May 20, 2010 at 04:55:29PM -0700, Jerry Franz wrote:
> I would start by comparing the values of all the environment variables
> between running as /bin/sh and /bin/bash:
>
> env > bash_env.txt
> /bin/sh
> env > sh_env.txt
> exit
> diff bash_env.txt sh_env.txt
Jerry,
That's a good idea.
On Thu, May 20, 2010 at 07:58:19PM -0400, Ryan Manikowski wrote:
> Tell them to join the debian-users list and see what kind of intelligent
> discussion goes on there. They will be back to Centos in a week. =)
Too true!
Whit
___
CentOS mailing list
Cen
On Thu, May 20, 2010 at 04:44:20PM -0700, Craig White wrote:
> I should have added that there should be a core dump in
> /var/log/samba/cores/smbd which if you could analyze, would give you some
> hints
As you might expect at this point, that's a totally empty directory. The
lack of a core dump m
On Thu, May 20, 2010 at 04:40:26PM -0700, Craig White wrote:
> sounds like a hardware issue - have you run memtest86 on this computer?
No, haven't. My experience with hardware issues is that they rarely
introduce 100% repeatable software errors. This one is entirely consistent
in its behavior, an
On 5/20/2010 6:39 PM, Whit Blauvelt wrote:
> I'm afraid this is giving CentOS a bad rep among my coworkers.
>
Tell them to join the debian-users list and see what kind of intelligent
discussion goes on there. They will be back to Centos in a week. =)
--
Ryan Manikowski
r...@devis
On 05/20/2010 04:46 PM, Whit Blauvelt wrote:
>
> Also, since "sh /etc/init.d/smb (re)start" works but "/etc/init.d/smb
> (re)start" doesn't, I can't see how the difference between those two
> invocations would change the handling of the lock files. It's still the same
> script being run. Just some
On Thu, May 20, 2010 at 06:49:33PM -0400, Kwan Lowe wrote:
> The service scripts can check for lock files. Do you have any stale
> locks in /var/run/subsys?
Thanks Kwan.
If I remove /var/run/smbd.pid (and /var/run/nmbd.pid for that matter), the
init.d/smb file still fails to get smbd running pe
On Thu, 2010-05-20 at 16:40 -0700, Craig White wrote:
> On Thu, 2010-05-20 at 19:35 -0400, Whit Blauvelt wrote:
> > On Thu, May 20, 2010 at 03:50:20PM -0700, Craig White wrote:
> >
> > > not until you run the command as suggested much earlier...
> > >
> > > /usr/sbin/smbd -iF
> > >
> > > which w
On Thu, 2010-05-20 at 19:35 -0400, Whit Blauvelt wrote:
> On Thu, May 20, 2010 at 03:50:20PM -0700, Craig White wrote:
>
> > not until you run the command as suggested much earlier...
> >
> > /usr/sbin/smbd -iF
> >
> > which will launch it iteractively and output everything to standard out
> > -
On Thu, May 20, 2010 at 03:50:20PM -0700, Craig White wrote:
> not until you run the command as suggested much earlier...
>
> /usr/sbin/smbd -iF
>
> which will launch it iteractively and output everything to standard out
> - the console itself and then let us know what it says.
Hi Craig,
/usr/
On Thu, 2010-05-20 at 18:39 -0400, Whit Blauvelt wrote:
> > Maybe try "rpm -V samba" to verify all the samba files. You get any
> > output then you have problems.
>
> I take it this output:
>
> # rpm -V samba
> S.5T c /etc/rc.d/init.d/smb
> S.5T c /etc/samba/smbusers
> ...T c /etc
On Thu, May 20, 2010 at 5:41 PM, Whit Blauvelt wrote:
> More data:
>
> "service smb restart" - does NOT get smbd running (although shows "OK")
>
> "sh /etc/init.d/smb restart" - DOES get smbd running
>
> The "service" man page claims the only environment variables it passes are
> LANG and TERM. Bu
> Maybe try "rpm -V samba" to verify all the samba files. You get any
> output then you have problems.
I take it this output:
# rpm -V samba
S.5T c /etc/rc.d/init.d/smb
S.5T c /etc/samba/smbusers
...T c /etc/sysconfig/samba
merely shows that these are files that don't precisely m
On Thu, 2010-05-20 at 17:41 -0400, Whit Blauvelt wrote:
> More data:
>
> "service smb restart" - does NOT get smbd running (although shows "OK")
>
> "sh /etc/init.d/smb restart" - DOES get smbd running
>
> The "service" man page claims the only environment variables it passes are
> LANG and TER
More data:
"service smb restart" - does NOT get smbd running (although shows "OK")
"sh /etc/init.d/smb restart" - DOES get smbd running
The "service" man page claims the only environment variables it passes are
LANG and TERM. But that can't be the key, since
"/etc/init.d/smb restart" - does NO
On Thu, May 20, 2010 at 12:47:50PM -0500, Les Mikesell wrote:
> That looks like the stock init file - but it might be a good idea to run
> 'rpm -V samba' to see if everything is standard. Running the init
> script with 'sh -x' might give you a hint about what it is doing - or
> you'll have to
On 5/20/2010 12:39 PM, Whit Blauvelt wrote:
> On Thu, May 20, 2010 at 10:58:07AM -0400, Ryan Manikowski wrote:
>
>> Make sure nmbd is started first: nmbd -D
>
> You know, that's not the order the init.d/smb file has it in:
>
> start() {
> KIND="SMB"
> echo -n $"Starting $KIND serv
1 - 100 of 113 matches
Mail list logo
