samba-4.14 and previous versions works just fine, including latest 4.14.12. But since 4.15 I'm unable to connect to my server using Fx (https://play.google.com/store/apps/details?id=nextapp.fx.rk). Even with `log level = 10` there is nothing in logs when Fx is trying to connect. Another client (Debian, using `mount -t cifs -o vers=3.02`) works just fine both with 4.14 and 4.15. I've checked both a changelog https://www.samba.org/samba/history/samba-4.15.0.html and open bugs https://bugzilla.samba.org/buglist.cgi?no_redirect=0&quicksearch=4.15 but doesn't see anything related. I'm stuck now, because I've no idea how to debug this without logs or anything like that. tcpdump's output isn't really helpful. Here is my smb.conf: [global] max protocol = SMB3 workgroup = WORKGROUP server string = Samba Server hosts allow = 127. 192.168.2. 192.168.3. guest account = powerman map to guest = bad user guest only = yes smb passwd file = /etc/samba/private/smbpasswd log file = /var/log/samba/log.%m max log size = 50 log level = 10 socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.2.0/24 remote announce = 192.168.2.255 domain master = yes preferred master = yes wins support = yes dns proxy = yes dos charset = 866 unix charset = UTF-8 follow symlinks = no [homes] comment = Home Directories browseable = no writable = no [TEMPORARY] comment = Writable Temp path = /mnt/tmp public = yes writeable = yes printable = no create mask = 0660 directory mask = 0775 force create mode = 0660 force directory mode = 0775 Is there any ideas how to debug this issue? Or is there any other android file managers with SMB support? I had to switch to Fx some time ago because of some security-related change in samba, which breaks all other android clients I used because they implement too outdated SMB protocol, but Fx uses some newer protocol…
This is working for me with samba-4.16.4, I wonder if one of your config options is breaking it. [global] workgroup = WORKGROUP server string = Samba Server %v log file = /var/log/samba/log.%m log level = 2 max log size = 50 guest account = guest security = user map to guest = Bad User encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no printcap name = /dev/null load printers = no printing = bsd [homes] comment = Home Directories browseable = no writable = yes [music] comment = music path = /mnt/tb/music guest ok = yes guest only = yes writable = no [tv] comment = tv path = /mnt/tb/tv guest ok = yes guest only = yes writable = no [movies] comment = tv path = /mnt/tb/movies guest ok = yes guest only = yes writable = no
(In reply to Ben Kohler from comment #1) > This is working for me with samba-4.16.4, I wonder if one of your config > options is breaking it. I've just tried 4.16.4 with your config - no luck. :( So, it's something else. Also I've tried 4.14.13 with your config - it works (and so is my config too).
I've noticed something weird in netstat output, look: # 4.14.13 Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 19859/smbd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 19859/smbd # 4.15.7 Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 3 0 0.0.0.0:445 0.0.0.0:* LISTEN 3764/smbd tcp 1 0 0.0.0.0:139 0.0.0.0:* LISTEN 3764/smbd These 3 and 1 in Recv-Q are not lowering, after few minutes it even increases: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 6 0 0.0.0.0:445 0.0.0.0:* LISTEN 3764/smbd tcp 2 0 0.0.0.0:139 0.0.0.0:* LISTEN 3764/smbd Recv-Q column contains the current syn backlog. Which means smbd it not accepting connections for some reason. Any ideas? Here is how this process looks while I'm trying to connect to it using Fx: # strace -p 3764 strace: Process 3764 attached getpid() = 3764 epoll_wait(4, And here is how same thing look like in 4.14.13: # strace -p 19859 strace: Process 19859 attached getpid() = 19859 epoll_wait(4, [{events=EPOLLIN, data={u32=1560616224, u64=94276092763424}}], 1, 884916) = 1 accept(46, {sa_family=AF_INET, sin_port=htons(37720), sin_addr=inet_addr("192.168.3.2")}, [128 => 16]) = 49 fcntl(49, F_GETFD) = 0 fcntl(49, F_SETFD, FD_CLOEXEC) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7faf7b518a90) = 20409 close(49) = 0 getpid() = 19859 epoll_wait(4, ^Cstrace: Process 19859 detached <detached ...>
Here is diff between `smbd -b` output, just in case: --- smbd-b.4.14.13.txt 2022-07-31 08:23:36.691358188 +0300 +++ smbd-b.4.15.7.txt 2022-07-31 08:24:19.897358872 +0300 @@ -146,11 +146,9 @@ HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RESOLV_H - HAVE_RPCSVC_NIS_H - HAVE_RPCSVC_YPCLNT_H - HAVE_RPCSVC_YP_PROT_H HAVE_RPC_NETTYPE_H HAVE_RPC_RPC_H + HAVE_RPC_TYPES_H HAVE_RPC_XDR_H HAVE_SASL_SASL_H HAVE_SCHED_H @@ -201,6 +199,7 @@ HAVE_64_BIT_SIZE_T_FOR_LMDB HAVE_ACL_GET_FILE HAVE_ADDRTYPE_IN_KRB5_ADDRESS + HAVE_AESNI_INTEL HAVE_AP_OPTS_USE_SUBKEY HAVE_ARCHIVE_READ_FREE HAVE_ARCHIVE_READ_SUPPORT_FILTER_ALL @@ -307,7 +306,6 @@ HAVE_FRSIZE HAVE_FSEEKO HAVE_FSID_INT - HAVE_FSTATAT HAVE_FSYNC HAVE_FTRUNCATE HAVE_FTRUNCATE_EXTEND @@ -315,7 +313,6 @@ HAVE_FUSE HAVE_FUSE_MOUNT HAVE_FUTIMENS - HAVE_FUTIMES HAVE_F_OWNER_EX HAVE_F_SETLEASE_DECL HAVE_GAI_STRERROR @@ -356,8 +353,6 @@ HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2 HAVE_GNUTLS_AES_CFB8 HAVE_GNUTLS_AES_CMAC - HAVE_GNUTLS_CRYPTO_POLICIES - HAVE_GNUTLS_GET_SYSTEM_CONFIG_FILE HAVE_GNUTLS_PKCS7_GET_EMBEDDED_DATA_OID HAVE_GNUTLS_SET_DEFAULT_PRIORITY_APPEND HAVE_GPFS @@ -479,7 +474,6 @@ HAVE_LIBKADM5SRV_MIT HAVE_LIBMENU HAVE_LIBNCURSES - HAVE_LIBNSL HAVE_LIBPAM HAVE_LIBPANEL HAVE_LIBPOPT @@ -526,7 +520,6 @@ HAVE_MUNLOCKALL HAVE_NATIVE_ICONV HAVE_NCURSES - HAVE_NETGROUP HAVE_NEW_FIELD HAVE_NEW_FORM HAVE_NEW_LIBREADLINE @@ -713,7 +706,6 @@ HAVE_WRFILE_KEYTAB HAVE_XATTR_SUPPORT HAVE_XATTR_XATTR - HAVE_YP_GET_DEFAULT_DOMAIN HAVE_ZLIB HAVE__Bool HAVE__VA_ARGS__MACRO @@ -729,7 +721,11 @@ WITH_TEVENT_GLIB_GLUE Build Options: + AESNI_INTEL_CFLAGS + ALLOW_GNUTLS_AEAD_CIPHER_ENCRYPTV2_AES_CCM + ALLOW_GNUTLS_AEAD_CIPHER_ENCRYPTV2_AES_GCM BOOL_DEFINED + BROKEN_NISPLUS_INCLUDE_FILES COMPILER_SUPPORTS_LL CONFIG_H_IS_FROM_SAMBA DEFAULT_DOS_CHARSET @@ -788,10 +784,10 @@ TALLOC_BUILD_VERSION_RELEASE TIME_T_MAX TIME_WITH_SYS_TIME - USE_COPY_FILE_RANGE USING_SYSTEM_CMOCKA USING_SYSTEM_KRB5 USING_SYSTEM_LDB + USING_SYSTEM_MITKRB5 USING_SYSTEM_POPT USING_SYSTEM_TALLOC USING_SYSTEM_TDB
I'm sorry, this was my mistake. Since 4.15 samba has removed -S command line option and I've incorrectly replaced it with -i (instead of --debug-stdout), which result in accepting only 1 connection.