Bug 38078 - Shares on member server unreachable if master is shut down
Shares on member server unreachable if master is shut down
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-5-errata
Assigned To: Stefan Gohmann
Felix Botner
:
Depends on: 36805
Blocks:
  Show dependency treegraph
 
Reported: 2015-03-18 16:44 CET by Stefan Gohmann
Modified: 2015-03-25 14:05 CET (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2015-03-18 16:44:07 CET
Backport for UCS 3.2

+++ This bug was initially created as a clone of Bug #36805 +++

UCS 4.0 master, backup, slave and member

on the member i set

 ucr set ldap/server/addition="slave.fb.test backup.fb.test"
 ucr set nameserver2='10.200.7.80' # master
 ucr set nameserver2='10.200.7.81' # slave

is i shut down the master, samba shares on the slave and backup are still accessible, but not on the member

@member

->  wbinfo -u
FB+join-slave
FB+join-backup
FB+administrator
FB+töst1
FB+töst2
FB+töst3
FB+töst4
FB+töst7


-> getent passwd
...
win7pro$:x:2014:1005:win7pro:/dev/null:/bin/false
töst1:x:2016:5001:test1:/home/töst1:/bin/bash
töst2:x:2017:5001:test1:/home/töst2:/bin/bash
töst3:x:2018:5001:test1:/home/töst3:/bin/bash
töst4:x:2019:5001:test1:/home/töst4:/bin/bash
töst7:x:2022:5001:test1:/home/töst7:/bin/bash


-> smbclient   //member/opt -U Administrator%univention
session setup failed: NT_STATUS_IO_TIMEOUT

-> smbstatus
Samba version 4.2.0rc2-Debian
PID     Username      Group         Machine            Protocol Version       
------------------------------------------------------------------------------
24590     -1            -1          10.200.7.83  (ipv4:10.200.7.83:46673) NT1
24593     -1            -1          10.200.7.83  (ipv4:10.200.7.83:46681) NT1
Comment 1 Stefan Gohmann univentionstaff 2015-03-19 07:52:49 CET
See Bug #36805 for details. The univention-samba part has been backported via Bug #13784.

* 2015-03-18-univention-python.yaml
I've added an option to disable the reconnect to getAdminConnection and getMachineConnection.
Fix: r59176 + r59179

* 2015-03-18-univention-quota.yaml
The home-mounter script now disables the LDAP reconnect.
Fix: r59193

* 2015-03-18-univention-home-mounter.yaml
The user-quota script now disables the LDAP reconnect.
Fix: r59178
Comment 2 Stefan Gohmann univentionstaff 2015-03-19 08:03:22 CET
I reverted the changes since the reconnect handling was introduced with UCS 4.0
Comment 3 Felix Botner univentionstaff 2015-03-20 13:04:12 CET
still happens with 3.2-5

i think the problem is 

1. uldap.access.__init__()

  i=0
  while i <= self.client_connection_attempt:
      try:
          self.__open(ca_certfile)
          break
      except ldap.SERVER_DOWN:
          if i >= (self.client_connection_attempt-1):
                  raise
          time.sleep(1)
      i+=1
Comment 4 Stefan Gohmann univentionstaff 2015-03-23 07:48:01 CET
(In reply to Felix Botner from comment #3)
> still happens with 3.2-5
> 
> i think the problem is 
> 
> 1. uldap.access.__init__()
> 
>   i=0
>   while i <= self.client_connection_attempt:
>       try:
>           self.__open(ca_certfile)
>           break
>       except ldap.SERVER_DOWN:
>           if i >= (self.client_connection_attempt-1):
>                   raise
>           time.sleep(1)
>       i+=1

Yes, now I was also able to reproduce it.

* univention-python
  Fix: r59304 + r59305
  YAML: 59306

* univention-quota
  Fix: r59307
  YAML: r59309

* univention-home-mounter
  Fix: r59308
  YAML: r59310
Comment 5 Felix Botner univentionstaff 2015-03-24 09:46:45 CET
OK - share access without running master server (univention-samba)

OK - univention-home-mounter (reconnect option)
OK - univention-python (reconnect option)
OK - univention-quota (reconnect option)
OK - univention-samba (idmap config * : ldap_url)

OK - 2015-03-19-univention-samba.yaml
OK - 2015-03-18-univention-home-mounter.yaml
OK - 2015-03-18-univention-quota.yaml
OK - 2015-03-18-univention-python.yaml