mirror of
https://github.com/samba-team/samba.git
synced 2025-01-13 13:18:06 +03:00
97 lines
4.0 KiB
Plaintext
97 lines
4.0 KiB
Plaintext
!==
|
|
!== Tracing.txt for Samba release 2.0.0-alpha11 09 Oct 1998
|
|
!==
|
|
Contributor: Andrew Tridgell <samba-bugs@samba.anu.edu.au>
|
|
Date: Old
|
|
Status: Questionable
|
|
|
|
Subject: How to trace samba system calls for debugging purposes
|
|
=============================================================================
|
|
|
|
This file describes how to do a system call trace on Samba to work out
|
|
what its doing wrong. This is not for the faint of heart, but if you
|
|
are reading this then you are probably desperate.
|
|
|
|
Actually its not as bad as the the above makes it sound, just don't
|
|
expect the output to be very pretty :-)
|
|
|
|
Ok, down to business. One of the big advantages of unix systems is
|
|
that they nearly all come with a system trace utility that allows you
|
|
to monitor all system calls that a program is making. This is
|
|
extremely using for debugging and also helps when trying to work out
|
|
why something is slower than you expect. You can use system tracing
|
|
without any special compilation options.
|
|
|
|
The system trace utility is called different things on different
|
|
systems. On Linux systems its called strace. Under SunOS 4 its called
|
|
trace. Under SVR4 style systems (including solaris) its called
|
|
truss. Under many BSD systems its called ktrace.
|
|
|
|
The first thing you should do is read the man page for your native
|
|
system call tracer. In the discussion below I'll assume its called
|
|
strace as strace is the only portable system tracer (its available for
|
|
free for many unix types) and its also got some of the nicest
|
|
features.
|
|
|
|
Next, try using strace on some simple commands. For example, "strace
|
|
ls" or "strace echo hello".
|
|
|
|
You'll notice that it produces a LOT of output. It is showing you the
|
|
arguments to every system call that the program makes and the
|
|
result. Very little happens in a program without a system call so you
|
|
get lots of output. You'll also find that it produces a lot of
|
|
"preamble" stuff showing the loading of shared libraries etc. Ignore
|
|
this (unless its going wrong!)
|
|
|
|
For example, the only line that really matters in the "strace echo
|
|
hello" output is:
|
|
|
|
write(1, "hello\n", 6) = 6
|
|
|
|
all the rest is just setting up to run the program.
|
|
|
|
Ok, now you're famialiar with strace. To use it on Samba you need to
|
|
strace the running smbd daemon. The way I tend ot use it is to first
|
|
login from my Windows PC to the Samba server, then use smbstatus to
|
|
find which process ID that client is attached to, then as root I do
|
|
"strace -p PID" to attach to that process. I normally redirect the
|
|
stderr output from this command to a file for later perusal. For
|
|
example, if I'm using a csh style shell:
|
|
|
|
strace -f -p 3872 >& strace.out
|
|
|
|
or with a sh style shell:
|
|
|
|
strace -f -p 3872 > strace.out 2>&1
|
|
|
|
Note the "-f" option. This is only available on some systems, and
|
|
allows you to trace not just the current process, but any children it
|
|
forks. This is great for finding printing problems caused by the
|
|
"print command" being wrong.
|
|
|
|
Once you are attached you then can do whatever it is on the client
|
|
that is causing problems and you will capture all the system calls
|
|
that smbd makes.
|
|
|
|
So how do you interpret the results? Generally I search thorugh the
|
|
output for strings that I know will appear when the problem
|
|
happens. For example, if I am having touble with permissions on a file
|
|
I would search for that files name in the strace output and look at
|
|
the surrounding lines. Another trick is to match up file descriptor
|
|
numbers and "follow" what happens to an open file until it is closed.
|
|
|
|
Beyond this you will have to use your initiative. To give you an idea
|
|
of wehat you are looking for here is a piece of strace output that
|
|
shows that /dev/null is not world writeable, which causes printing to
|
|
fail with Samba:
|
|
|
|
[pid 28268] open("/dev/null", O_RDWR) = -1 EACCES (Permission denied)
|
|
[pid 28268] open("/dev/null", O_WRONLY) = -1 EACCES (Permission denied)
|
|
|
|
the process is trying to first open /dev/null read-write then
|
|
read-only. Both fail. This means /dev/null has incorrect permissions.
|
|
|
|
Have fun!
|
|
|
|
(please send updates/fixes to this file to samba-bugs@samba.anu.edu.au)
|