Open
Description
Support guidelines
- I've read the support guidelines
I've found a bug and checked that ...
- ... the documentation does not mention anything about my problem
- ... there are no open or closed issues that are related to my problem
Description
I want to use your samba container on a fedora server. Fedora server uses podman for container managemend instead of docker. When I try to use my docker-compose.yaml I got the following issue:
INTERNAL ERROR: open_sockets_smbd() failed in smbd () () pid 857 (4.19.9)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
PANIC (pid 857): open_sockets_smbd() failed in 4.19.9
unable to produce a stack trace on this platform
coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern
smbd version 4.19.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2023
smbd_open_one_socket: open_socket_in failed: Permission denied
smbd_open_one_socket: open_socket_in failed: Permission denied
open_sockets_smbd: No sockets available to bind to.
===============================================================When I try the same config with Docker, everything works as expected. Even in privileged mode or the capability SYS_ADMIN the error occures.
Expected behaviour
The container comes up and I can discover/read/write the smb shares.
Actual behaviour
The Container "crashes" with the following error:
INTERNAL ERROR: open_sockets_smbd() failed in smbd () () pid 857 (4.19.9)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
PANIC (pid 857): open_sockets_smbd() failed in 4.19.9
unable to produce a stack trace on this platform
coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern
smbd version 4.19.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2023
smbd_open_one_socket: open_socket_in failed: Permission denied
smbd_open_one_socket: open_socket_in failed: Permission denied
open_sockets_smbd: No sockets available to bind to.
===============================================================Steps to reproduce
- Create the required directory
- run the following command
podman run -d --network host \ --security-opt label=disable -e LOG_LEVEL=debug -v "./data:/data" -v "./misc:/samba/misc" -v "./backup:/samba/backup" \ --privileged --name samba crazymax/samba
Docker info
host:
arch: amd64
buildahVersion: 1.38.0
cgroupControllers:
- cpu
- io
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.12-3.fc41.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.12, commit: '
cpuUtilization:
idlePercent: 88.37
systemPercent: 5.06
userPercent: 6.57
cpus: 8
databaseBackend: sqlite
distribution:
distribution: fedora
variant: workstation
version: "41"
eventLogger: journald
freeLocks: 2042
hostname: fedora
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 524288
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 524288
size: 65536
kernel: 6.12.5-200.fc41.x86_64
linkmode: dynamic
logDriver: journald
memFree: 19526934528
memTotal: 33448763392
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.13.1-1.fc41.x86_64
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.13.1
package: netavark-1.13.1-1.fc41.x86_64
path: /usr/libexec/podman/netavark
version: netavark 1.13.1
ociRuntime:
name: crun
package: crun-1.19.1-1.fc41.x86_64
path: /usr/bin/crun
version: |-
crun version 1.19.1
commit: 3e32a70c93f5aa5fea69b50256cca7fd4aa23c80
rundir: /run/user/1000/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-0^20241211.g09478d5-1.fc41.x86_64
version: |
pasta 0^20241211.g09478d5-1.fc41.x86_64
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: true
path: /run/user/1000/podman/podman.sock
rootlessNetworkCmd: pasta
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.3.1-1.fc41.x86_64
version: |-
slirp4netns version 1.3.1
commit: e5e368c4f5db6ae75c2fce786e31eef9da6bf236
libslirp: 4.8.0
SLIRP_CONFIG_VERSION_MAX: 5
libseccomp: 2.5.5
swapFree: 8589930496
swapTotal: 8589930496
uptime: 2h 52m 26.00s (Approximately 0.08 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- docker.io
store:
configFile: /home/tom/.config/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 1
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/tom/.local/share/containers/storage
graphRootAllocated: 510389125120
graphRootUsed: 205920841728
graphStatus:
Backing Filesystem: btrfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 12
runRoot: /run/user/1000/containers
transientStore: false
volumePath: /home/tom/.local/share/containers/storage/volumes
version:
APIVersion: 5.3.1
Built: 1732147200
BuiltTime: Thu Nov 21 01:00:00 2024
GitCommit: ""
GoVersion: go1.23.3
Os: linux
OsArch: linux/amd64
Version: 5.3.1
Docker Compose config
>>>> Executing external compose provider "/usr/libexec/docker/cli-plugins/docker-compose". Please see podman-compose(1) for how to disable this message. <<<<
name: samba
services:
samba:
container_name: samba
environment:
SAMBA_LOG_LEVEL: "0"
TZ: Europe/Berlin
image: crazymax/samba
network_mode: host
restart: always
security_opt:
- label=disable
volumes:
- type: bind
source: /home/tom/Documents/github/tzabbi/homelab/samba-test/data
target: /data
bind:
create_host_path: true
- type: bind
source: /home/tom/Documents/github/tzabbi/homelab/samba-test/misc
target: /samba/misc
bind:
create_host_path: true
- type: bind
source: /home/tom/Documents/github/tzabbi/homelab/samba-test/backup
target: /samba/backup
bind:
create_host_path: trueLogs
$ podman logs samba
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-config.sh: executing...
Setting timezone to UTC
Initializing files and folders
Setting global configuration
Creating user l-backup/l-backup (1000:1000)
Creating user tom/tom (1001:1001)
Creating share misc
Creating share backup
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)
# Global parameters
[global]
WARNING: some services use vfs_fruit, others don't. Mounting them in conjunction on OS X clients results in undefined behaviour.
Server role: ROLE_STANDALONE
disable netbios = Yes
disable spoolss = Yes
dns proxy = No
local master = No
map to guest = Bad User
pam password change = Yes
printcap name = /dev/null
security = USER
server role = standalone server
server services = s3fs, rpc, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
server string = Docker Samba Server
smb1 unix extensions = No
smb ports = 445
usershare allow guests = Yes
winbind scan trusted domains = Yes
fruit:time machine = yes
fruit:delete_empty_adfiles = yes
fruit:wipe_intentionally_left_blank_rfork = yes
fruit:veto_appledouble = no
fruit:posix_rename = yes
fruit:model = MacSamba
fruit:metadata = stream
idmap config * : backend = tdb
create mask = 0664
directory mask = 0775
force create mode = 0664
force directory mode = 0775
hosts allow = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
hosts deny = 0.0.0.0/0
printing = bsd
strict locking = No
vfs objects = fruit streams_xattr
wide links = Yes
[misc]
comment = everything can be stored here
guest ok = Yes
path = /samba/misc
valid users = tom
vfs objects = recycle
write list = tom
recycle:versions = yes
recycle:keeptree = yes
recycle:repository = .recycle
[backup]
guest ok = Yes
path = /samba/backup
read only = No
valid users = backup
write list = backup
[cont-init.d] 01-config.sh: exited 0.
[cont-init.d] 02-svc-smbd.sh: executing...
[cont-init.d] 02-svc-smbd.sh: exited 0.
[cont-init.d] 03-svc-wsdd2.sh: executing...
[cont-init.d] 03-svc-wsdd2.sh: exited 0.
[cont-init.d] ~-socklog: executing...
[cont-init.d] ~-socklog: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
smbd version 4.19.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2023
smbd_open_one_socket: open_socket_in failed: Permission denied
smbd_open_one_socket: open_socket_in failed: Permission denied
open_sockets_smbd: No sockets available to bind to.
===============================================================
INTERNAL ERROR: open_sockets_smbd() failed in smbd () () pid 803 (4.19.9)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
PANIC (pid 803): open_sockets_smbd() failed in 4.19.9
unable to produce a stack trace on this platform
coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern
smbd version 4.19.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2023
smbd_open_one_socket: open_socket_in failed: Permission denied
smbd_open_one_socket: open_socket_in failed: Permission denied
open_sockets_smbd: No sockets available to bind to.
===============================================================
INTERNAL ERROR: open_sockets_smbd() failed in smbd () () pid 851 (4.19.9)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
PANIC (pid 851): open_sockets_smbd() failed in 4.19.9
unable to produce a stack trace on this platform
coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern
smbd version 4.19.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2023
smbd_open_one_socket: open_socket_in failed: Permission denied
smbd_open_one_socket: open_socket_in failed: Permission denied
open_sockets_smbd: No sockets available to bind to.
===============================================================
INTERNAL ERROR: open_sockets_smbd() failed in smbd () () pid 857 (4.19.9)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
PANIC (pid 857): open_sockets_smbd() failed in 4.19.9
unable to produce a stack trace on this platform
coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern
smbd version 4.19.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2023
smbd_open_one_socket: open_socket_in failed: Permission denied
smbd_open_one_socket: open_socket_in failed: Permission denied
open_sockets_smbd: No sockets available to bind to.
===============================================================
INTERNAL ERROR: open_sockets_smbd() failed in smbd () () pid 863 (4.19.9)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
PANIC (pid 863): open_sockets_smbd() failed in 4.19.9
unable to produce a stack trace on this platform
coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern
Additional info
I'm using Fedora 41.
Podman version:
Client: Podman Engine
Version: 5.3.1
API Version: 5.3.1
Go Version: go1.23.3
Built: Thu Nov 21 01:00:00 2024
OS/Arch: linux/amd64
Activity