| 1 | <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 14. Tracing samba system calls</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"><link rel="home" href="index.html" title="SAMBA Developers Guide"><link rel="up" href="pt04.html" title="Part IV. Debugging and tracing"><link rel="prev" href="pt04.html" title="Part IV. Debugging and tracing"><link rel="next" href="devprinting.html" title="Chapter 15. Samba Printing Internals"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 14. Tracing samba system calls</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="pt04.html">Prev</a> </td><th width="60%" align="center">Part IV. Debugging and tracing</th><td width="20%" align="right"> <a accesskey="n" href="devprinting.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 14. Tracing samba system calls"><div class="titlepage"><div><div><h2 class="title"><a name="tracing"></a>Chapter 14. Tracing samba system calls</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Andrew</span> <span class="surname">Tridgell</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span></div></div></div></div></div><p>
|
|---|
| 2 | This file describes how to do a system call trace on Samba to work out
|
|---|
| 3 | what its doing wrong. This is not for the faint of heart, but if you
|
|---|
| 4 | are reading this then you are probably desperate.
|
|---|
| 5 | </p><p>
|
|---|
| 6 | Actually its not as bad as the the above makes it sound, just don't
|
|---|
| 7 | expect the output to be very pretty :-)
|
|---|
| 8 | </p><p>
|
|---|
| 9 | Ok, down to business. One of the big advantages of unix systems is
|
|---|
| 10 | that they nearly all come with a system trace utility that allows you
|
|---|
| 11 | to monitor all system calls that a program is making. This is
|
|---|
| 12 | extremely using for debugging and also helps when trying to work out
|
|---|
| 13 | why something is slower than you expect. You can use system tracing
|
|---|
| 14 | without any special compilation options.
|
|---|
| 15 | </p><p>
|
|---|
| 16 | The system trace utility is called different things on different
|
|---|
| 17 | systems. On Linux systems its called strace. Under SunOS 4 its called
|
|---|
| 18 | trace. Under SVR4 style systems (including solaris) its called
|
|---|
| 19 | truss. Under many BSD systems its called ktrace.
|
|---|
| 20 | </p><p>
|
|---|
| 21 | The first thing you should do is read the man page for your native
|
|---|
| 22 | system call tracer. In the discussion below I'll assume its called
|
|---|
| 23 | strace as strace is the only portable system tracer (its available for
|
|---|
| 24 | free for many unix types) and its also got some of the nicest
|
|---|
| 25 | features.
|
|---|
| 26 | </p><p>
|
|---|
| 27 | Next, try using strace on some simple commands. For example, <code class="literal">strace
|
|---|
| 28 | ls</code> or <code class="literal">strace echo hello</code>.
|
|---|
| 29 | </p><p>
|
|---|
| 30 | You'll notice that it produces a LOT of output. It is showing you the
|
|---|
| 31 | arguments to every system call that the program makes and the
|
|---|
| 32 | result. Very little happens in a program without a system call so you
|
|---|
| 33 | get lots of output. You'll also find that it produces a lot of
|
|---|
| 34 | "preamble" stuff showing the loading of shared libraries etc. Ignore
|
|---|
| 35 | this (unless its going wrong!)
|
|---|
| 36 | </p><p>
|
|---|
| 37 | For example, the only line that really matters in the <code class="literal">strace echo
|
|---|
| 38 | hello</code> output is:
|
|---|
| 39 | </p><pre class="programlisting">
|
|---|
| 40 | write(1, "hello\n", 6) = 6
|
|---|
| 41 | </pre><p>all the rest is just setting up to run the program.</p><p>
|
|---|
| 42 | Ok, now you're familiar with strace. To use it on Samba you need to
|
|---|
| 43 | strace the running smbd daemon. The way I tend ot use it is to first
|
|---|
| 44 | login from my Windows PC to the Samba server, then use smbstatus to
|
|---|
| 45 | find which process ID that client is attached to, then as root I do
|
|---|
| 46 | <code class="literal">strace -p PID</code> to attach to that process. I normally redirect the
|
|---|
| 47 | stderr output from this command to a file for later perusal. For
|
|---|
| 48 | example, if I'm using a csh style shell:
|
|---|
| 49 | </p><p><code class="literal">strace -f -p 3872 >& strace.out</code></p><p>or with a sh style shell:</p><p><code class="literal">strace -f -p 3872 > strace.out 2>&1</code></p><p>
|
|---|
| 50 | Note the "-f" option. This is only available on some systems, and
|
|---|
| 51 | allows you to trace not just the current process, but any children it
|
|---|
| 52 | forks. This is great for finding printing problems caused by the
|
|---|
| 53 | "print command" being wrong.
|
|---|
| 54 | </p><p>
|
|---|
| 55 | Once you are attached you then can do whatever it is on the client
|
|---|
| 56 | that is causing problems and you will capture all the system calls
|
|---|
| 57 | that smbd makes.
|
|---|
| 58 | </p><p>
|
|---|
| 59 | So how do you interpret the results? Generally I search through the
|
|---|
| 60 | output for strings that I know will appear when the problem
|
|---|
| 61 | happens. For example, if I am having touble with permissions on a file
|
|---|
| 62 | I would search for that files name in the strace output and look at
|
|---|
| 63 | the surrounding lines. Another trick is to match up file descriptor
|
|---|
| 64 | numbers and "follow" what happens to an open file until it is closed.
|
|---|
| 65 | </p><p>
|
|---|
| 66 | Beyond this you will have to use your initiative. To give you an idea
|
|---|
| 67 | of what you are looking for here is a piece of strace output that
|
|---|
| 68 | shows that <code class="filename">/dev/null</code> is not world writeable, which
|
|---|
| 69 | causes printing to fail with Samba:
|
|---|
| 70 | </p><pre class="programlisting">
|
|---|
| 71 | [pid 28268] open("/dev/null", O_RDWR) = -1 EACCES (Permission denied)
|
|---|
| 72 | [pid 28268] open("/dev/null", O_WRONLY) = -1 EACCES (Permission denied)
|
|---|
| 73 | </pre><p>
|
|---|
| 74 | The process is trying to first open <code class="filename">/dev/null</code> read-write
|
|---|
| 75 | then read-only. Both fail. This means <code class="filename">/dev/null</code> has
|
|---|
| 76 | incorrect permissions.
|
|---|
| 77 | </p></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="pt04.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="pt04.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="devprinting.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Part IV. Debugging and tracing </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 15. Samba Printing Internals</td></tr></table></div></body></html>
|
|---|
