Bug 10066 - winbindd does not honor socket directory options in smb.conf
Summary: winbindd does not honor socket directory options in smb.conf
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-08-02 09:54 UTC by Stijn Hoop
Modified: 2017-01-03 08:44 UTC (History)
2 users (show)

See Also:


Attachments
patch for master (1.96 KB, patch)
2017-01-03 07:58 UTC, Andrew Bartlett
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Stijn Hoop 2013-08-02 09:54:43 UTC
While trying to set up a test installation of samba on my development CentOS 6.4 machine, I needed to install it alongside the system samba. I did this by building samba with --prefix=/opt.

This led to the freshly built winbind putting its pipes in /opt/samba as expected. Also expected was the associated breakage for ID lookups (that worked with the system samba).

However I thought to use the socket options in smb.conf to let my new winbind use the old locations, but that turned out not to work:

[stijn@pclinvir028] </opt/samba/bin> ./testparm -v | grep winbindd
        winbindd socket directory = /var/run/winbindd
        winbindd privileged socket directory = /var/lib/samba/winbindd_privileged

[stijn@pclinvir028] </opt/samba/bin> ls -ld /var/run/winbindd /var/lib/samba/winbindd_privileged
drwxr-x---. 2 root root 4096 Aug  2 11:30 /var/lib/samba/winbindd_privileged/
drwxr-xr-x. 2 root root 4096 Aug  2 11:22 /var/run/winbindd/

[stijn@pclinvir028] </opt/samba/bin> sudo ls -l /var/run/winbindd /var/lib/samba/winbindd_privileged
/var/lib/samba/winbindd_privileged:
total 0

/var/run/winbindd:
total 0

[stijn@pclinvir028] </opt/samba/bin> sudo find /opt/samba -name pipe
/opt/samba/var/locks/winbindd_privileged/pipe
/opt/samba/var/run/winbindd/pipe

This is with a checkout of v4-0-stable built from source.

FWIW I worked around it by replacing /lib64/libnss_winbind.so.2 with the freshly built copy, thus ensuring that the library used the --prefix I compiled with.
Comment 1 Björn Jacke 2013-08-16 19:58:15 UTC
that option is unfortunately only used by winbind4 that is used by the "samba" daemon, not by the winbind daemon. we know this is highly confusing to have one aet of winbind parameters documented and have two different winbind versions that take very different parameters. andrew has plans to merge the two, which will make go away confusions like this hopefully.
Comment 2 Andrew Bartlett 2017-01-03 07:58:40 UTC
Created attachment 12788 [details]
patch for master

"winbindd socket directory" is honoured, but "winbindd privileged socket directory" is not, and has not been in any configuration since we moved to just using the source3 winbindd with Samba 4.3.

We need to remove the manpage entry (and so the config option) for "winbindd privileged socket directory" and the associated stuff.  Patch attached, submitted to samba-technical for master.