Any try to change the security list in any printer spool in samba 4.2.0 running over Centos 6.6 give me a error. I get this trace (error level 10): [2015/04/06 15:14:35.305817, 5, pid=10303, effective(9201, 513), real(9201, 0)] ../source3/smbd/uid.c:452(smbd_become_authenticated_pipe_user) Impersonated user: uid=(9201,9201), gid=(0,513) [2015/04/06 15:14:35.305830, 5, pid=10303, effective(9201, 513), real(9201, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1238(api_pipe_request) Requested spoolss rpc service [2015/04/06 15:14:35.305842, 4, pid=10303, effective(9201, 513), real(9201, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1263(api_rpcTNP) api_rpcTNP: spoolss op 0x7 - api_rpcTNP: rpc command: SPOOLSS_SETPRINTER [2015/04/06 15:14:35.305856, 6, pid=10303, effective(9201, 513), real(9201, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1303(api_rpcTNP) api_rpc_cmds[7].fn == 0x7fa4f333e4ac [2015/04/06 15:14:35.305875, 1, pid=10303, effective(9201, 513), real(9201, 0)] ../librpc/ndr/ndr.c:578(ndr_pull_error) ndr_pull_error(7): Bad subcontext (PULL) size_is(0) mismatch content_size 131076 [2015/04/06 15:14:35.305893, 0, pid=10303, effective(9201, 513), real(9201, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1308(api_rpcTNP) api_rpcTNP: spoolss: SPOOLSS_SETPRINTER failed. [2015/04/06 15:14:35.305920, 4, pid=10303, effective(9201, 513), real(9201, 0)] ../source3/smbd/sec_ctx.c:421(pop_sec_ctx) pop_sec_ctx (9201, 513) - sec_ctx_stack_ndx = 0 [2015/04/06 15:14:35.305933, 3, pid=10303, effective(9201, 513), real(9201, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1622(process_complete_pdu) DCE/RPC fault sent!Setting fault state [2015/04/06 15:14:35.305951, 1, pid=10303, effective(9201, 513), real(9201, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &r: struct ncacn_packet rpc_vers : 0x05 (5) rpc_vers_minor : 0x00 (0) ptype : DCERPC_PKT_FAULT (3) pfc_flags : 0x23 (35) 1: DCERPC_PFC_FLAG_FIRST 1: DCERPC_PFC_FLAG_LAST 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING 0: DCERPC_PFC_FLAG_CONC_MPX 1: DCERPC_PFC_FLAG_DID_NOT_EXECUTE 0: DCERPC_PFC_FLAG_MAYBE 0: DCERPC_PFC_FLAG_OBJECT_UUID drep: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) frag_length : 0x0020 (32) auth_length : 0x0000 (0) call_id : 0x00000063 (99) u : union dcerpc_payload(case 3) fault: struct dcerpc_fault alloc_hint : 0x00000000 (0) context_id : 0x0000 (0) cancel_count : 0x00 (0) status : DCERPC_NCA_S_OP_RNG_ERROR (469827586) _pad : DATA_BLOB length=4 [0000] 00 00 00 00 ....
A backtrace: backtrace() returned 43 addresses /usr/local/samba/lib/libndr.so.0(ndr_pull_error+0x186) [0x7f7543946cf4] /usr/local/samba/lib/libndr.so.0(ndr_pull_subcontext_start+0x189) [0x7f7543947102] /usr/local/samba/lib/libndr-standard.so.0(ndr_pull_spoolss_DevmodeContainer+0x284) [0x7f7546cd0ebc] /usr/local/samba/lib/libndr-standard.so.0(ndr_pull_spoolss_SetPrinter+0x52e) [0x7f7546d54b5a] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(+0x2505b0) [0x7f75499fb5b0] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(+0x232d9b) [0x7f75499ddd9b] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(+0x23294d) [0x7f75499dd94d] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(+0x233694) [0x7f75499de694] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(process_complete_pdu+0xde) [0x7f75499de779] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(named_pipe_packet_process+0x197) [0x7f7549831fb7] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_notify_callback+0x6a) [0x7f7548f90fd8] /usr/local/samba/lib/samba/libtevent.so.0(+0x60ad) [0x7f7548f910ad] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_done+0x25) [0x7f7548f910d4] /usr/local/samba/lib/libdcerpc-binding.so.0(+0x1bd2c) [0x7f7542233d2c] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_notify_callback+0x6a) [0x7f7548f90fd8] /usr/local/samba/lib/samba/libtevent.so.0(+0x60ad) [0x7f7548f910ad] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_done+0x25) [0x7f7548f910d4] /usr/local/samba/lib/samba/libsamba-sockets-samba4.so(+0xc167) [0x7f754756f167] /usr/local/samba/lib/samba/libsamba-sockets-samba4.so(+0xc399) [0x7f754756f399] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_notify_callback+0x6a) [0x7f7548f90fd8] /usr/local/samba/lib/samba/libtevent.so.0(+0x60ad) [0x7f7548f910ad] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_done+0x25) [0x7f7548f910d4] /usr/local/samba/lib/samba/libsamba-sockets-samba4.so(+0xb674) [0x7f754756e674] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_req_notify_callback+0x6a) [0x7f7548f90fd8] /usr/local/samba/lib/samba/libtevent.so.0(+0x60ad) [0x7f7548f910ad] /usr/local/samba/lib/samba/libtevent.so.0(+0x61d2) [0x7f7548f911d2] /usr/local/samba/lib/samba/libtevent.so.0(tevent_common_loop_immediate+0x1f9) [0x7f7548f90364] /usr/local/samba/lib/libsmbconf.so.0(run_events_poll+0x57) [0x7f75479d429b] /usr/local/samba/lib/libsmbconf.so.0(+0x40948) [0x7f75479d4948] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_loop_once+0xfc) [0x7f7548f8f429] /usr/local/samba/lib/samba/libtevent.so.0(tevent_common_loop_wait+0x25) [0x7f7548f8f6a1] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_loop_wait+0x2b) [0x7f7548f8f76c] /usr/local/samba/lib/samba/libsmbd-base-samba4.so(smbd_process+0xbd1) [0x7f754991d03e] /usr/local/samba/sbin/smbd(+0xa98d) [0x7f754a3ef98d] /usr/local/samba/lib/libsmbconf.so.0(run_events_poll+0x544) [0x7f75479d4788] /usr/local/samba/lib/libsmbconf.so.0(+0x40a5e) [0x7f75479d4a5e] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_loop_once+0xfc) [0x7f7548f8f429] /usr/local/samba/lib/samba/libtevent.so.0(tevent_common_loop_wait+0x25) [0x7f7548f8f6a1] /usr/local/samba/lib/samba/libtevent.so.0(_tevent_loop_wait+0x2b) [0x7f7548f8f76c] /usr/local/samba/sbin/smbd(+0xb713) [0x7f754a3f0713] /usr/local/samba/sbin/smbd(main+0x15e2) [0x7f754a3f1ea7] /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f75462c2d5d] /usr/local/samba/sbin/smbd(+0x5de9) [0x7f754a3eade9]
The message that appear in the windows machine is: Status: 0x1C010002 nca_op_rng_error - The operation number passed in the request PDU is greater than or equal to the number of operations in the interface.
The problem appear only when I try to modify security from WindowsXP and I haven't this problem with Windows 7 or newer versions.
Thanks for the report Alejandro. Please provide a network trace covering the failed SPOOLSS_SETPRINTER operation. See https://wiki.samba.org/index.php/Capture_Packets for details.
Created attachment 10945 [details] Network Trace Network trace usign tcpdump. The client is a Windows XP SP3 and the server is a Samba 4.2 over CentOS 6.6
Created attachment 12662 [details] patch for 4.5
Created attachment 12663 [details] patch for 4.4
Comment on attachment 12663 [details] patch for 4.4 wrong patch I guess...
Comment on attachment 12663 [details] patch for 4.4 Doesn't look spoolss related to me :-).
Comment on attachment 12662 [details] patch for 4.5 Hmmm. On doing a git clean -d -f -x in 4.5.x and re-making I'm getting: In file included from ../source4/torture/ndr/spoolss.c:23:0: ../source4/torture/ndr/spoolss.c: In function ‘ndr_spoolss_suite’: ../source4/torture/ndr/ndr.h:57:26: error: ‘ndr_pull_winspool_AsyncSetPrinter’ undeclared (first use in this function) (ndr_pull_flags_fn_t)ndr_pull_ ## name, \ ^ ../source4/torture/ndr/spoolss.c:1890:2: note: in expansion of macro ‘torture_suite_add_ndr_pull_fn_test’ torture_suite_add_ndr_pull_fn_test(suite, winspool_AsyncSetPrinter, setprinter_level_3_xpsp3_req_data, NDR_IN, NULL); ^ ../source4/torture/ndr/ndr.h:57:26: note: each undeclared identifier is reported only once for each function it appears in (ndr_pull_flags_fn_t)ndr_pull_ ## name, \ ^ ../source4/torture/ndr/spoolss.c:1890:2: note: in expansion of macro ‘torture_suite_add_ndr_pull_fn_test’ torture_suite_add_ndr_pull_fn_test(suite, winspool_AsyncSetPrinter, setprinter_level_3_xpsp3_req_data, NDR_IN, NULL); ^ ../source4/torture/ndr/ndr.h:60:12: error: invalid application of ‘sizeof’ to incomplete type ‘struct winspool_AsyncSetPrinter’ sizeof(struct name), \ ^ ../source4/torture/ndr/spoolss.c:1890:2: note: in expansion of macro ‘torture_suite_add_ndr_pull_fn_test’ torture_suite_add_ndr_pull_fn_test(suite, winspool_AsyncSetPrinter, setprinter_level_3_xpsp3_req_data, NDR_IN, NULL); Is there a prerequisite patch missing here ?
Created attachment 12671 [details] patch for 4.5 v2
Created attachment 12672 [details] patch for 4.4 v2 Sorry, should be fixed now.
Re-assigning to Karolin for inclusion in 4.5.next, 4.4.next.
(In reply to Jeremy Allison from comment #13) Pushed to autobuild-v4-{4,5}-test.
(In reply to Karolin Seeger from comment #14) Pushed to both branches. Closing out bug report. Thanks!