12850 – RPC calls failing due to imessaging_init (likely introduced with auth logging)

Bug 12850 - RPC calls failing due to imessaging_init (likely introduced with auth logging)

Summary: RPC calls failing due to imessaging_init (likely introduced with auth logging)

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	DCE-RPCs and pipes (show other bugs)
Version:	4.5.0
Hardware:	All All

Importance:	P5 regression (vote)
Target Milestone:	4.7
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-06-19 21:55 UTC by Garming Sam
Modified:	2017-07-04 19:10 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
Untested patch for master (1.03 KB, patch) 2017-06-30 17:32 UTC, Stefan Metzmacher	no flags	Details
Tested patch using traffic-generator (1.13 KB, text/plain) 2017-07-02 23:04 UTC, Tim Beale	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Garming Sam 2017-06-19 21:55:13 UTC

Observed a svrsvc getshareinfo call failing due to the msg.sock directory requiring ownership under the client's uid. I'm not sure if this is a general issue (because I would've expected the same initialization call in other places in s3) or one simply introduced with auth logging.


/home/ubuntu/samba-locking/bin/smbd: 10.9.0.202 (ipv4:10.9.0.202:57204) signed connect to service IPC$ initially as user SAMDOM\STGU-0-164 (uid=3000701, gid=100) (pid 11548)
/home/ubuntu/samba-locking/bin/smbd: tconX service=IPC$ 
/home/ubuntu/samba-locking/bin/smbd: Transaction 4 of length 106 (0 toread)
/home/ubuntu/samba-locking/bin/smbd: switch message SMBntcreateX (pid 11548) conn 0x55c267dcdbb0
/home/ubuntu/samba-locking/bin/smbd: Transaction 5 of length 204 (0 toread)
/home/ubuntu/samba-locking/bin/smbd: switch message SMBtrans (pid 11548) conn 0x55c267dcdbb0
/home/ubuntu/samba-locking/bin/smbd: trans <\PIPE\> data=116 params=0 setup=2
/home/ubuntu/samba-locking/bin/smbd: named pipe command on <> name
/home/ubuntu/samba-locking/bin/smbd: Got API command 0x26 on pipe "srvsvc" (pnum 25aa)
/home/ubuntu/samba-locking/bin/smbd: api_pipe_bind_req: srvsvc -> srvsvc rpc service
/home/ubuntu/samba-locking/bin/smbd: check_bind_req for srvsvc context_id=0
/home/ubuntu/samba-locking/bin/smbd: check_bind_req: srvsvc -> srvsvc rpc service
/home/ubuntu/samba-locking/bin/smbd: 0, 3000701
/home/ubuntu/samba-locking/bin/smbd: directory_create_or_exist_strict: invalid ownership on directory /usr/local/samba/private/msg.sock
/home/ubuntu/samba-locking/bin/smbd: imessaging_init failed
/home/ubuntu/samba-locking/bin/smbd: Unable to make auth context for authz log.
/home/ubuntu/samba-locking/bin/smbd: Disconnect after fault
/home/ubuntu/samba-locking/bin/smbd: Fatal error(Invalid argument). Terminating client(10.9.0.202) connection!
/home/ubuntu/samba-locking/bin/smbd: 10.9.0.202 (ipv4:10.9.0.202:57204) closed connection to service IPC$
/home/ubuntu/samba-locking/bin/smbd: Server exit (failed to receive smb request)

Comment 1 Stefan Metzmacher 2017-06-20 08:39:46 UTC

I guess we need become_root() in some places...

Comment 2 Stefan Metzmacher 2017-06-30 17:32:25 UTC

Created attachment 13335 [details]
Untested patch for master

I tested a patch that wraps api_pipe_bind_req, api_pipe_alter_context, api_pipe_bind_auth3 in become_root() and unbecome_root()

It would be great if someone can test this.

The reproducer is:
smbclient -L ${ip_of_ad_dc} -Usomenonadministratoruser

Comment 3 Tim Beale 2017-07-02 23:04:02 UTC

Created attachment 13339 [details]
Tested patch using traffic-generator

The patch fixes the problem we were seeing with failed srvsvc operations when running the new performance tool. See attached for more details.

Comment 4 Stefan Metzmacher 2017-07-04 19:10:18 UTC

Fixed with 1f5a297b516b56ab6afbfc4ba1513dc73764dcf7 in 4.7.0rc1 and master