net tool crash to segfault with multiple domains in 'search' record at /etc/resolv.conf Steps to reproduce: $ cat /etc/resolv.conf # Generated by resolvconf # Do not edit manually, use # /etc/net/ifaces/<interface>/resolv.conf instead. domain xdomain.alt search xdomain.alt darkmastersin.net nameserver 192.168.56.2 nameserver 10.0.2.3 $ sudo net ads join '-UAdministrator%Pa$$word' Using short domain name -- XDOMAIN Joined 'CLIENT' to dns domain 'xdomain.alt' Segmentation fault Fixed case: $ sudo vi /etc/resolv.conf $ cat /etc/resolv.conf # Generated by resolvconf # Do not edit manually, use # /etc/net/ifaces/<interface>/resolv.conf instead. domain xdomain.alt search xdomain.alt nameserver 192.168.56.2 nameserver 10.0.2.3 [vagrant@client ~]$ sudo net ads join '-UAdministrator%Pa$$word' Using short domain name -- XDOMAIN Joined 'CLIENT' to dns domain 'xdomain.alt' No DNS domain configured for client. Unable to perform DNS Update. DNS update failed: NT_STATUS_INVALID_PARAMETER Samba config: $ grep -v -e "^\s*$" -e "^\s*\(#\|;\)" /etc/samba/smb.conf [global] security = ads realm = XDOMAIN.ALT workgroup = XDOMAIN netbios name = CLIENT template shell = /bin/bash kerberos method = system keytab wins support = no idmap config * : range = 10000-20000000 idmap config * : backend = tdb [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes
Can you attach a debug backtrace with symbols please ?
SEGFAULT: [vagrant@client ~]$ cat /etc/resolv.conf # Generated by resolvconf # Do not edit manually, use # /etc/net/ifaces/<interface>/resolv.conf instead. search domain.alt darkmastersin.net nameserver 192.168.56.2 [vagrant@client ~]$ sudo /usr/bin/net ads join '-UAdministrator%Pa$$word' Using short domain name -- DOMAIN Joined 'CLIENT' to dns domain 'domain.alt' Ошибка сегментирования [vagrant@client ~]$ sudo gdb /usr/bin/net GNU gdb (GDB) 7.9-alt4 (ALT) Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-alt-linux". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/bin/net...Reading symbols from /usr/lib/debug/usr/bin/net.debug...done. done. (gdb) run ads join '-UAdministrator%Pa$$word' Starting program: /usr/bin/net ads join '-UAdministrator%Pa$$word' [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Detaching after fork from child process 18049. Missing separate debuginfo for /lib64/libnss_dns.so.2 Try to install the hash file /usr/lib/debug/.build-id/8a/ce5b132d77c33c753b671f4c9edd8743c39d50.debug Missing separate debuginfo for /usr/lib64/gconv/UTF-16.so Try to install the hash file /usr/lib/debug/.build-id/7f/562d34ebd794cee9cd8dca4182e8df785ed0b1.debug Missing separate debuginfo for /usr/lib64/gconv/IBM850.so Try to install the hash file /usr/lib/debug/.build-id/8a/eec924ef93f42a69739877857193387dfb3bd4.debug Missing separate debuginfo for /lib64/libnss_myhostname.so.2 Try to install the hash file /usr/lib/debug/.build-id/3b/5e13602d5ad2ad22503e395c861493bb36792d.debug Missing separate debuginfo for /usr/lib64/sasl2-3/libgssapiv2.so Try to install the hash file /usr/lib/debug/.build-id/57/aa1d70570135e71845edc138f0740a1822f089.debug Missing separate debuginfo for /usr/lib64/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so Try to install the hash file /usr/lib/debug/.build-id/b0/86b7d1f8499150a6b901df66ec4b790e840a88.debug Missing separate debuginfo for /usr/lib64/ldb/modules/ldb/memberof.so Try to install the hash file /usr/lib/debug/.build-id/e7/6c46ba08527d48da4e4ff23f1cde9192bb1afc.debug Missing separate debuginfo for /usr/lib64/sssd/libsss_debug.so Try to install the hash file /usr/lib/debug/.build-id/93/2c40d93f32b0788033b3095bd86b3c5302e6b1.debug Missing separate debuginfo for /usr/lib64/libdhash.so.1 Try to install the hash file /usr/lib/debug/.build-id/a6/c378ee9259230fdf4c9657b2c214a1881c1f0e.debug Using short domain name -- DOMAIN Joined 'CLIENT' to dns domain 'domain.alt' Program received signal SIGSEGV, Segmentation fault. 0x00005555555c9c13 in DoDNSUpdate (pszServerName=pszServerName@entry=0x7fffffffd490 "dns1.yandex.net", pszDomainName=pszDomainName@entry=0x7fffffffd397 "darkmastersin.net", pszHostName=pszHostName@entry=0x7fffffffd390 "client.darkmastersin.net", sslist=sslist@entry=0x555555884e60, num_addrs=num_addrs@entry=4, flags=flags@entry=61, remove_host=false) at ../source3/utils/net_dns.c:80 80 if ((dns_response_code(resp->flags) == DNS_NO_ERROR) && (gdb) backtrace #0 0x00005555555c9c13 in DoDNSUpdate (pszServerName=pszServerName@entry=0x7fffffffd490 "dns1.yandex.net", pszDomainName=pszDomainName@entry=0x7fffffffd397 "darkmastersin.net", pszHostName=pszHostName@entry=0x7fffffffd390 "client.darkmastersin.net", sslist=sslist@entry=0x555555884e60, num_addrs=num_addrs@entry=4, flags=flags@entry=61, remove_host=false) at ../source3/utils/net_dns.c:80 #1 0x0000555555591095 in net_update_dns_internal (remove_host=false, num_addrs=4, addrs=0x555555884e60, machine_name=0x7fffffffd390 "client.darkmastersin.net", ads=<optimized out>, ctx=0x0, c=0x555555832ab0) at ../source3/utils/net_ads.c:1250 #2 net_update_dns_ext (c=c@entry=0x555555832ab0, mem_ctx=mem_ctx@entry=0x5555558496b0, ads=<optimized out>, hostname=hostname@entry=0x0, iplist=0x555555884e60, iplist@entry=0x0, num_addrs=4, num_addrs@entry=0, remove_host=false) at ../source3/utils/net_ads.c:1320 #3 0x0000555555592e0e in net_update_dns (hostname=0x0, ads=<optimized out>, mem_ctx=0x5555558496b0, c=<optimized out>) at ../source3/utils/net_ads.c:1331 #4 _net_ads_join_dns_updates (r=<optimized out>, ctx=0x5555558496b0, c=<optimized out>) at ../source3/utils/net_ads.c:1443 #5 net_ads_join (c=<optimized out>, argc=<optimized out>, argv=<optimized out>) at ../source3/utils/net_ads.c:1632 #6 0x0000555555598154 in net_ads (c=<optimized out>, argc=<optimized out>, argv=<optimized out>) at ../source3/utils/net_ads.c:3473 #7 0x00005555555777fe in main (argc=4, argv=0x7fffffffe408) at ../source3/utils/net.c:1116 OK: [vagrant@client ~]$ cat /etc/resolv.conf # Generated by resolvconf # Do not edit manually, use # /etc/net/ifaces/<interface>/resolv.conf instead. search domain.alt nameserver 192.168.56.2 [vagrant@client ~]$ sudo /usr/bin/net ads join '-UAdministrator%Pa$$word' Using short domain name -- DOMAIN Joined 'CLIENT' to dns domain 'domain.alt' No DNS domain configured for client. Unable to perform DNS Update. DNS update failed: NT_STATUS_INVALID_PARAMETER "Unable to perform DNS Update" is ok this time. It is another problem.
(In reply to Evgeny Sinelnikov from comment #2) What version of samba you are using? I tried repro with samba-4.10.4 but cannot repro /etc/resolv.conf domain atest.com search atest.com dtest.com ptest.com nameserver <> nameserver <> # cat /etc/samba/smb.conf [global] security = ads realm = ATEST.COM workgroup = ATEST netbios name = CLIENT template shell = /bin/bash kerberos method = system keytab wins support = no idmap config * : range = 10000-20000000 idmap config * : backend = tdb [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes # /usr/local/samba/bin/net ads join -U Administrator -d 10 .. Using short domain name -- ATEST Joined '<>' to dns domain 'atest.com' kerberos_kinit_password: as <>$@ATEST.COM using [MEMORY:net_ads] as ccache and config [/usr/local/samba/var/lock/smb_krb5/krb5.conf.ATEST] getaddrinfo: Name or service not known name_to_fqdn: lookup for <> failed. added interface virbr0 ip=<> bcast=<> netmask=<> added interface ens3 ip=<> bcast=<> netmask=<> No DNS domain configured for vm255-120. Unable to perform DNS Update. DNS update failed: NT_STATUS_INVALID_PARAMETER return code = 0 # Though this code may crash. When resp returned is NULL, But err is returned is 0. #define ERROR_DNS_SUCCESS ERROR_DNS(0) #define ERROR_DNS_RECORD_NOT_FOUND ERROR_DNS(1) #define ERROR_DNS_BAD_RESPONSE ERROR_DNS(2) #define ERROR_DNS_INVALID_PARAMETER ERROR_DNS(3) #define ERROR_DNS_NO_MEMORY ERROR_DNS(4) #define ERROR_DNS_INVALID_NAME_SERVER ERROR_DNS(5) #define ERROR_DNS_CONNECTION_FAILED ERROR_DNS(6) #define ERROR_DNS_GSS_ERROR ERROR_DNS(7) #define ERROR_DNS_INVALID_NAME ERROR_DNS(8) #define ERROR_DNS_INVALID_MESSAGE ERROR_DNS(9) #define ERROR_DNS_SOCKET_ERROR ERROR_DNS(10) #define ERROR_DNS_UPDATE_FAILED ERROR_DNS(11) #define ERR_DNS_IS_OK(x) (ERROR_DNS_V(x) == 0) err = dns_update_transaction(mem_ctx, conn, req, &resp); if (!ERR_DNS_IS_OK(err)) { DEBUG(3,("DoDNSUpdate: unsigned update failed\n")); goto error; } if ((dns_response_code(resp->flags) == DNS_NO_ERROR) && <<<81 (flags & DNS_UPDATE_UNSIGNED_SUFFICIENT)) { TALLOC_FREE(mem_ctx); return ERROR_DNS_SUCCESS; } 1. Would be good to check where dns_update_transaction() returns "struct dns_update_request" But err as ERROR_DNS_SUCCESS. 2. Quick fix would be, to add check resp is empty or not. if (resp && (dns_response_code(resp->flags) == DNS_NO_ERROR)..
Evgeny Sinelnikov Can you please check with latest samba version? if still it crashes, I believe your /etc/resolv.conf, /etc/hosts, /etc/hostname and coredump would be handy!! I cannot repro.
I'll try in the coming days on a stand.
Small comment on this. This works since samba 4.1, how i know, because i use(d) that also with about 5 subdomains. ( on Debian wheezy/jessie/stretch ) Recent changes in resolving removed the need of `domain` and search should have the primary dns domain first. I'm betting, this is a error in the setup or something conflicting with this OS, which is OS (unknown)? I noticed also: [/usr/local/samba/var/lock/smb_krb5/krb5.conf.ATEST] getaddrinfo: Name or service not known name_to_fqdn: lookup for <> failed. <<<<<<<<<< So without seeing your hosts, im betting that is the problem. You want to see this as minimal. echo "127.0.0.1 localhost $(hostname -i) $(hostname -f) $(hostname -s) # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback localhost ff02::1 ip6-allnodes ff02::2 ip6-allrouters" there is only one hostname, all others are aliasses, put these as CNAME in the DNS. And please can you also share the OS and version?
(In reply to Louis from comment #6) And even i missed the "wrong configured smb.conf" For the smb.conf, i suggest, go here: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member start reading as of : Setting up a Basic smb.conf File
This has been fixed in bug report 13440
*** This bug has been marked as a duplicate of bug 13440 ***