This has been long documented as:
selftest/skip:^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use
I see no reason why this wouldn't be the case in production either.
The unixinfo pipe should just be removed.
CVSSv3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (6.5)
At the time the unixinfo pipe went in the idea was to create basically a replacement for nss_ldap or NIS for nsswitch using winbind against a Samba DC, even a classic one would have done it. Unfortunately that never materialized, but I still like the idea.
The selftest comment appears to be in error. Removing embargo and submitting a patch to remove the selftest skip entry.
(In reply to Volker Lendecke from comment #1)
Yeah, it was and (contrary to my earlier dismissive comment) is still a good idea, needing someone to champion. We should make Samba the best AD DC for Samba, not just a windows look-a-like.
I'm glad it isn't actually a problem for now, which gives everyone some time.
What do you think we should do in the meantime? We could make it only operate in a selftest build, to reduce the surface and allow incompatible changes.
(In reply to Andrew Bartlett from comment #3)
> What do you think we should do in the meantime? We could make it only
> operate in a selftest build, to reduce the surface and allow incompatible
Sure, restricting it to DEVELOPER only is fine by me. Once MR1948 goes in this will even be easier: Just don't build rpcd_unixinfo (or the source4 equivalent) without --enable-selftest. We can then re-enable it once someone found the time to add the client code to winbind.
This bug was referenced in samba master:
(In reply to Volker Lendecke from comment #4)
Thanks. Looks like is is being built as a module so should be easy to handle.