This has been long documented as: selftest/skip:^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use I see no reason why this wouldn't be the case in production either. The unixinfo pipe should just be removed. CVSSv3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (6.5)
At the time the unixinfo pipe went in the idea was to create basically a replacement for nss_ldap or NIS for nsswitch using winbind against a Samba DC, even a classic one would have done it. Unfortunately that never materialized, but I still like the idea.
The selftest comment appears to be in error. Removing embargo and submitting a patch to remove the selftest skip entry.
(In reply to Volker Lendecke from comment #1) Yeah, it was and (contrary to my earlier dismissive comment) is still a good idea, needing someone to champion. We should make Samba the best AD DC for Samba, not just a windows look-a-like. I'm glad it isn't actually a problem for now, which gives everyone some time. What do you think we should do in the meantime? We could make it only operate in a selftest build, to reduce the surface and allow incompatible changes.
(In reply to Andrew Bartlett from comment #3) > What do you think we should do in the meantime? We could make it only > operate in a selftest build, to reduce the surface and allow incompatible > changes. Sure, restricting it to DEVELOPER only is fine by me. Once MR1948 goes in this will even be easier: Just don't build rpcd_unixinfo (or the source4 equivalent) without --enable-selftest. We can then re-enable it once someone found the time to add the client code to winbind.
This bug was referenced in samba master: 638c6d423e78ae7b4429c7157c7e86af2313936a
(In reply to Volker Lendecke from comment #4) Thanks. Looks like is is being built as a module so should be easy to handle.