14723 – wbcGetpwuid (and others) fails after a network interface change if unix_nss_info = yes

Bug 14723 - wbcGetpwuid (and others) fails after a network interface change if unix_nss_info = yes

Summary: wbcGetpwuid (and others) fails after a network interface change if unix_nss_i...

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	4.11.6
Hardware:	x64 Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Samba QA Contact
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-06-02 14:03 UTC by sebastien.mougel
Modified:	2021-06-03 13:27 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
samba logs (182.09 KB, application/gzip) 2021-06-02 14:03 UTC, sebastien.mougel	no flags	Details
tdb files after test (2.18 MB, application/gzip) 2021-06-02 14:06 UTC, sebastien.mougel	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description sebastien.mougel 2021-06-02 14:03:05 UTC

Created attachment 16638 [details]
samba logs

When unix_nss_info = yes and the network connection is switched to a new interface, winbind fails to respond to some queries :
wbinfo --uid-info XXX
finish with a timeout error :
failed to call wbcGetpwuid: WBC_ERR_WINBIND_NOT_AVAILABLE
Could not get info for uid XXX

I get similar results with :
wbinfo --user-info XXX
wbinfo --user-sidinfo XXX

As a result, applications that depend on winbind for user authentication are almost no longer usable. Even opening a new terminal or a sudo is impacted.

Environment:
dc.test.lan (DC) and ubuntu01.test.lan (guest) : Ubuntu 20.04
Samba version : 4.11.6
See smb.conf of ubuntu01 is below.
Guest has 2 NIC, enp0s3 and enp0s8. 

Tests (time refers to log timestamp) :
enp0s3 is up, enp0s8 is down.
winbind service start [11:50], DC can be ping (wbinfo -P) [11:52] and wbinfo --uid-info successfully answers [11:53].

Now [11:54], switch network interface : enp0s3 is down, enp0s8 is up.
wbinfo -P successed [11:59], but wbinfo --uid-info 20100 finish with a timeout error [12:00] :

failed to call wbcGetpwuid: WBC_ERR_WINBIND_NOT_AVAILABLE
Could not get info for uid 20100

Also, 
wbinfo --user-info sn1a fails [12:02]


wbinfo --uid-to-sid 20100 success [12:04]

wbinfo --user-sidinfo fails [12:06]


Note :
The problem also appears when the network connection(s) are disabled. In this case, if unix_nss_info = no the request succeeds (with obviously cached data), but if unix_nss_info = no the request fails. 


smb.conf of ubunut01 for this test :
# Global parameters
[global]
	log level = 10
	debug pid = true
	max log size = 0

        workgroup = TEST
        realm = TEST.LAN
        netbios name = ubuntu01
        security = ADS

        idmap config TEST:backend = ad
        idmap config TEST:schema_mode = rfc2307
        idmap config TEST:range = 10000-29999
        idmap config TEST:unix_nss_info = yes

        idmap config *:backend = tdb
        idmap config *:range = 30000-39999

        winbind use default domain = yes
        winbind enum users = yes
        winbind enum groups = yes
        winbind refresh tickets = yes

        winbind expand groups = 1

        kerberos method = system keytab

        winbind offline logon = yes

Comment 1 sebastien.mougel 2021-06-02 14:06:47 UTC

Created attachment 16639 [details]
tdb files after test