Hi all, We upgraded a sarge system recently, acting as a PDC for a small network. Smbd then started to segfault each time a user tryed to connect to the box, resulting in a major outage. This issue has been introduced somewhere between 3.0.5 and 3.0.7, as 3.0.5 works great. This bug is referenced as #274155 for Debian. Here is the backtrace: Program received signal SIGSEGV, Segmentation fault. 0x401de764 in strdup () from /lib/tls/libc.so.6 (gdb) bt #0 0x401de764 in strdup () from /lib/tls/libc.so.6 #1 0x080c7f2e in append_attr (attr_list=0xbfffee70, new_attr=0x0) at passdb/pdb_ldap.c:1237 #2 0x080c7fbc in ldapsam_getsampwnam (my_methods=0x81d4310, user=0x81d4798, sname=0x81c0660 "toto") at passdb/pdb_ldap.c:1256 #3 0x080bdb03 in context_getsampwnam (context=0x81d3b88, sam_acct=0x81d4798, username=0x81c0660 "toto") at passdb/pdb_interface.c:197 #4 0x080bfaa7 in pdb_getsampwnam (sam_acct=0x81d4798, username=0x81c0660 "toto") at passdb/pdb_interface.c:881 #5 0x080b8fda in local_password_change (user_name=0x81c0660 "toto", local_flags=577, new_passwd=0x81d4500 "t", err_str=0xbffff350 "", err_str_len=1024, msg_str=0xbfffef50 "", msg_str_len=1024) at passdb/passdb.c:972 #6 0x0806b950 in password_change (remote_mach=0x0, username=0x81c0660 "toto", old_passwd=0x0, new_pw=0x81d4500 "t", local_flags=577) at utils/smbpasswd.c:289 #7 0x0806be4c in process_root (local_flags=577) at utils/smbpasswd.c:453 #8 0x0806c21b in main (argc=5, argv=0xbffff854) at utils/smbpasswd.c:591 (gdb) The issue is a strdup of null pointer. Here is the patch that fixes this (tested, works like a charm :-) ) --- samba-3.0.7/source/passdb/pdb_ldap.c.orig 2004-09-29 22:57:47.000000000 +0100 +++ samba-3.0.7/source/passdb/pdb_ldap.c 2004-09-29 22:58:18.000000000 +0100 @@ -1253,7 +1253,8 @@ int rc; attr_list = get_userattr_list( ldap_state->schema_ver ); - append_attr(&attr_list, get_userattr_key2string(ldap_state->schema_ver,LDAP_ATTR_MOD_TIMESTAMP)); + if( ldap_state->schema_ver == SCHEMAVER_SAMBASAMACCOUNT ) + append_attr(&attr_list, get_userattr_key2string(ldap_state->schema_ver,LDAP_ATTR_MOD_TIMESTAMP)); rc = ldapsam_search_suffix_by_name(ldap_state, sname, &result, attr_list); free_attr_list( attr_list ); Bye, Fabien Chevalier
Same problem occured running 3.0.7 on SLES 8, using the ldapsam_compat backend pointing to eDirectory. Applying the patch fixed the issue. Thanks Fabien!
This has been fixed in the current subversion 3_0 tree. Will be fixed in 3.0.8. Volker
*** Bug 1665 has been marked as a duplicate of this bug. ***
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.