Bug 2359 - Winbind fatal crash when AD auth.
Summary: Winbind fatal crash when AD auth.
Status: RESOLVED WONTFIX
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.11
Hardware: x86 Linux
: P3 critical
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-18 03:17 UTC by Lars Jonsson
Modified: 2005-09-08 16:33 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Jonsson 2005-02-18 03:17:00 UTC
using Winbind to authenicate against Win AD and Squid (wbinfo_group.pl) for
lookup against AD.
Im using the recent samba 3.0.11 with default configure opts.

smb.conf:
# Global parameters
[global]
        workgroup = GLOBAL
        realm = GLOBAL.AD.XXXX.COM
        server string = Samba Server
        security = ADS
        password server = KRBsrv1.ad.xxxx.com, KRBsrv2.ad.xxxx.com
        log level = winbind:2
        log file = /var/log/samba/log.%m
        max log size = 50
        client use spnego = No
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        preferred master = No
        local master = No
        domain master = No
        dns proxy = No
        ldap ssl = no
        idmap uid = 30000-60000
        idmap gid = 50000-500000
        winbind separator = -
        winbind use default domain = Yes
        winbind nested groups = Yes

crach dump:
[2005/02/18 10:14:37, 0] lib/fault.c:fault_report(36)
  ===============================================================
[2005/02/18 10:14:37, 0] lib/fault.c:fault_report(37)
  INTERNAL ERROR: Signal 6 in pid 9721 (3.0.11)
  Please read the appendix Bugs of the Samba HOWTO collection
[2005/02/18 10:14:37, 0] lib/fault.c:fault_report(39)
  ===============================================================
[2005/02/18 10:14:37, 0] lib/util.c:smb_panic2(1495)
  PANIC: internal error
[2005/02/18 10:14:37, 0] lib/util.c:smb_panic2(1502)
  BACKTRACE: 27 stack frames:
   #0 winbindd(smb_panic2+0x15e) [0x80c248e]
   #1 winbindd(smb_panic+0x11) [0x80c2321]
   #2 winbindd [0x80b17f7]
   #3 /lib/i686/libc.so.6 [0x40229988]
   #4 /lib/i686/libc.so.6(abort+0x15e) [0x4022b0c2]
   #5 winbindd [0x80e0365]
   #6 winbindd [0x80e0654]
   #7 winbindd(cli_krb5_get_ticket+0x19f) [0x80e092f]
   #8 winbindd(spnego_gen_negTokenTarg+0x36) [0x80e1476]
   #9 winbindd [0x8150971]
   #10 winbindd [0x8150c1c]
   #11 winbindd(ads_sasl_bind+0x10c) [0x815125c]
   #12 winbindd(ads_connect+0x211) [0x814b881]
   #13 winbindd(ads_do_search_retry+0x1cd) [0x8155f9d]
   #14 winbindd(ads_USN+0x3a) [0x814f3fa]
   #15 winbindd [0x8084f76]
   #16 winbindd [0x8077a66]
   #17 winbindd [0x8077c67]
   #18 winbindd [0x8078f25]
   #19 winbindd(winbindd_lookup_sid_by_name+0x45) [0x8075935]
   #20 winbindd(winbindd_lookupname+0x119) [0x807c279]
   #21 winbindd(ber_scanf+0x7a1) [0x806f129]
   #22 winbindd(winbind_process_packet+0x1d) [0x806f40d]
   #23 winbindd(strftime+0x1a91) [0x806f839]
   #24 winbindd(main+0x4fc) [0x80702cc]
   #25 /lib/i686/libc.so.6(__libc_start_main+0x93) [0x40217687]
   #26 winbindd(chroot+0x39) [0x806ea11]
Comment 1 Volker Lendecke 2005-02-18 03:28:23 UTC
We need more info on your Linux version and the version of kerberos you are using. 

A full debug level 10 log of winbind together with a sniff from the start of
winbind would also help a lot.

Volker
Comment 2 Lars Jonsson 2005-02-18 05:02:43 UTC
Using Redhat ES 2.1 
Kernel 2.4.9-e.49smp
Glibc 2.2.4-32.17
Kerberos:
krb5-workstation-1.2.2-31
krb5-devel-1.2.2-31
krb5-libs-1.2.2-31

Increasing loglevel and will try to sniff out some data..
/L
Comment 3 Andrew Bartlett 2005-09-08 16:05:34 UTC
That old kerberos just sounds like pain.  Even if this issue is solved, without
the arcfour-hmac-md5 enc type it is going to be painful.

Otherwise, we did find various other issues with older libs, and upgrading to a
newer RHEL would be my suggestion.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2005-09-08 16:33:09 UTC
closing.  Old kerberos.  Old bug.....