I have Samba 3.0.20rc2 on a Linux machine as PDC. My passdb backend is MySql 4.1. When I re-joined a Windows XP machine to the domain (the machine account already existed), the final SQL statement issued by Samba was: UPDATE `account` SET smb_pass_can_change_time = 1124446998, smb_pass_must_change_time = 2147483647, smb_pass_last_set_time = 1124446998, smb_lm_pass = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', smb_nt_pass = '2933ACB55AEBAA79309409A03417FE9A' Obviously, there is no WHERE clause, so the all rows in the database got updated instead of just the machine account. What is is missing is something like WHERE user = 'ABCDE$' at the end of the SQL statement. This is really desastrous (or would be, fortunately it is just a test installation). There are more MySql problems, see bug 2531.
look at these: https://bugzilla.samba.org/show_bug.cgi?id=2531 and https://bugzilla.samba.org/show_bug.cgi?id=3019
I was able to track the problem down a bit. In the UPDATE example I gave, things go wrong in passdb/pdb_sql.c in the statement at line 539-545: query->part1 = talloc_asprintf_append(query->part1, " WHERE %s = '%s'", config_value_read(location, "user sid column", CONFIG_USER_SID_DEFAULT), sid_to_string(sid_str, pdb_get_user_sid (newpwd))); I added some DEBUG statements which revealed that after the call of talloc_asprintf_append, query->part1 is unchanged, which should not be the case. The ingredients to the call to talloc_asprintf_append are ok, so something inside the helper function talloc_asprintf_append goes wrong. The function talloc_asprintf_append is defined in lib/talloc.c and is used only in pdb_sql.c, which explains why only sql passdb users experience problems. My guess is that bugs 2531 and 3019 are caused by talloc_asprintf_append too, as it is used 9 times in pdb_sql.c. I hope that can find the time to go into this a bit deeper.
Thanks for tracking that down, that really sounds great! If you have a patch, I'd happily test it here, if you want. :-)
Created attachment 1398 [details] patch to lib/talloc.c, function talloc_vasprintf_append The function talloc_vasprintf_append in lib/talloc.c appends formattedly to a string s. The length of the lhs string s, to which more data is appended, is calculated in the wrong way. The original function uses the length of the talloc-ed data chunk as length of s, but it is perfectly ok (and actually happens) that the real string is shorter. So I calculate the string length simply with strlen(s) now. From what I can see, this solves bug 3018, but not 2531. I have a patch for the latter bug, too.
reassigning to me
*** Bug 3078 has been marked as a duplicate of this bug. ***
The experimental pdb modules (pdb_mysql, pdb_pgsql and pdb_xml) have been a bit neglected during the last few releases of Samba 3 as they haven't been actively maintained. I was the original author and maintainer, but I no longer work on Samba 3 and I no longer use any of the modules in production. I'll remove these modules unless somebody steps up as a maintainer. If there's anyone willing to take over maintainance of either one of these modules, please let me know. Otherwise, I'll put the modules up on my samba.org homepage as a separate tarball for those interested (including some of the patches that have been published).
We run a pdb_mysql environment with Samba 3.0.20 and the patches by Peter Rindfuss, which I'm adding to CC, hoping that this is okay for him. The patches are in talloc.c and pdb_sql.c, and then pdb_mysql works fine (pdb_pgsql untested). Unfortunately, I am no programmer, but we actively use the pdb_mysql module, as we have set up a GUI that relies on this, and switching to tdbsam or LDAP is no intermediate option for us. I hope that we can find some people willing to help debugging on coding on these modules. Darrell, Peter, would you be willing to help? I would be helping, too!
Adding Darrell to Cc so he doesn't miss one of the associated Bugzilla entries - hope that is okay.
> > Darrell, Peter, would you be willing to help? I would be helping, too! Hi Everybody, I was on vacation for a couple of days, so I had no chance to respond earlier. I am definitely willing to help in the further development of the sql backend. Cheers, Peter
Great to hear, thanks a lot! So we seem to have enough people who will work on the modules, now we just have to wait for the Samba team to tell us how to go on. ;-)
What is the current status of this bug? According to bug #3188 it seems to be working?
This is solved as far as I can tell. Peter Rindfuss
Maybe this new bug is of interest for those on the Cc list: https://bugzilla.samba.org/show_bug.cgi?id=3351
See bug 3375. If someone wants to maintain these modules outside the Samba source tree, that is fine. But the source has been removed from the upcoming 3.0.22 release.