Bug 382 - winbind crashes after trustpw-change and winbindd_pam_auth
Summary: winbind crashes after trustpw-change and winbindd_pam_auth
Status: CLOSED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.0preX
Hardware: All Linux
: P2 critical
Target Milestone: 3.0.0rc3
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact:
URL:
Keywords:
Depends on: 200
Blocks:
  Show dependency treegraph
 
Reported: 2003-09-01 02:34 UTC by Guenther Deschner
Modified: 2005-11-14 09:31 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Guenther Deschner 2003-09-01 02:34:42 UTC 
winbind reliably crashes if 


1. the machine-password is changed (via "net rpc changetrustpw")
2. users than authenticate via winbindd_pam_auth

from log.winbindd:

[2003/09/01 11:03:01, 5] rpc_parse/parse_prs.c:prs_ntstatus(664)
      0034 status      : NT_STATUS_ACCESS_DENIED
[2003/09/01 11:03:01, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth(155)
  winbindd_pam_auth: sam_logon returned ACCESS_DENIED.  Maybe the trust account
password was changed and 
we didn't know it.  Killing connections to domain MYDOMAIN
[2003/09/01 11:03:01, 10] nsswitch/winbindd_cm.c:winbindd_cm_flush(682)
  Closing connection to \PIPE\NETLOGON on MYDC

...

[2003/09/01 11:03:01, 0] lib/util.c:smb_panic(1462)
  PANIC: internal error
[2003/09/01 11:03:01, 0] lib/util.c:smb_panic(1469)
  BACKTRACE: 14 stack frames:
   #0 /usr/sbin/winbindd(smb_panic+0x1ab) [0x80b9682]
   #1 /usr/sbin/winbindd [0x80a84c9]
   #2 /usr/sbin/winbindd [0x80a852a]
   #3 /lib/libc.so.6 [0x4023f5c8]
   #4 /lib/libc.so.6(malloc+0x98) [0x4028c898]
   #5 /usr/sbin/winbindd [0x807ac23]
   #6 /usr/sbin/winbindd(cm_get_netlogon_cli+0x14d) [0x807b48c]
   #7 /usr/sbin/winbindd(winbindd_pam_auth+0x2be) [0x8077bdc]
   #8 /usr/sbin/winbindd(strftime+0x1334) [0x806cd54]
   #9 /usr/sbin/winbindd(winbind_process_packet+0x1f) [0x806d040]
   #10 /usr/sbin/winbindd(strftime+0x1eb8) [0x806d8d8]
   #11 /usr/sbin/winbindd(main+0x51b) [0x806ded6]
   #12 /lib/libc.so.6(__libc_start_main+0xce) [0x4022b8ae]
   #13 /usr/sbin/winbindd(chroot+0x31) [0x806c671]
[2003/09/01 11:03:01, 10] nsswitch/winbindd.c:winbind_client_read(455)
  client_read: read 0 bytes. Need 1568 more for a full request.
[2003/09/01 11:03:01, 5] nsswitch/winbindd.c:winbind_client_read(462)
  read failed on sock 10, pid 3608: EOF


the fix from #200 does not work.

to reproduce the panic i have to repeat the changetrustpw, pam_authenticate two
or three times:

mthelena:~/SOURCES # rcwinbind status
Checking for SAMBA windbind                                                    
                 running
mthelena:~/SOURCES # net rpc changetrustpw
mthelena:~/SOURCES # wbinfo -a MYDOMAIN\\Administrator%secret
plaintext password authentication succeeded
challenge/response password authentication succeeded
mthelena:~/SOURCES # net rpc changetrustpw
mthelena:~/SOURCES # wbinfo -a MYDOMAIN\\Administrator%secret
plaintext password authentication succeeded
challenge/response password authentication succeeded
mthelena:~/SOURCES # net rpc changetrustpw
mthelena:~/SOURCES # wbinfo -a MYDOMAIN\\Administrator%secret
plaintext password authentication failed
Could not authenticate user MYDOMAIN\Administrator%secret with plaintext password
could not obtain winbind separator!
challenge/response password authentication failed
Could not authenticate user MYDOMAIN\Administrator with challenge/response
mthelena:~/SOURCES # rcwinbind status
Checking for SAMBA windbind  Warning: winbind not running !
Comment 1 Gerald (Jerry) Carter (dead mail address) 2003-09-06 12:50:04 UTC 
Bug reproduced and new Fixed checked into SAMBA_3_0 tree.
Probably would have been better to just reopen bug 200.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2005-02-07 09:06:21 UTC 
originally reported against one of the 3.0.0rc[1-4] releases.
Cleaning up non-production versions.
Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-08-24 10:19:58 UTC 
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2005-11-14 09:31:25 UTC 
database cleanup