Bug 5962 - smb_panic when adding root to group
Summary: smb_panic when adding root to group
Status: RESOLVED WORKSFORME
Alias: None
Product: Samba 3.2
Classification: Unclassified
Component: User & Group Accounts (show other bugs)
Version: 3.2.6
Hardware: Other Linux
: P3 normal
Target Milestone: ---
Assignee: Volker Lendecke
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-12-11 05:54 UTC by David Markey
Modified: 2023-11-25 22:39 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Markey 2008-12-11 05:54:05 UTC 
When I try to add root to a group using usrmgr i get this:


#0  0x00007fb7a12ecf15 in waitpid () from /lib/libc.so.6
#1  0x00007fb7a1285461 in ?? () from /lib/libc.so.6
#2  0x00007fb7a2e3b225 in smb_panic (why=0x7fb7a31a9291 "internal error") at lib/util.c:1669
#3  0x00007fb7a2e1df91 in fault_report (sig=11) at lib/fault.c:46
#4  0x00007fb7a2e1dfa4 in sig_fault (sig=11) at lib/fault.c:69
#5  <signal handler called>
#6  0x00007fb7a2e3305d in sid_compare (sid1=0x7fffab29f840, sid2=0x7fb7a3dde01c) at lib/util_sid.c:460
#7  0x00007fb7a2e331ae in sid_equal (sid1=0x7fffab29f840, sid2=0x7fb7a3dde01c) at lib/util_sid.c:494
#8  0x00007fb7a2dcb88e in pdb_user_in_group (mem_ctx=0x7fb7a3d33c40, account=0x7fb7a3db34e0, group_sid=0x7fffab29f840) at passdb/pdb_interface.c:757
#9  0x00007fb7a2dcbab3 in pdb_default_add_groupmem (methods=0x7fb7a3d7b010, mem_ctx=0x7fb7a3d33c40, group_rid=1015, member_rid=500) at passdb/pdb_interface.c:801
#10 0x00007fb7a2dcbb62 in pdb_add_groupmem (mem_ctx=0x7fb7a3d33c40, group_rid=1015, member_rid=500) at passdb/pdb_interface.c:823
#11 0x00007fb7a2d788a2 in _samr_AddGroupMember (p=0x7fb7a3db07c0, r=0x7fb7a3d92ed0) at rpc_server/srv_samr_nt.c:4734
#12 0x00007fb7a2d81fe9 in api_samr_AddGroupMember (p=0x7fb7a3db07c0) at librpc/gen_ndr/srv_samr.c:1832
#13 0x00007fb7a2d976ed in api_rpcTNP (p=0x7fb7a3db07c0, rpc_name=0x7fb7a3db07da "samr", api_rpc_cmds=0x7fb7a34bd020, n_cmds=68) at rpc_server/srv_pipe.c:2325
#14 0x00007fb7a2d97126 in api_pipe_request (p=0x7fb7a3db07c0) at rpc_server/srv_pipe.c:2270
#15 0x00007fb7a2d8bc7f in process_request_pdu (p=0x7fb7a3db07c0, rpc_in_p=0x7fffab29ff70) at rpc_server/srv_pipe_hnd.c:655
#16 0x00007fb7a2d8bf78 in process_complete_pdu (p=0x7fb7a3db07c0) at rpc_server/srv_pipe_hnd.c:713
#17 0x00007fb7a2d8cafa in process_incoming_data (p=0x7fb7a3db07c0, data=0x7fb7a3db6050 "\034", n=36) at rpc_server/srv_pipe_hnd.c:911
#18 0x00007fb7a2d8cea2 in write_to_internal_pipe (np_conn=0x7fb7a3db07c0, data=0x7fb7a3db6050 "\034", n=52) at rpc_server/srv_pipe_hnd.c:951
#19 0x00007fb7a2d8cdb3 in write_to_pipe (p=0x7fb7a3d76b80, data=0x7fb7a3db6040 "\005", n=52) at rpc_server/srv_pipe_hnd.c:934
#20 0x00007fb7a2b8d125 in api_fd_reply (conn=0x7fb7a3dab600, vuid=100, req=0x7fb7a3d92df0, setup=0x7fb7a3d64f60, data=0x7fb7a3db6040 "\005", params=0x0, suwcnt=2, tdscnt=52, tpscnt=0, mdrcnt=1024, mprcnt=0)
    at smbd/ipc.c:355
#21 0x00007fb7a2b8d47e in named_pipe (conn=0x7fb7a3dab600, vuid=100, req=0x7fb7a3d92df0, name=0x7fb7a3daaa46 "", setup=0x7fb7a3d64f60, data=0x7fb7a3db6040 "\005", params=0x0, suwcnt=2, tdscnt=52, tpscnt=0,
    msrcnt=0, mdrcnt=1024, mprcnt=0) at smbd/ipc.c:413
#22 0x00007fb7a2b8d89c in handle_trans (conn=0x7fb7a3dab600, req=0x7fb7a3d92df0, state=0x7fb7a3dafda0) at smbd/ipc.c:470
#23 0x00007fb7a2b8e7f5 in reply_trans (req=0x7fb7a3d92df0) at smbd/ipc.c:661
#24 0x00007fb7a2c1bb05 in switch_message (type=37 '%', req=0x7fb7a3d92df0, size=140) at smbd/process.c:1463
#25 0x00007fb7a2c1bbb1 in construct_reply (inbuf=0x7fb7a3d92d10 "", size=140, unread_bytes=0, encrypted=false) at smbd/process.c:1486
#26 0x00007fb7a2c1bff2 in process_smb (inbuf=0x7fb7a3d92d10 "", nread=140, unread_bytes=0, encrypted=false) at smbd/process.c:1562
#27 0x00007fb7a2c1d239 in smbd_process () at smbd/process.c:2054
#28 0x00007fb7a313a331 in main (argc=1, argv=0x7fffab2a0a08) at smbd/server.c:1450


Samba 3.2.6, openldap/smbk5pwd backend. Ubuntu x86_64


Root LDAP entry is like this:
dn: uid=root,ou=user,dc=cs,dc=dit,dc=ie
cn: root
sn: root
objectClass: top,person,organizationalPerson,inetOrgPerson,sambaSamAccount,posixAccount,shadowAccount
gidNumber: 0
uid: root
uidNumber: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaHomeDrive: U:
sambaPrimaryGroupSID: S-1-5-21-2153973629-1361248746-2707496592-512
sambaAcctFlags: [U          ]
sambaSID: S-1-5-21-2153973629-1361248746-2707496592-500
loginShell: /bin/false
gecos: Netbios Domain Administrator
shadowLastChange: 14207
shadowMax: 60000
sambaBadPasswordCount: 0
sambaBadPasswordTime: 0
sambaHomePath: \\pdc-test\root
displayName: Domain Administrator
sambaPasswordHistory:<snip>
userPassword: {K5KEY}
sambaPwdLastSet: 1228959375
sambaLMPassword: <snip>
sambaNTPassword: <snip>
homeDirectory: /root


smb.conf


[global]
        workgroup = CS-TEST
        netbios name = PDC-TEST
        security = user
        enable privileges = yes
        server string = Samba Server %v
        encrypt passwords = Yes
        ldap passwd sync = yes
        log level = 2
        syslog = 0
        log file = /var/log/samba/log
        time server = Yes
        mangling method = hash2
        logon script = logon.bat
        logon drive = U:
        domain logons = Yes
        domain master = Yes
        preferred master = Yes
        wins support = yes
        name resolve order = wins lmhosts hosts bcast
        passdb backend = ldapsam:ldapi://
        ldap admin dn = <snip>
        ldap suffix = dc=cs,dc=dit,dc=ie
        ldap group suffix = ou=group
        ldap user suffix = ou=user
        ldap machine suffix = ou=machine
        add user script = /opt/cs/smbldap-tools/bin/smbldap-useradd -m "%u"
        delete user script = /opt/cs/smbldap-tools/bin/smbldap-userdel -r "%u"
        add machine script = /opt/cs/smbldap-tools/bin/smbldap-useradd -t2 -w "%u"
        add group script = /opt/cs/smbldap-tools/bin/smbldap-groupadd -p "%g"
        delete group script = /opt/cs/smbldap-tools/bin/smbldap-groupdel "%g"
        add user to group script = /opt/cs/smbldap-tools/bin/smbldap-groupmod -m "%u" "%g"
        delete user from group script = /opt/cs/smbldap-tools/bin/smbldap-groupmod -x "%u" "%g"
        set primary group script = /opt/cs/smbldap-tools/bin/smbldap-usermod -g '%g' '%u'
        load printers = no
        panic action = "/bin/sleep 90000"
        create mask = 0640
        directory mask = 0750
        nt acl support = yes
        printing = none
        ldapsam:trusted = yes
        logon path =
        username map = /opt/samba/lib/smbusers
        guest account = nobody
        map to guest = Bad User
        dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
Comment 1 David Markey 2008-12-11 06:39:21 UTC 
Update, this only happens with 

ldapsam:trusted = yes


Its fine with

ldapsam:trusted = no
Comment 2 David Markey 2008-12-11 07:47:46 UTC 
happens in 3.2.5 also
Comment 3 David Markey 2008-12-11 08:45:09 UTC 
Ok, the bug doesnt happen when root Gid is set correctly to 512/513.

Samba should handle this more gracefully if the gid doesnt exist in ldap when 

ldapsam:trusted = yes
Comment 4 Björn Jacke 2023-11-25 22:39:12 UTC 
(In reply to David Markey from comment #3)
closing this old bug, this was a configuration issue and this kind of setups should all have been moved to AD DC setups these days.