Bug 9944 - Creating homedir with Microsoft-tools crashes winbind
Summary: Creating homedir with Microsoft-tools crashes winbind
Status: RESOLVED INVALID
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.0.0
Hardware: All All
: P5 major (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-06-11 08:22 UTC by Stefan Kania
Modified: 2018-01-03 05:05 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Kania 2013-06-11 08:22:37 UTC
I created a share "users" for userhomdir. Using the RSAT from Microsoft to set the Homedir in the "profile" Section for a user, the homedir will be created in the share, but:
If I do an "ls -l " on in the filesystem it takes up to 30 sec. to show the result and it looks like this:
----------
root@saroot@samba4-1:~# ls -l /home/example/
insgesamt 16
drwxrwx---+ 2 3000000 users 4096 Jun 10 12:12 ktom
drwxrwx---+ 2 3000000 users 4096 Jun 10 11:58 skania
----------

The user who ones the directory is no user but the built-in-group administrators:
--------------
key(28) = "DN=@INDEX:XIDNUMBER:3000000\00"
data(84) =
"g\19\01&\02\00\00\00@INDEX:XIDNUMBER:3000000\00@IDXVERSION\00\01\00\00\00\01\00\00\002\00@IDX\00\01\00\00\00\0F\00\00\00CN=S-1-5-32-544\00"
--------------
SID S-1-5-32-544 is:
--------------
BUILTIN\ADMINISTRATORS     S-1-5-32-544          (=0x220)
--------------

As you can see there are some ACL on the directories. Here are the ACLs:

root@samba4-1:~# getfacl /home/example/skania/
getfacl: Entferne führende '/' von absoluten Pfadnamen
# file: home/example/skania/
# owner: 3000000
# group: users
user::rwx
group::---
group:users:---
group:3000000:rwx
group:3000020:rwx
mask::rwx
other::---
default:user::rwx
default:user:3000000:rwx
default:group::---
default:group:users:---
default:group:3000000:rwx
default:group:3000020:rwx
default:mask::rwx
default:other::---
--------------

The default-group with the ID 3.000.020 is no group but a normal user:

-------------
key(28) = "DN=@INDEX:XIDNUMBER:3000020\00"
data(118) =
"g\19\01&\02\00\00\00@INDEX:XIDNUMBER:3000020\00@IDXVERSION\00\01\00\00\00\01\00\00\002\00@IDX\00\01\00\00\001\00\00\00CN=S-1-5-21-2272618568-2628634020-1511971479-1105\00"
-------------
dn: CN=Stefan Kania,CN=Users,DC=example,DC=net
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
.
.
.
objectSid: S-1-5-21-2272618568-2628634020-1511971479-1105
.
.
.
------------
So GID and UID got mixed up. The owning user is a GID an the owning group is a UID.
  
Now everytime I use "ls -l /home/example/skania" or "getfacl /home/example/skania" samba craches and I have to restart the samba-dc. Trying "getent passwd" gets no result and "wbinfo -u" exit with errormessage "Error looking up domain users".
I set "log level = 3" in smb.conf and got the following messages:
------------
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'wbsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[wbsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
[2013/06/10 13:59:43,  3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Kerberos: TGS-REQ SAMBA4-1$@EXAMPLE.NET from
ipv6:2003:5c:ad84:8101:a00:27ff:fee7:e8d6:59818 for
host/samba4-1.example.net@EXAMPLE.NET [canonicalize]
  Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
  Terminating connection - 'wbsrv_samba3_send_reply_done:
tstream_writev_queue_recv() - 32:Broken pipe'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[wbsrv_samba3_send_reply_done:
tstream_writev_queue_recv() - 32:Broken pipe]
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'wbsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[wbsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
[2013/06/10 13:59:43,  3]
../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper)
  Kerberos: TGS-REQ authtime: 2013-06-10T13:59:08 starttime:
2013-06-10T13:59:43 endtime: 2013-06-10T23:59:08 renew till: unset
[2013/06/10 13:59:43,  0] ../lib/util/fault.c:72(fault_report)
  ===============================================================
[2013/06/10 13:59:43,  0] ../lib/util/fault.c:73(fault_report)
  INTERNAL ERROR: Signal 11 in pid 3899 (4.0.6-SerNet-Debian-2.wheezy)
  Please read the Trouble-Shooting section of the Samba HOWTO
[2013/06/10 13:59:43,  0] ../lib/util/fault.c:75(fault_report)
  ===============================================================
[2013/06/10 13:59:43,  0] ../lib/util/fault.c:144(smb_panic_default)
  PANIC: internal error
[2013/06/10 13:59:43,  3]
../lib/util/util_net.c:78(interpret_string_addr_internal)
  interpret_string_addr_internal: getaddrinfo failed for name (null)
(flags 4) [Name or service not known]
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
[2013/06/10 13:59:43,  3]
../source4/smbd/service_stream.c:63(stream_terminate_connection)
  Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
[2013/06/10 13:59:43,  3]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]

------------------

I can reproduce this error on different systems.
System I use:
OS   : Debian weezy
samba: sernet-samba                       99:4.0.6-2
Internal DNS

If I creat the homedir by hand an setting the ACLs an permissions by hand everything works fine, but I think it should work with the RSAT from Microsoft.
Comment 1 Björn Jacke 2018-01-03 05:05:41 UTC
this is how xid is supposed to work actually. the crash you see is a different story but probably not an issue with currwnt samba releases.