Bug 9981 - smbpasswd cannot delete root from smbpasswd file
Summary: smbpasswd cannot delete root from smbpasswd file
Status: RESOLVED DUPLICATE of bug 10328
Alias: None
Product: Samba 3.6
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.6.16
Hardware: x86 Linux
: P5 regression
Target Milestone: ---
Assignee: Volker Lendecke
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-06-30 09:08 UTC by Thomas Bork
Modified: 2014-07-17 07:37 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Bork 2013-06-30 09:08:37 UTC
Trying to delete user root from /etc/smbpasswd with smbpasswd fails (no PDC, no winbind).

test # grep ^root /etc/passwd
root:x:0:0:root:/root:/bin/bash
test # grep ^root /etc/smbpasswd
root:0:C2265B23734E0DACAAD3B435B51404EE:69943C5E63B4D2C104DBBCC15138B72B:[U          ]:LCT-51CDEF70:
test # smbpasswd -D 10 -x root
Netbios name list:-
my_netbios_names[0]="TEST"
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend wbc_sam
Successfully added passdb backend 'wbc_sam'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
getsampwnam (smbpasswd): search by name: root
startsmbfilepwent_internal: opening file /etc/smbpasswd
getsmbfilepwent: returning passwd entry for user root, uid 0
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): found by name: root
Finding user root
Trying _Get_Pwnam(), username as lowercase is root
Get_Pwnam_internals did find user [root]!
pdb_set_username: setting username root, was
pdb_set_full_name: setting full name root, was
pdb_set_domain: setting domain TEST, was
Home server: test
pdb_set_profile_path: setting profile path \\test\root\profile, was
Home server: test
pdb_set_homedir: setting home dir \\test\root, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000 from rid 1000
account_policy_get: name: maximum password age, val: -1
Opening cache file at /var/lock/samba/gencache.tdb
Opening cache file at /var/lock/samba/gencache_notrans.tdb
gid_to_sid: winbind failed to find a sid for gid 0
LEGACY: gid 0 -> sid S-1-22-2-0
Forcing Primary Group to 'Domain Users' for root
account_policy_get: name: password history, val: 0
pdb_set_username: setting username root, was
pdb_set_domain: setting domain TEST, was
pdb_set_nt_username: setting nt username , was
pdb_set_full_name: setting full name root, was
Home server: test
Substituting charset 'UTF-8' for LOCALE
pdb_set_homedir: setting home dir \\test\root, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
Home server: test
pdb_set_profile_path: setting profile path \\test\root\profile, was
pdb_set_workstations: setting workstations , was
account_policy_get: name: password history, val: 0
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000 from rid 1000
pdb_set_group_sid: setting group sid S-1-5-21-2003627822-2407375014-3416494304-513
winbind failed to find a uid for sid S-1-5-21-2003627822-2407375014-3416494304-1000
lookup_global_sam_rid: looking up RID 1000.
smbpasswd_getsampwrid: search by sid: S-1-5-21-2003627822-2407375014-3416494304-1000
startsmbfilepwent_internal: opening file /etc/smbpasswd
getsmbfilepwent: returning passwd entry for user root, uid 0
endsmbfilepwent_internal: closed password file.
getsampwrid (smbpasswd): found by name: root
Finding user root
Trying _Get_Pwnam(), username as lowercase is root
Get_Pwnam_internals did find user [root]!
pdb_set_username: setting username root, was
pdb_set_full_name: setting full name root, was
pdb_set_domain: setting domain TEST, was
Home server: test
pdb_set_profile_path: setting profile path \\test\root\profile, was
Home server: test
pdb_set_homedir: setting home dir \\test\root, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000 from rid 1000
Finding user root
Trying _Get_Pwnam(), username as lowercase is root
Get_Pwnam_internals did find user [root]!
LEGACY: sid S-1-5-21-2003627822-2407375014-3416494304-1000 -> uid 0
Failed to delete entry for user root.


I _can_ delete normal users with smbpasswd:
-------------------------------------------

test # smbpasswd -D 10 -x tb
Netbios name list:-
my_netbios_names[0]="TEST"
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend wbc_sam
Successfully added passdb backend 'wbc_sam'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
getsampwnam (smbpasswd): search by name: tb
startsmbfilepwent_internal: opening file /etc/smbpasswd
getsmbfilepwent: returning passwd entry for user tb, uid 2001
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): found by name: tb
Finding user tb
Trying _Get_Pwnam(), username as lowercase is tb
Get_Pwnam_internals did find user [tb]!
pdb_set_username: setting username tb, was
pdb_set_full_name: setting full name tb, was
pdb_set_domain: setting domain TEST, was
Home server: test
pdb_set_profile_path: setting profile path \\test\tb\profile, was
Home server: test
pdb_set_homedir: setting home dir \\test\tb, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-5002
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-5002 from rid 5002
account_policy_get: name: maximum password age, val: -1
Opening cache file at /var/lock/samba/gencache.tdb
Opening cache file at /var/lock/samba/gencache_notrans.tdb
gid_to_sid: winbind failed to find a sid for gid 100
LEGACY: gid 100 -> sid S-1-22-2-100
Forcing Primary Group to 'Domain Users' for tb
account_policy_get: name: password history, val: 0
pdb_set_username: setting username tb, was
pdb_set_domain: setting domain TEST, was
pdb_set_nt_username: setting nt username , was
pdb_set_full_name: setting full name tb, was
Home server: test
Substituting charset 'UTF-8' for LOCALE
pdb_set_homedir: setting home dir \\test\tb, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
Home server: test
pdb_set_profile_path: setting profile path \\test\tb\profile, was
pdb_set_workstations: setting workstations , was
account_policy_get: name: password history, val: 0
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-5002
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-5002 from rid 5002
pdb_set_group_sid: setting group sid S-1-5-21-2003627822-2407375014-3416494304-513
winbind failed to find a uid for sid S-1-5-21-2003627822-2407375014-3416494304-5002
lookup_global_sam_rid: looking up RID 5002.
smbpasswd_getsampwrid: search by sid: S-1-5-21-2003627822-2407375014-3416494304-5002
startsmbfilepwent_internal: opening file /etc/smbpasswd
getsmbfilepwent: returning passwd entry for user tb, uid 2001
endsmbfilepwent_internal: closed password file.
getsampwrid (smbpasswd): found by name: tb
Finding user tb
Trying _Get_Pwnam(), username as lowercase is tb
Get_Pwnam_internals did find user [tb]!
pdb_set_username: setting username tb, was
pdb_set_full_name: setting full name tb, was
pdb_set_domain: setting domain TEST, was
Home server: test
pdb_set_profile_path: setting profile path \\test\tb\profile, was
Home server: test
pdb_set_homedir: setting home dir \\test\tb, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-5002
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-5002 from rid 5002
Finding user tb
Trying _Get_Pwnam(), username as lowercase is tb
Get_Pwnam_internals did find user [tb]!
LEGACY: sid S-1-5-21-2003627822-2407375014-3416494304-5002 -> uid 2001
startsmbfilepwent_internal: opening file /etc/smbpasswd
startsmbfilepwent_internal: opening file /etc/smbpasswd.1631
getsmbfilepwent: returning passwd entry for user tb, uid 2001
del_smbfilepwd_entry: found entry with name tb - deleting it.
getsmbfilepwent: returning passwd entry for user root, uid 0
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
endsmbfilepwent_internal: closed password file.
Deleted user tb.


Deleting root with pdbedit is possible:
---------------------------------------

test # pdbedit -d 10 -x root
INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 10
  tdb: 10
  printdrivers: 10
  lanman: 10
  smb: 10
  rpc_parse: 10
  rpc_srv: 10
  rpc_cli: 10
  passdb: 10
  sam: 10
  auth: 10
  winbind: 10
  vfs: 10
  idmap: 10
  quota: 10
  acls: 10
  locking: 10
  msdfs: 10
  dmapi: 10
  registry: 10
params.c:pm_process() - Processing configuration file "/etc/smb.conf"
Processing section "[global]"
doing parameter dos charset = CP850
doing parameter unix charset = UTF-8
doing parameter display charset = LOCALE
doing parameter workgroup = TOMMAIK
doing parameter serverstring =
doing parameter interfaces = 127.0.0.1/8 192.168.0.8/255.255.255.0
doing parameter bind interfaces only = yes
doing parameter security = user
doing parameter password server =
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *New*Password:* %n\n *Reenter*New*Password:* %n\n *Password*changed*
doing parameter username map = /etc/user.map
doing parameter username level = 2
doing parameter unix password sync = yes
doing parameter debug level = 0
doing parameter max log size = 10000
doing parameter nameresolveorder = lmhosts host wins bcast
doing parameter time server = yes
doing parameter deadtime = 60
doing parameter printing = lprng
doing parameter printcap name = /etc/printcap
doing parameter printcap cache time = 0
doing parameter load printers = no
doing parameter mangling method = hash2
doing parameter domain logons = no
doing parameter add user script = /usr/sbin/useradd -m '%u' -c '%u'
doing parameter add machine script =
doing parameter delete user script =
doing parameter add group script = /var/install/bin/add-group '%g'
doing parameter delete group script = /var/install/bin/remove-group '%g'
doing parameter add user to group script = /usr/sbin/usermod -G '%g' '%u'
doing parameter delete user from group script = /usr/sbin/userdel '%g' '%u'
doing parameter set primary group script = /var/install/bin/modify-user -g '%u' '%g'
doing parameter os level = 0
doing parameter preferred master = no
doing parameter local master = no
doing parameter domain master = no
doing parameter wins support = no
doing parameter wins hook =
doing parameter wins server =
doing parameter wins proxy = no
doing parameter kernel oplocks = no
doing parameter utmp = yes
doing parameter message command = /var/install/bin/samba-netbios-mail '%f' '%s'
doing parameter admin users = root
doing parameter hosts allow = 127.0.0. 192.168.0.0/255.255.255.0
doing parameter dos filetime resolution = yes
doing parameter use sendfile = yes
doing parameter unix extensions = no
doing parameter wide links = yes
doing parameter enable core files = no
doing parameter max mux = 10000
doing parameter dos filemode = yes
doing parameter acl group control = yes
doing parameter acl compatibility = auto
doing parameter force unknown acl user = yes
doing parameter inherit acls = yes
doing parameter map acl inherit = yes
doing parameter map hidden = no
doing parameter map system = no
doing parameter map archive = no
doing parameter map read only = no
doing parameter store dos attributes = yes
doing parameter ea support = yes
doing parameter oplocks = no
doing parameter level2 oplocks = no
doing parameter blocking locks = no
doing parameter hide files = /desktop.ini/Thumbs.db/
doing parameter dos filemode = yes
doing parameter passdb backend = smbpasswd
doing parameter lanman auth = yes
doing parameter client lanman auth = yes
doing parameter client plaintext auth = yes
doing parameter max protocol = SMB2
doing parameter min receivefile size = 16384
doing parameter aio read size = 16384
doing parameter aio write size = 16384
doing parameter client ntlmv2 auth = no
doing parameter socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
pm_process() returned Yes
lp_servicenumber: couldn't find homes
set_server_role: role = ROLE_STANDALONE
Substituting charset 'UTF-8' for LOCALE
Netbios name list:-
my_netbios_names[0]="TEST"
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend wbc_sam
Successfully added passdb backend 'wbc_sam'
Attempting to find a passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
getsampwnam (smbpasswd): search by name: root
startsmbfilepwent_internal: opening file /etc/smbpasswd
getsmbfilepwent: returning passwd entry for user root, uid 0
endsmbfilepwent_internal: closed password file.
getsampwnam (smbpasswd): found by name: root
Finding user root
Trying _Get_Pwnam(), username as lowercase is root
Get_Pwnam_internals did find user [root]!
pdb_set_username: setting username root, was
pdb_set_full_name: setting full name root, was
pdb_set_domain: setting domain TEST, was
Home server: test
pdb_set_profile_path: setting profile path \\test\root\profile, was
Home server: test
pdb_set_homedir: setting home dir \\test\root, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000 from rid 1000
account_policy_get: name: maximum password age, val: -1
Opening cache file at /var/lock/samba/gencache.tdb
Opening cache file at /var/lock/samba/gencache_notrans.tdb
gid_to_sid: winbind failed to find a sid for gid 0
LEGACY: gid 0 -> sid S-1-22-2-0
Forcing Primary Group to 'Domain Users' for root
account_policy_get: name: password history, val: 0
pdb_set_username: setting username root, was
pdb_set_domain: setting domain TEST, was
pdb_set_nt_username: setting nt username , was
pdb_set_full_name: setting full name root, was
Home server: test
Substituting charset 'UTF-8' for LOCALE
pdb_set_homedir: setting home dir \\test\root, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
Home server: test
pdb_set_profile_path: setting profile path \\test\root\profile, was
pdb_set_workstations: setting workstations , was
account_policy_get: name: password history, val: 0
pdb_set_user_sid: setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-2003627822-2407375014-3416494304-1000 from rid 1000
pdb_set_group_sid: setting group sid S-1-5-21-2003627822-2407375014-3416494304-513
startsmbfilepwent_internal: opening file /etc/smbpasswd
startsmbfilepwent_internal: opening file /etc/smbpasswd.1635
getsmbfilepwent: returning passwd entry for user root, uid 0
del_smbfilepwd_entry: found entry with name root - deleting it.
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
endsmbfilepwent_internal: closed password file.


This is a regression to old samba versions. We are using scripts to add and delete samba users via smbpasswd.

der tom
Comment 1 Stefan Metzmacher 2014-07-17 07:37:50 UTC

*** This bug has been marked as a duplicate of bug 10328 ***