Bug 208718
Summary: | Update 3.0.23c-1.fc5 cannot understand "@group" in smb.conf | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Luis Felipe Marzagao <lfelipebm> |
Component: | samba | Assignee: | Jay Fenlason <fenlason> |
Status: | CLOSED DUPLICATE | QA Contact: | David Lawrence <dkl> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | cat, fedora, jfeeney, jplans, rhbugzilla, zing |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
URL: | http://www.fedoraforum.org/forum/showthread.php?t=125460 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-10-23 07:08:26 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Attachments: |
Description
Luis Felipe Marzagao
2006-09-30 19:13:40 UTC
Created attachment 137487 [details]
Log saved in /var/log/samba related to the workstation
Windows XP machine name is "rbsm204".
User trying to access the shares is "felipe"
User "felipe" belongs to "admin"
Created attachment 137488 [details]
samba configuration file
my smb.conf file, where you can see the "@" groups assigned
Created attachment 137489 [details]
smb daemon log
I'm having the exact same issue, with the exact same error / stack trace. I'm glad your were able to narrow it down to the @group, though. All my shares reference @group so I thought all of samba was broken! This is a pretty serious bug... I agree with you. The reason I put it as a "normal" bug was that I could workaround it... Hope the developers fix it as soon as possible. Cheers. See samba mailing list thread: http://www.mail-archive.com/samba@lists.samba.org/msg77923.html I duplicate the problem perfectly. Will port patch from mailing list context, build RPM, test, and report back. Created attachment 138360 [details]
Patch to fix @groups crash
Patch to fix @groups crash ported from mailing list
Created attachment 138362 [details]
Diff against 3.0.23-1.fc5 spec file
Diff against 3.0.23-1.fc5 spec file to integrate previous patch into RPM build.
Obviously this needs further work to get into dist as it's labelled with my
suffixes!
Additional data: Patch is in Samba SVN: http://viewcvs.samba.org/cgi-bin/viewcvs.cgi/branches/SAMBA_3_0_23/source/auth/auth_util.c?rev=19008&r1=17875&r2=19008 Various comments in the RELEASE tree state "Staging for 3.0.23d..." Hi, Graeme. First of all thanks for the efforts. Are you 100% sure that this patch does the job? I ask it because I had previously contacted Volker Lendeck, from samba.org, and he said the patch contained at the mentioned mailing list had nothing to do with this problem with groups: My message for him Quote: "... Anyway, googleing I saw a discussion where you've posted a patch for samba 3.0.23c: http://www.mail-archive.com/samba@l...g/msg78460.html Unfortunatelly, I have no idea how to use or apply the patch... Worse, I have no idea how to port it to fedora core 5... I´d would really appreciate any comments or help. Thank you very much for the attention." And his answer was: Quote: "Please post your problems with more detailed info like your smb.conf and debug level 10 logs of smbd to samba. The patch I've posted for sure has nothing to do with your problem. Volker" I´d appreciate any comments! Thanks again for your help! Cheers, Duli Interesting - principally because although Volker told you it has "nothing to do with your problem", my segfaults matched those of the OP in the Samba ML thread and the patch makes them go away. Coincidence? Maybe. But it definitely WORKSFORME. Great, Graeme. Thanks once more for your great help!!! Cheers, Created attachment 139099 [details]
Proof of concept for innetgr() crash
Created attachment 139100 [details]
System info and gdb output for innetgr() PoC crash
[First off, Graeme, I don't believe that mailing list thread/patch has anything to with this bug.] Since my machine doesn't need NIS, one workaround is to edit /etc/nsswitch.conf and change the "netgroup" line from "nisplus" to "files". After that, smbd works fine with "valid users = @group". The crash is due to glibc's innetgr() eventually calling strdup(NULL). It looks like it tries to find group information using NIS-related functions, but one of the sub-lookups fails in a way the caller doesn't expect (an array element is NULL instead of the array pointer being NULL). The bug is reproducible independently of Samba using the attached PoC (see also gdb info), under Fedora Core 5 with glibc-2.4-11 and "netgroup: nisplus" in /etc/nsswitch.conf. The user and group can be anything, including nonexistent ones. Changing the netgroup entry to "files" simply hides the bug and allows smbd to work on machines that use local files for group information. Bug filed with glibc bugzilla (http://sourceware.org/bugzilla/show_bug.cgi?id=3411). *** This bug has been marked as a duplicate of 206483 *** |