Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1420130 - samba_krb5_wrapper does not list devices when called with no arguments
samba_krb5_wrapper does not list devices when called with no arguments
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: samba (Show other bugs)
7.3
All Linux
high Severity high
: rc
: ---
Assigned To: Andreas Schneider
Robin Hack
: Patch, Regression
Depends On:
Blocks: 1298243
  Show dependency treegraph
 
Reported: 2017-02-07 17:43 EST by Bryan Mason
Modified: 2017-08-01 14:21 EDT (History)
5 users (show)

See Also:
Fixed In Version: samba-4.6.0-0.1.rc4.el7
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-08-01 14:21:34 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Proposed patch (749 bytes, patch)
2017-02-07 18:51 EST, Bryan Mason 		no flags Details | Diff
Another possible patch (1.46 KB, patch)
2017-02-09 13:21 EST, Bryan Mason 		no flags Details | Diff
New patch (2.03 KB, patch)
2017-02-16 02:22 EST, Bryan Mason 		no flags Details | Diff
Show Obsolete (1) Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Samba Project 12575 None None None 2017-02-10 05:31 EST
Red Hat Knowledge Base (Solution) 2909161 None None None 2017-02-07 19:39 EST
Red Hat Product Errata RHSA-2017:1950 normal SHIPPED_LIVE Low: samba security, bug fix, and enhancement update 2017-08-01 14:09:24 EDT

  None (edit)
Description Bryan Mason 2017-02-07 17:43:36 EST 
Description of problem:

  The new samba_krb5_wrapper that allows CUPS to use Kerberos to
  authenticate with printers doesn't list SMB devices when called with
  no arguments.  As a result, the SMB protocol isn't listed as a 
  possible printer connection mechanism.

Version-Release number of selected component (if applicable):

  samba-4.4.4-9

How reproducible:

  100%

Steps to Reproduce:

  run "lpinfo -v"

  or

  run "/usr/lib/cups/backend/smb"

Actual results:

  # lpinfo -v
  serial serial:/dev/ttyS0?baud=115200
  network ipps
  network lpd
  network socket
  network https
  network http
  network ipp

  # /usr/lib/cups/backend/smb
  DEBUG: SMBSPOOL_KRB5 - Started with uid=0

  DEBUG: SMBSPOOL_KRB5 - AUTH_INFO_REQUIRED is not set
  ATTR: auth-info-required=negotiate

Expected results:

  # lpinfo -v
  serial serial:/dev/ttyS0?baud=115200
  network ipps
  network lpd
  network socket
  network https
  network http
  network ipp
  network smb

  (Last entry "network smb" should be included)

  # /usr/lib/cups/backend/smb 
  network smb "Unknown" "Windows Printer via SAMBA"

Additional info:

  When the "lpinfo -v" command is used, cupsd calls
  /usr/lib/cups/daemon/cups-deviced to execute all the backends in
  /usr/lib/cups/backend with no arguments.  When a backend is called
  with no arguments, it should list all the devices that are accessible
  via that backend.

  This mechanism is also used by the Web UI and system-config-printer to
  enumerate  possible  print  devices.   If  samba_krb5_wrapper  doesn't
  provide the proper out put, SMB will not be listed as an option in the
  GUI when installing new printers.

  Proposed patch forthcoming...
Comment 1 Bryan Mason 2017-02-07 18:51 EST 
Created attachment 1248514 [details]
Proposed patch

Before (no "network smb" entry):

  # lpinfo -v
  serial serial:/dev/ttyS0?baud=115200
  network ipps
  network lpd
  network socket
  network https
  network http
  network ipp

After ("network smb" included as third entry):

  # lpinfo -v
  serial serial:/dev/ttyS0?baud=115200
  network ipps
  network smb
  network lpd
  network socket
  network https
  network http
  network ipp
Comment 4 Bryan Mason 2017-02-09 13:21 EST 
Created attachment 1248878 [details]
Another possible patch

This patch falls back to the smbspool command if AUTH_INFO_REQUIRED is not set or is not set to "negotiate".  Because cups-deviced doesn't set AUTH_INFO_REQUIRED when searching for devices, this allows the wrapper to call smbspool to send the line

  network smb "Unknown" "Windows Printer via SAMBA"

back to cups-deviced/cupsd when enumerating devices.

I believe this patch will also allow the backend to be used both with SMB printers that use Kerberos as well as SMB printers that use other authentication methods (username,password for example).
Comment 5 Andreas Schneider 2017-02-10 05:31:06 EST 
I think I prefer the patch from comment #4.

Could you please apply this to the Samba git master branch. And send a git-format patch with your sign-off to samba-technical mailing list or attach it here. However you need to sign the CoO that your patch can be added, see 

https://git.samba.org/?p=samba.git;a=blob;f=README.contributing
Comment 6 Andreas Schneider 2017-02-10 05:32:00 EST 
The commit message requires the following line in the description:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12575
Comment 8 Bryan Mason 2017-02-16 02:22 EST 
Created attachment 1250789 [details]
New patch

As requested, a patch created using "git format-patch" with BUG: and Signed-off-by: headers.  I also sent this to samba-technical.
Comment 12 errata-xmlrpc 2017-08-01 14:21:34 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1950
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.