Unix Password Sync Problem

Todd Stiers tas at microdisplay.com
Tue May 11 22:13:59 GMT 1999 

Hi,

I applied the patch to smbd/chgpasswd.c, recompiled, installed and restarted
smbd.

Setting debug level=10, I got the following when I attempted a password change
from NT workstation 4.0:

[1999/05/11 14:46:48, 3] smbd/ipc.c:api_fd_reply(3243)
  Got API command 0x26 on pipe "samr" (pnum 7036)Doing \PIPE\samr
[1999/05/11 14:46:48, 4] rpc_server/srv_pipe.c:api_rpc_command(721)
  api_rpc_command: api_samr_rpc op 0x37 - api_rpc_command: SAMR_CHGPASSWD_USER
[1999/05/11 14:46:48, 3] smbd/chgpasswd.c:chgpasswd(381)
  Password change for user: tas
[1999/05/11 14:46:48, 0] lib/fault.c:fault_report(40)
  ===============================================================
[1999/05/11 14:46:48, 0] lib/fault.c:fault_report(41)
  INTERNAL ERROR: Signal 11 in pid 31613 (2.1.0-prealpha)
  Please read the file BUGS.txt in the distribution
[1999/05/11 14:46:48, 0] lib/fault.c:fault_report(43)
  ===============================================================
[1999/05/11 14:46:48, 0] lib/util.c:smb_panic(2538)
  PANIC: internal error
[1999/05/11 14:46:48, 3] param/loadparm.c:init_globals(852)
  Initialising global parameters
[1999/05/11 14:46:48, 3] param/params.c:pm_process(538)


BUGS.txt tells me to send to samba-bugs and to try fixing the problem myself.

Okay,
-Todd


doug_rintoul at SIL.ORG wrote:

> There is a problem with smbd/chgpasswd.c in the findpty function in the main CVS
> path, at least as of May 9, 1999 and still exists in the CVS I grabbed today. If
> HAVE_GRANTPT is not defined then OpenDir is called with the first argument
> (conn) being NULL. However when OpenDir (in smbd/dir) was modified for the
> virtual file system support it started using conn without checking to see if it
> was NULL. The third line in OpenDir is
>
>   DIR *p = conn->vfs_ops.opendir(name);
>
> This causes smbd to segfault when it tries to execute the above statement.
> findpty is only called from chat_with_program which is only called when unix
> password sync is set. I hacked OpenDir to use the old way of opening a directory
> (using dos_opendir) if conn is NULL but there is probably a better solution (I
> didn't have time to investigate what conn is used for and how to set it up
> before calling OpenDir).
>
> For you RedHat users out there complaining that the unix password sync does not
> work for you, I have found a solution. There seems to be a timing problem when
> chatting with passwd. The following patch now allows me to reliably change my
> password from NT, changing both the unix and samba password.
> --------------------- cut here ------------------------------------
> --- samba990428/source/smbd/chgpasswd.c Fri Mar 26 16:38:58 1999
> +++ samba/source/smbd/chgpasswd.c       Fri May  7 14:52:09 1999
> @@ -280,6 +280,8 @@
>        return(False);
>      }
>
> +    msleep(100);
> +
>      if (!next_token(&ptr,chatbuf,NULL,sizeof(chatbuf))) break;
>      pwd_sub(chatbuf);
>      if (!strequal(chatbuf,"."))
> @@ -317,6 +319,8 @@
>
>    /* we now have a pty */
>    if (pid > 0){                        /* This is the parent process */
> +    CatchSignal(SIGCLD, SIG_DFL);
> +
>      if ((chstat = talktochild(master, chatsequence)) == False) {
>        DEBUG(3,("Child failed to change password: %s\n",name));
>        kill(pid, SIGKILL); /* be sure to end this process */
> @@ -328,6 +332,8 @@
>        return(False);
>      }
>
> +    CatchChild();
> +
>      close(master);
>
>      if (pid != wpid) {
> --------------------- cut here ------------------------------------
>
> This patch also incorporates Benjamin Kuit's patch he submitted on March 7,
> 1999. With the above changes, my users can now change their passwords to their
> hearts content.
>
> Doug Rintoul
> SIL
>
> -----Original Message-----
> From: tas at microdisplay.com
> Sent: Thursday, May 06, 1999 7:48 PM
> To: Doug Rintoul; samba-ntdom at samba.org
> Subject: Unix Password Sync Problem
>
> Hi
>
> I am using a NTDOM version of Samba quite successfully,
> and I am now tackling the issue of syncronizing passwords
> between NT and the Unix (Linux) machines serving as the
> SAMBA PDC.
>
> When I have:
>
>    unix password sync = yes
> #   passwd program = /usr/bin/passwd %u
> #   passwd chat = *password* %n\n *password* %n\n *successful*
>    passwd program = /usr/local/samba/mdc/passwdwrapper %u
>    passwd chat = *password* %n\n *password* %n\n *alldone*
>
> in my smb.conf, (I have my own wrapper program, is this
> okay?) password changes on NT fail with:
>
> Unable to change the password on this account (C0000000BE)
>
> and my log.smb generates (debug level = 4) as its final lines
> (do I go higher in levels? what am I looking for?)
>
> [1999/05/06 17:32:11, 3] smbd/ipc.c:reply_trans(3601)
>   trans <\PIPE\> data=1176 params=0 setup=2
> [1999/05/06 17:32:11, 3] smbd/ipc.c:named_pipe(3456)
>   named pipe command on <> name
> [1999/05/06 17:32:11, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(387)
>   search for pipe pnum=7016
> [1999/05/06 17:32:11, 1] smbd/ipc.c:api_fd_reply(3280)
>   api_fd_reply: INVALID PIPE HANDLE: 7016
> [1999/05/06 17:32:11, 3] smbd/ipc.c:api_no_reply(3198)
>   Unsupported API fd command
> [1999/05/06 17:32:21, 3] lib/doscalls.c:dos_ChDir(329)
>   dos_ChDir to /usr/local/samba/lib
>
> The password changes work fine without the  "unix password sync" section
> commented out.
> The error happens when I use the machine passwd program or my wrapper
> program.
>
> Any suggestions? This should work with the NTDOM path, correct?
>
> Thanks,
> Todd
>
> --
> [--- [--- [--- [--- [--- [--- [--- [--- [--- [---
> Todd Stiers
> Director of Systems Administration
> The MicroDisplay Corporation
> http://www.microdisplay.com (510)243-9515x129
> ---] ---] ---] ---] ---] ---] ---] ---] ---] ---]

--
[--- [--- [--- [--- [--- [--- [--- [--- [--- [---
Todd Stiers
Director of Systems Administration
The MicroDisplay Corporation
http://www.microdisplay.com (510)243-9515x129
---] ---] ---] ---] ---] ---] ---] ---] ---] ---]

More information about the samba-ntdom mailing list