sone weired bugs

Jens Skripczynski jens.skripczynski at igd.fhg.de
Sun Jan 16 13:52:22 GMT 2000 

Hi,

i think I ran over some strange bugs.
Setup:
SAMBA 3.0 with TNG.
PDC: SHADOWLAND
Domain: PRIVAT
Client: TirNaOrg (NT4 SP4 German)

1)
I can connect to my Printer on shadowland by using \\shadowland\lp.
But I did not configure a share named "lp" ?! Is this a bug or a feature ?

2)
Most of the RPC to shadowland from TirNaOrg fail, some only when logged in as
Domain User:
\\PRIVAT\Jens: the IPC connect fails. I cannot open "network
nei..."->"shadowland" =. The error "Auf \\shadowland kann nicht zugegriffen
werden. \n Beim abgesetzten Proceduraufruf (RPC) ist ein Protokollfehler
aufgetreten" Meaning something like "Cannot access \\shadowland. \n With the
Procedure Call (RPC) a protocoll Error accured".

But connecting as \\TIRNAORG\administrator:
Everything works fine. I see the anonymous shares the Printers directory and
my (configured) Printer "hp4p". 

-- Where can I trace this error ?

2) The Usermanager fail to work:
(Tried to translate) "With the Procedure Call (RPC) a protocoll Error accured.
Do you want to select another Domain to administer".

3) netlogond:
The Logfile tells me the following:
file_changed: Unable to stat file /usr/local/etc/samba/private/domaingroup.map. 
Error was Permission denied

">sudo ls -la /usr/local/etc/samba/private/"
total 9
drwx------   3 root     root         1024 Jan 14 22:57 .
drwxr-xr-x   5 root     root         1024 Jan 13 22:37 ..
-rw-------   1 root     root           46 Jan 13 22:37 PRIVAT.SHADOWLAND.mac
-rw-r--r--   1 root     root           42 Jan 13 22:33 PRIVAT.SID
-rw-r--r--   1 root     root           20 Jan 14 22:40 domaingroup.map
-rw-r--r--   1 root     root           19 Jan 14 22:57 domainuser.map
-rw-r--r--   1 root     root           29 Jan 13 20:40 localgroup.map
drwxr-xr-x   2 root     root         1024 Dec 17 16:57 old
-rw-------   1 root     root          638 Jan 15 17:49 smbpasswd

As I run samba as root netlogon should find the file and access it...

Also after starting netlogond in the logfile the following line give me a
headache:
Added interface ip=192.168.0.254 bcast=192.168.0.255 nmask=255.255.255.0
Added interface ip=10.0.0.254 bcast=10.0.0.255 nmask=255.255.255.0
standard input is not a socket, assuming -D option
create_pipe_socket: /var/lock/samba/.msrpc perms=448
/var/lock/samba/.msrpc/NETL
OGON perms=448
*** Please someone examine create_pipe_socket and fix it ***
*** if used other than for exclusive root access ***
*** (see perms, which should be 0700 and 0600) ***
*** there is a race condition to be exploited. ***
--> remove on /var/lock/samba/.msrpc/NETLOGON failed <--
waiting for a connection


Why does he want to remove his own pipe/socket ? Even he does not fail to
operate. What shall this logmessage tell me ?

3)
Here is a log of smbd:
ftp is my anonymous user.
Jens is myself.
LP is my Printer !

lib/access.c:check_access(258) Allowed connection from TirNaOrg.sc (10.0.0.3)
smbd/password.c:pass_check_smb(504) Couldn't find user 'ftp' in smb_passwd file.
smbd/password.c:pass_check_smb(504) Couldn't find user 'ftp' in smb_passwd file.
smbd/password.c:pass_check_smb(532) pass_check_smb failed - invalid password for user [claudia]
smbd/password.c:pass_check_smb(532) pass_check_smb failed - invalid password for user [jens]
smbd/password.c:pass_check_smb(504) Couldn't find user 'lp' in smb_passwd file.
rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(140) user session key not available (yet).
rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(141) password-change operations may fail.

a) As user ftp is my anonymous user, why does samba complain about not being in
the smbpasswd file ? 
b) I _did_ use the correct password ! Why does samba tell
a invalid password ? Is this a wrong log message ?
c) Why does samba suddenly look up a share name as a user ?

4) All the socket daemons give the following error :
*** Please someone examine create_pipe_socket and fix it ***
*** if used other than for exclusive root access ***
*** (see perms, which should be 0700 and 0600) ***
*** there is a race condition to be exploited. ***

Isn't there a way to implement something similar to fetchmail or sshd
who check at the start for the correct file perms ? 
as dirmode 0700 root.root and 0600 root.root filemode shouldn't be possibly
exploited. 

5) The changing of file permissions on samba shares does not work either.
Again some RPC error...

6) When i configure the Profiles directory with a sticky bit (mode 1777)
The TNG tree automatically makes a Profile directory under the Profile share
when the user first logs in. The 3.0/tng combination fails.

7) How good are 3.0 and tng connected together. I mean after what amount of
time are changes in the tng subtree avaible in the 3.0 ? Is it instantly
because this pipe/socket stuff ? Or are there certain changes in the 3.0 tree
to be done  for new features to work ?

Luke can you (if you have some spare time) maybe make a check list of things 
working at tng, someone who is responsible for the head branch also.
So one could check what works at the combination.


Ciao

Jens Skripczynski
-- 
E-Mail: skripi at igd.fhg.de
Computers are like airconditioners: They stop working 
properly if you open windows.

More information about the samba-ntdom mailing list