nmbd does not start without smbd (fwd)

William Stuart william at hae.com
Fri Dec 4 23:34:40 GMT 1998


I think generating a SID should be an installation requirement.  Even if the
box is never set up as a PDC or domain member.

I would recommend that an option be added to smbpasswd to generate the SID
and that this runs as part of 'make install'.  If no SID exists then smbd
and nmbd should fail to start.
---
William Stuart (william at hae.com)
Si hoc legere scis nimium eruditionis habes


On Sat, 5 Dec 1998, Andrew Tridgell wrote:

> > obtain the sid using lsa_query_info_policy() instead of creating
> > sam_name.SID and reading it, which is a race-condition problem.
>
> then solve the race condition some other way. There is no way we want
> nmbd to be reliant on smbd running. It will make things so much more
> fragile.
>
> maybe you should explain the race condition so we can propose a
> solution.

both nmbd and smbd need to know the SID of the SAM database that the samba
server is responsible for.  calling generate_sam_sid() from both nmbd and
smbd for the very first time, there's no locking in there, so both can
detect that the file does not exist, and both can generate a random SID
and both can write it out to the same file.

even if nmbd reads its SAM sid from a file (locking issues assumed to be
resolved), there's the Domain SID to obtain, if configured as a member of
a domain.

you _still_ need to do a LsaQueryInfoPolicy(level 3) call to obtain this
SID from somewhere.  ah, but that will be from the PDC.

so the code currently isn't sophisticated enough, basically.




More information about the samba-technical mailing list