RedHat's glibc-2.3.2 and Samba -> assert_uid() failures?

Andrew Bartlett abartlet at samba.org
Mon Mar 24 11:51:46 GMT 2003 

I've been debugging another massive fall-apart at my site :-(

This time it appears that the installation of glibc=2.3.2-4.80.i686.rpm
(required to fix a security issue) broke my installation.

It appears that it would *occasionally* cause setresuid() to fail.  Most
of the time it would work - particularly during the configure.  However
during actual use, it seems to fail - samba does not accept this, and
asserts.

On downgrading to RH 8.0 release glibc, things returned to normal. 

Catching one in GDB *seems* to suggest that the errno might be EINVAL.

Mar 24 09:51:28 kate smbd[31962]: [2003/03/24 09:51:28, 0]
lib/util_sec.c:assert_uid(95)
Mar 24 09:51:28 kate smbd[31962]:   Failed to set uid privileges to
(-1,65773) now set to (0,0)
Mar 24 09:51:28 kate smbd[31962]: [2003/03/24 09:51:28, 0]
lib/util.c:smb_panic(1419)
Mar 24 09:51:28 kate smbd[31962]:   smb_panic(): calling panic action
[/etc/samba/panic-action 31962]

My panic-action didn't work properly however, which is annoying me :-(.

Interestingly, earlier in the day I had these errors - I'm not on NFS. 
(this is the same errno).  But it could just as easily be more generic
locking bugs...

Mar 24 11:20:00 kate smbd[23560]: [2003/03/24 11:20:00, 0]
locking/posix.c:posix_fcntl_lock(658)
Mar 24 11:20:00 kate smbd[23560]:   posix_fcntl_lock: WARNING: lock
request at offset 0, length 1024 returned
Mar 24 11:20:00 kate smbd[23560]: [2003/03/24 11:20:00, 0]
locking/posix.c:posix_fcntl_lock(659)
Mar 24 11:20:00 kate smbd[23560]:   an Invalid argument error. This can
happen when using 64 bit lock offsets
Mar 24 11:20:00 kate smbd[23560]: [2003/03/24 11:20:00, 0]
locking/posix.c:posix_fcntl_lock(660)
Mar 24 11:20:00 kate smbd[23560]:   on 32 bit NFS mounted file systems.

Anybody got any ideas?  Or anybody had similar problems?

Even if it's a glibc bug, we probably need to detect/work around it.  It
appears that setresuid() is an 'odd' call - is there a better one to
call?

Andrew Bartlett
-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030324/ab9630d3/attachment.bin

More information about the samba-technical mailing list