getent works, but getpwnam fails
adp
dap99 at i-55.com
Thu Jul 15 15:44:26 GMT 2004
I have an odd problem. For the majority of accounts in AD Winbind works
fine. However, for a very small minority the user cannot login (user not
found). To debug this I first ran 'getent passwd | grep username'. This
indeed returned the username that is not working. I then set 'log level' to
3 and restarted Winbind. Watching the log I found that for the user that
cannot login, Winbind shows:
# su - xx
su: user xx does not exist
# tail /var/log/samba/winbind.log
...
[2004/07/15 11:29:51, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(261)
[11246]: request interface version
[2004/07/15 11:29:51, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297)
[11246]: request location of privileged pipe
[2004/07/15 11:29:51, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(122)
[11246]: getpwnam xx
# getent passwd | grep xx
xx:x:11911:10001:X, X:/home/xx:/bin/sh
For users where this works they get more:
[2004/07/15 11:30:46, 3]
nsswitch/winbindd_misc.c:winbindd_interface_version(261)
[11250]: request interface version
[2004/07/15 11:30:46, 3]
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297)
[11250]: request location of privileged pipe
[2004/07/15 11:30:46, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(122)
[11250]: getpwnam yy
[2004/07/15 11:30:46, 3] nsswitch/winbindd_ads.c:name_to_sid(313)
ads: name_to_sid
So my thought here is that getpwnam is not returning a good response for xx.
To test this I wrote a test program that confirmed that xx can't be found
using getpwnam(), even though it shows up with getent:
The output:
xx failed
errno: Success
yy worked
The program:
#include <stdio.h>
#include <pwd.h>
#include <sys/types.h>
void test_user(char *user) {
struct passwd *pw;
if ((pw = getpwnam(user)) == NULL)
{
printf("%s failed\n", user);
perror("errno");
}
else
printf("%s worked\n", user);
}
int main(void) {
char *bad_user = "xx";
char *good_user = "yy";
test_user(bad_user);
test_user(good_user);
return 0;
}
What is going on here? We have about five accounts that show this behavior.
We are running RHES3 with:
samba-common-3.0.2-6.3E
redhat-config-samba-1.0.16-1
samba-3.0.2-6.3E
samba-client-3.0.2-6.3E
More information about the samba-technical
mailing list