nss_winbind is not thread safe, any suggestions to fix this?

boyang yyyeer.bo at gmail.com
Thu Sep 20 10:59:49 GMT 2007

Hi, all:
      libnss_winbind is not thread safe, the following steps and result
can explain it.
To reproduce it:

write some junk code and tune the process time of winbindd:
Two threads are used in reproduce it.

1. at second 0, call getpwnam_r
2. at second 1, call getgrgid_r
3. at second 2, winbindd daemon process GETPWNAM request, ie, sleep(1) after    
   receive GETPWNAM request
4. at second 3, thread getgrgid_r become active again after sleep(2), and
   try to read the result(it is actually the result of getpwnam_r)
5. at second 4, winbindd deamon process GETGRGID request, ie sleep(3)after
   GETGRGID request
6. at second 5, thread getpwnam_r become active again after sleep(5), and try
   read the result(actually the result of getgrgid_r)

I have enlarged the time ticks to explain the race condition situation.
Generally speaking, the response of the two request in corresponding thread can
be messed. request 1 get the response of request2 and request2 get the response
of request1.

Some test result of my junk code using to thread to perform getpwnam_r and getgrgid_r:

1. I have domain NODNSUPDATE with user NODNSUPDATE\nodns1(uid=20005, gid=20002) and group NODNSUPDATE\Domain users(gid=20000)

2. in the two threads, I invoked getpwnam_r("NODNSUPDATE\nodns1") and getgrgid_r(20000) with the above reproduce steps and get the following result:

[31989]: getpwnam NODNSUPDATE\nodns1
keep_response False
winbindd socket: 3
[31989]: getgrgid 20000
keep_response False
winbindd socket: 3
getgrgid_r     : gid  [20000]
returned group : name [nodns1]
               : gid  [20005]
getpwnam_r    : name[NODNSUPDATE\nodns1]
returned psswd: name[domain users]
              : uid [20000]  gid [0]

Any opinion on whether or not we should fix this?


More information about the samba-technical mailing list