nss_winbind is not thread safe, any suggestions to fix this?
boyang
yyyeer.bo at gmail.com
Thu Sep 20 10:59:49 GMT 2007
Hi, all:
libnss_winbind is not thread safe, the following steps and result
can explain it.
To reproduce it:
write some junk code and tune the process time of winbindd:
Two threads are used in reproduce it.
1. at second 0, call getpwnam_r
2. at second 1, call getgrgid_r
3. at second 2, winbindd daemon process GETPWNAM request, ie, sleep(1) after
receive GETPWNAM request
4. at second 3, thread getgrgid_r become active again after sleep(2), and
try to read the result(it is actually the result of getpwnam_r)
5. at second 4, winbindd deamon process GETGRGID request, ie sleep(3)after
receive
GETGRGID request
6. at second 5, thread getpwnam_r become active again after sleep(5), and try
to
read the result(actually the result of getgrgid_r)
I have enlarged the time ticks to explain the race condition situation.
Generally speaking, the response of the two request in corresponding thread can
be messed. request 1 get the response of request2 and request2 get the response
of request1.
Some test result of my junk code using to thread to perform getpwnam_r and getgrgid_r:
1. I have domain NODNSUPDATE with user NODNSUPDATE\nodns1(uid=20005, gid=20002) and group NODNSUPDATE\Domain users(gid=20000)
2. in the two threads, I invoked getpwnam_r("NODNSUPDATE\nodns1") and getgrgid_r(20000) with the above reproduce steps and get the following result:
[31989]: getpwnam NODNSUPDATE\nodns1
keep_response False
winbindd socket: 3
[31989]: getgrgid 20000
keep_response False
winbindd socket: 3
getgrgid_r : gid [20000]
returned group : name [nodns1]
: gid [20005]
getpwnam_r : name[NODNSUPDATE\nodns1]
returned psswd: name[domain users]
: uid [20000] gid [0]
Any opinion on whether or not we should fix this?
Best
regards
boyang
9.21
More information about the samba-technical
mailing list