"Bad talloc magic value" [Was: Upgrade from S3 to a Samba4 DC]
Adam Tauno Williams
awilliam at whitemice.org
Tue Nov 8 06:57:38 MST 2011
On Tue, 2011-11-08 at 20:52 +1100, Andrew Bartlett wrote:
> On Thu, 2011-10-27 at 08:52 -0400, Adam Tauno Williams wrote:
> > Quoting Adam Tauno Williams <awilliam at whitemice.org>:
> > > Quoting Adam Tauno Williams <awilliam at whitemice.org>:
> > >> On Tue, 2011-09-20 at 08:16 -0700, Andrew Bartlett wrote:
> > >>> On Mon, 2011-09-19 at 22:20 +0200, Pavel Herrmann wrote:
> > >>>> On Monday 19 of September 2011 16:03:20 Adam Tauno Williams wrote:
> > >>>> > Quoting Adam Tauno Williams <awilliam at whitemice.org>:
> > >>>> > linux-hvej:~ # /opt/s4/sbin/samba-tool user setpassword administrator
> > >>>> > New Password:
> > >>>> > Changed password OK
> > >>>> > --- kinit says my password expired, and can't change it (???
> > >>>> > linux-hvej:~ # kinit administrator at MICORE.US
> > >>>> > Password for administrator at MICORE.US:
> > >>>> > Password expired. You must change it now.
> > >>>> > Enter new password:
> > >>>> > Enter it again:
> > >>>> > kinit: Password has expired while getting initial credentials
> > >>>> you can try setting passwords to never expir
> > >>>> samba-tool pwsettings set --max-pwd-age=0
> > >>> If this is required, it means that the password polices were not
> > >>> upgraded correctly. This was a bug in earlier versions of this tool,
> > >>> but I thought it had been fixed.
> > >>> If this is still happening with current GIT, can you get me the ldif of
> > >>> your domain object? I want to check that the maxPwdAge is is negative
> > >>> nanoseconds, not positive seconds. (NTTIME vs unix time).
> > >> I'll update my git, rebuild, and import again [hopefully today, but it
> > >> may take a couple of days]/
> > > I finally got back to my AD migration. After pulling the git and
> > > rebuilding the import now fails completely.
> > > linux-hvej:~ # samba-tool domain samba3upgrade --dbdir=/tmp/x
> > > /tmp/x/smb.conf
> > > Reading smb.conf
> > > Provisioning
> > > no talloc stackframe around, leaking memory
> > > Exporting account policy
> > > Exporting groups
> > > talloc: access after free error - first free may be at ?? [wonky characters]
> > > Bad talloc magic value - access after free
> > > Aborted
> > > 4.0.0alpha18-GIT-1d53109
> > It I change debug level to 10 I can capture the attached output.
> We should never abort, but this looks wrong:
> Finding user barbel$
> Trying _Get_Pwnam(), username as lowercase is barbel$
> Trying _Get_Pwnam(), username as uppercase is BARBEL$
> Checking combinations of 0 uppercase letters in barbel$
> Get_Pwnam_internals didn't find user [barbel$]!
"id barbel$" works on the S3 DC.
However on the S4 winbind is not operational [I think I posted about
this]. "getent passwd" talks to Samba but does not enumerate users.
/opt/s4/bin/wbinfo -p --> "Ping to winbindd succeeded"
/opt/s4/bin/wbinfo -u --> Lists all the provisions users
- but -
barbel:/lib64 # getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2:2:Daemon:/sbin:/bin/bash
lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
news:x:9:13:News system:/etc/news:/bin/bash
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
games:x:12:100:Games account:/var/games:/bin/bash
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
messagebus:*:100:101:User for D-Bus:/var/run/dbus:/bin/false
sshd:*:101:102:SSH daemon:/var/lib/sshd:/bin/false
ntp:x:74:104:NTP daemon:/var/lib/ntp:/bin/false
postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
statd:x:102:65534:NFS statd daemon:/var/lib/nfs:/sbin/nologin
usbmux:x:103:65534:usbmuxd daemon:/var/lib/usbmuxd:/sbin/nologin
named:x:44:44:Name server daemon:/var/lib/named:/bin/false
dhcpd:x:104:65534:DHCP server daemon:/var/lib/dhcp:/bin/false
...
... long pause while samba talks into the log for awhile
...
Administrator:*:0:100::/home/BACKBONE/Administrator:/bin/false
Guest:*:3000008:99::/home/BACKBONE/Guest:/bin/false
krbtgt:*:3000009:100::/home/BACKBONE/krbtgt:/bin/false
Users are not included.
Samba output (debug level 10):
-------------------------------------
....
ldb: ldb_trace_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: CN=S-1-5-21-2037442776-3290224752-88127236-1011
cn: S-1-5-21-2037442776-3290224752-88127236-1011
objectClass: sidMap
objectSid: S-1-5-21-2037442776-3290224752-88127236-1011
type: UID
xidNumber: 1997
distinguishedName: CN=S-1-5-21-2037442776-3290224752-88127236-1011
wb_sids2xids_recv called
cmd_getpwnam_recv_uid called
wb_sid2uid_recv called
cmd_getpwent_recv_pwnam called
wb_cmd_getpwnam_recv called
getpwent_recv called
wb_cmd_getpwent_recv called
Received winbind TCP packet of length 2096 from unix:
Got winbind samba3 request 8
wbsrv_samba3_endpwent called
Terminating connection - 'wbsrv_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED'
imessaging: cleaning up /opt/s4/private/smbd.tmp/msg/msg.0:0.25
single_terminate: reason[wbsrv_call_loop: tstream_read_pdu_blob_recv() -
NT_STATUS_CONNECTION_DISCONNECTED]
> Does that user exist as a posix user in your LDAP directory? in Samba3,
> every Samba user *must* also appear via 'getent passwd <user>'.
Yes. "id barbel$" works on the S3 DC.
[root at littleboy ~]# getent passwd barbel$
barbel$:*:3125:99:Machine Account:/dev/null:/bin/false
More information about the samba-technical
mailing list