Winbind Sid-to-Name handling
Har Gagan Sahai
shargagan at novell.com
Fri Sep 27 08:46:20 MDT 2013
Hi Samba Team,
Please provide some input on this issue.
Regards,
Har Gagan Sahai
>>> "Har Gagan Sahai" <shargagan at novell.com> 09/25/13 7:31 PM >>>
Hi Samba Team,
We are using samba-3.6.3. I am facing one issue wrt winbind rpc lookup domain sids.
There are continuous requests hitting winbind for different lookup sids requests. These requests vary in the number of sids in each request. So some requests (single sid) are done fast and others takes time.
Now when there are requests which is taking time, those times out and it does retry as per the current code in lookup_groupmem() in winbindd_ads.c. This retry also times out due to delay in the response. This delay can be attributed to the number of sids in the request.
After a few time out instances, for any new request of sid-to-name type, I have noticed that the response is varying. Sometime it picks up the response of the previously timed out sid-to-name command of some other SID(s). Here is the output of the command I ran in loop, 'wbinfo -s S-1-5-21-3842980903-586396-300088805-513'.
SOMEDOMAIN\testgroup1 2
SOMEDOMAIN\Domain Users 2
SOMEDOMAIN\puser100 1
The correct name is 'Domain Users' but other two are wrong names picked due to the problem I explained above.
And in other case, it also causes crash. This is when the response has lesser number of names compared to the requested sids. The backtrace looks like this :
[2013/09/25 14:38:44.038152, 0, pid=919] lib/fault.c:51(fault_report)
===============================================================
[2013/09/25 14:38:44.038215, 0, pid=919] lib/util.c:1117(smb_panic)
PANIC (pid 919): internal error
[2013/09/25 14:38:44.042673, 0, pid=919] lib/util.c:1221(log_stack_trace)
BACKTRACE: 23 stack frames:
#0 /usr/sbin/winbindd(log_stack_trace+0x1a) [0x7f603b1c1a9a]
#1 /usr/sbin/winbindd(smb_panic+0x2b) [0x7f603b1c1b6b]
#2 /usr/sbin/winbindd(+0x1af280) [0x7f603b1b2280]
#3 /lib64/libc.so.6(+0x32bd0) [0x7f6038278bd0]
#4 /lib64/libc.so.6(+0x809d2) [0x7f60382c69d2]
#5 /usr/lib64/libtalloc.so.2(talloc_strdup+0x36) [0x7f6038bf7b36]
#6 /usr/sbin/winbindd(+0x5036c1) [0x7f603b5066c1]
#7 /usr/sbin/winbindd(dcerpc_lsa_lookup_sids+0x2e) [0x7f603b506d7e]
#8 /usr/sbin/winbindd(winbindd_lookup_sids+0xf5) [0x7f603b0ff965]
#9 /usr/sbin/winbindd(+0xfffd2) [0x7f603b102fd2]
#10 /usr/sbin/winbindd(+0xec5b0) [0x7f603b0ef5b0]
#11 /usr/sbin/winbindd(_wbint_LookupGroupMembers+0x63) [0x7f603b10d593]
#12 /usr/sbin/winbindd(+0x113e06) [0x7f603b116e06]
#13 /usr/sbin/winbindd(winbindd_dual_ndrcmd+0xe1) [0x7f603b10c2d1]
#14 /usr/sbin/winbindd(+0x108032) [0x7f603b10b032]
#15 /usr/sbin/winbindd(+0x108b55) [0x7f603b10bb55]
#16 /usr/sbin/winbindd(tevent_common_loop_immediate+0xea) [0x7f603b1d285a]
#17 /usr/sbin/winbindd(run_events_poll+0x3b) [0x7f603b1d0abb]
#18 /usr/sbin/winbindd(+0x1ce1f2) [0x7f603b1d11f2]
#19 /usr/sbin/winbindd(_tevent_loop_once+0x90) [0x7f603b1d15f0]
#20 /usr/sbin/winbindd(main+0x7db) [0x7f603b0e344b]
#21 /lib64/libc.so.6(__libc_start_main+0xe6) [0x7f6038264c16]
#22 /usr/sbin/winbindd(+0xddb49) [0x7f603b0e0b49]
[2013/09/25 14:38:44.063980, 0, pid=919] lib/fault.c:372(dump_core)
dumping core in /var/log/samba/cores/winbindd
The question is how winbind differentiate b/w the responses. That is when there is a response for any timeout-ed request arrives, can it pose as the response of a new request done after the time out of previous request ?
Regards,
Har Gagan Sahai
More information about the samba-technical
mailing list