with most recent git master smbd fails to start in AD DC mode

Günter Kukkukk linux at kukkukk.com
Sat Mar 22 09:38:00 MDT 2014 

Am 22.03.2014 09:55, schrieb Andrew Bartlett:
> On Sat, 2014-03-22 at 04:31 +0100, Günter Kukkukk wrote:
>> http://git.samba.org/?p=samba.git;a=commit;h=6034ab521c47fc5f4732398652c9c6847ff92035
>>
>> introduced the following failure (in AD DC mode):
>>
>> ....
>> /usr/local/samba/sbin/smbd: smbd version 4.2.0pre1-GIT-7fdb21c started.
>> /usr/local/samba/sbin/smbd: Copyright Andrew Tridgell and the Samba Team 1992-2014
>> /usr/local/samba/sbin/smbd: Registered MSG_REQ_POOL_USAGE
>> /usr/local/samba/sbin/smbd: Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
>> /usr/local/samba/sbin/smbd: lp_load_ex: refreshing parameters
>> /usr/local/samba/sbin/smbd: Initialising global parameters
>> /usr/local/samba/sbin/smbd: rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
>> /usr/local/samba/sbin/smbd: params.c:pm_process() - Processing configuration file "/usr/local/samba/etc/smb.conf"
>> /usr/local/samba/sbin/smbd: Processing section "[global]"
>> /usr/local/samba/sbin/smbd: Processing section "[netlogon]"
>> /usr/local/samba/sbin/smbd: Processing section "[sysvol]"
>> /usr/local/samba/sbin/smbd: Processing section "[test]"
>> /usr/local/samba/sbin/smbd: adding IPC service
>> /usr/local/samba/sbin/smbd: added interface eno16777736 ip=2a02:8109:8f40:107c:20c:29ff:fe3b:8649 bcast= netmask=ffff:ffff:ffff:ffff::
>> /usr/local/samba/sbin/smbd: added interface eno16777736 ip=192.168.200.70 bcast=192.168.200.255 netmask=255.255.255.0
>> /usr/local/samba/sbin/smbd: added interface lo ip=::1 bcast= netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
>> /usr/local/samba/sbin/smbd: added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
>> /usr/local/samba/sbin/smbd: loaded services
>> /usr/local/samba/sbin/smbd: Becoming a daemon.
>> /usr/local/samba/sbin/smbd: ldb_wrap open of idmap.ldb
>> /usr/local/samba/sbin/smbd: getpwuid(3000011) failed                     <<<<<===== !!!!!?
>> /usr/local/samba/sbin/smbd: Failed to finalize nt token
>> /usr/local/samba/sbin/smbd: create_local_token failed: NT_STATUS_UNSUCCESSFUL
>> /usr/local/samba/sbin/smbd: ERROR: failed to setup guest info.
>> Child /usr/local/samba/sbin/smbd exited with status 255 - Unknown error 255
>> file_server smbd daemon died with exit status 255
>> task_server_terminate: [smbd child process exited]
>> samba_terminate: smbd child process exited
>> ------------
>>
>> When i revert this patch at least all former stuff is working again.
> 
> It probably would start if you had nss_winbind installed and running,
> but this isn't a requirement and many sites quite reasonably don't have
> it enabled.
> 
> We also can't just allow it to fail in the AD DC, as then a 'guest only'
> share would fail.  (But it isn't used otherwise, because of the way the
> AD DC authz stack is redirected). 
> 
> Andrew Bartlett
> 

Hi Andrew,

libnss_winbind.so is installed:

li131:/lib64 # ls -al libnss_winbind*
lrwxrwxrwx 1 root root 19 Dec  3 17:46 libnss_winbind.so -> libnss_winbind.so.2
lrwxrwxrwx 1 root root 40 Dec  3 17:45 libnss_winbind.so.2 -> /usr/local/samba/lib/libnss_winbind.so.2

ldconfig -v | grep winbind
libnss_winbind.so -> libnss_winbind.so.2

li131:/lib64 # cat /etc/nsswitch.conf
... snip
passwd: compat winbind
group:  compat winbind

Cheers, Günter

--

More information about the samba-technical mailing list