Using source3 RPC servers as daemons causes deadlock with winbindd!
abartlet at samba.org
Thu May 1 22:56:03 MDT 2014
On Wed, 2014-04-30 at 17:37 +0200, Andreas Schneider wrote:
> On Wednesday 30 April 2014 11:55:40 Andrew Bartlett wrote:
> > The attached patches finally make the source3 winbindd code connect to
> > the LSA and SAMR servers over ncalrpc rather than directly linking the
> > shared library.
> > The problem is, in make test s3dc is set to use:
> > rpc_server:epmapper = external
> > rpc_server:spoolss = external
> > rpc_server:lsarpc = external
> > rpc_server:samr = external
> > rpc_server:netlogon = external
> > rpc_server:register_embedded_np = yes
> > rpc_daemon:epmd = fork
> > rpc_daemon:spoolssd = fork
> > rpc_daemon:lsasd = fork
> > The issue is, when we connect to the RPC server, we lock up due to a
> > recursive call to winbindd (otherwise prevented because of the
> > winbind_off() call).
> > It can be reproduced with:
> > make test TESTS=samba3.blackbox.smbclient_auth.plain
> > GDB backtraces for smbd and winbindd are attached.
> > It appears to be locking up looking via LSA lookupnames and an NSS call
> > for unix group\nogroup
> > Do you think it is reasonable to expect the source3 LSA and SAMR servers
> > to be able to service winbindd when not loaded as a shared library, or
> > should we instead put an exception in for this (only use the pipes when
> > in AD DC mode).
> > Your thoughts and comments would be most valued. As mentioned above,
> > the patch used the to reproduce this is also attached.
> I'll leave today and will back on monday. Then I can look into this.
> Maybe Simo has time ...
This patch causes other issues (probably because it defines up an extra
domain), but appears to avoid the deadlock. It might provide some
inspiration for a correct fix here.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 13871 bytes
Desc: not available
More information about the samba-technical