samba 2.2.2, smbpaswd, and hp-ux 11.00

MCCALL,DON (HP-USA,ex1) don_mccall at hp.com
Tue Jan 8 06:48:08 GMT 2002 

Hi Frank,
Samba is sensitive to netative uid/gid pairs; the default guest account
for samba is nobody, which is typically assigned 
-1/-2.  The answer is to create an smbnull user in your etc/passwd with
positive uid/gid pair and add the global parameter guest account = smbnull.

Hope this helps,
Don
-----Original Message-----
From: Frank Smith [mailto:Frank.Smith at unilever.com]
Sent: Tuesday, January 08, 2002 9:09 AM
To: samba at lists.samba.org; frank.smith at unilever.com;
agnes.phipps at unilever.com
Subject: samba 2.2.2, smbpaswd, and hp-ux 11.00


please help!!!

i encountered something rather peculiar.  i installed samba 2.2.2 on an hp
system running hp-ux 11.00.  the smbpasswd program breaks when run as a
typical
user, but works fine when run as root.  these messages show up in the
partial
log.smbd files:  (both sessons used a log level of three.)

this session had no [IPC$] section in smb.conf:

<deleted>
[2002/01/08 08:52:27.770936, 3, pid=14870]
smbd/password.c:server_cryptkey(1116)
  got session
[2002/01/08 08:52:27.778358, 3, pid=14870]
smbd/password.c:server_cryptkey(1131)
  password server OK
[2002/01/08 08:52:27.778857, 3, pid=14870] smbd/negprot.c:reply_nt1(186)
  using password server validation
[2002/01/08 08:52:27.779332, 3, pid=14870] smbd/negprot.c:reply_negprot(433)
  Selected protocol NT LANMAN 1.0
[2002/01/08 08:52:27.781377, 3, pid=14870] smbd/process.c:process_smb(860)
  Transaction 2 of length 78
[2002/01/08 08:52:27.781880, 3, pid=14870]
smbd/process.c:switch_message(667)
  switch message SMBsesssetupX (pid 14870)
[2002/01/08 08:52:27.782361, 3, pid=14870] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:52:27.782910, 3, pid=14870]
smbd/reply.c:reply_sesssetup_and_X(855)
  Domain=[]  NativeOS=[Unix] NativeLanMan=[Samba]
[2002/01/08 08:52:27.783424, 3, pid=14870]
smbd/reply.c:reply_sesssetup_and_X(866)
  sesssetupX:name=[]
[2002/01/08 08:52:27.785196, 3, pid=14870] smbd/sec_ctx.c:push_sec_ctx(288)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/01/08 08:52:27.785716, 3, pid=14870] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/01/08 08:52:27.786538, 3, pid=14870] smbd/sec_ctx.c:pop_sec_ctx(427)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:52:27.787313, 3, pid=14870]
smbd/password.c:register_vuid(307)
  uid -2 registered to name nobody
[2002/01/08 08:52:27.787815, 3, pid=14870]
smbd/password.c:register_vuid(309)
  Clearing default real name
[2002/01/08 08:52:27.788359, 3, pid=14870]
smbd/password.c:register_vuid(311)
  User name: nobody	Real name: 
[2002/01/08 08:52:27.789084, 3, pid=14870] smbd/process.c:process_smb(860)
  Transaction 3 of length 69
[2002/01/08 08:52:27.789581, 3, pid=14870]
smbd/process.c:switch_message(667)
  switch message SMBtconX (pid 14870)
[2002/01/08 08:52:27.790065, 3, pid=14870] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:52:27.790704, 3, pid=14870] lib/access.c:check_access(307)
  check_access: no hostnames in host allow/deny list.
[2002/01/08 08:52:27.791385, 2, pid=14870] lib/access.c:check_access(316)
  Allowed connection from  (127.0.0.1)
[2002/01/08 08:52:27.792196, 3, pid=14870]
smbd/password.c:authorise_login(897)
  authorise_login: ACCEPTED: guest account and guest ok (nobody)
[2002/01/08 08:52:27.792895, 3, pid=14870]
smbd/service.c:make_connection(477)
  Connect path is /tmp
[2002/01/08 08:52:27.793369, 3, pid=14870] smbd/sec_ctx.c:push_sec_ctx(288)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/01/08 08:52:27.793850, 3, pid=14870] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/01/08 08:52:27.794519, 3, pid=14870] smbd/sec_ctx.c:pop_sec_ctx(427)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:52:27.796141, 3, pid=14870]
lib/util_seaccess.c:se_access_check(242)
  se_access_check: user sid is S-1-5-21-3833845860-385089584-3296444123-996
[2002/01/08 08:52:27.796701, 3, pid=14870]
lib/util_seaccess.c:se_access_check(245)
  se_access_check: also S-1-5-21-3833845860-385089584-3296444123-997
[2002/01/08 08:52:27.797237, 3, pid=14870]
lib/util_seaccess.c:se_access_check(245)
  se_access_check: also S-1-1-0
[2002/01/08 08:52:27.797722, 3, pid=14870]
lib/util_seaccess.c:se_access_check(245)
  se_access_check: also S-1-5-2
[2002/01/08 08:52:27.798281, 3, pid=14870]
lib/util_seaccess.c:se_access_check(245)
  se_access_check: also S-1-5-32-546
[2002/01/08 08:52:27.798826, 3, pid=14870] smbd/vfs.c:vfs_init_default(98)
  Initialising default vfs hooks
[2002/01/08 08:52:27.799389, 3, pid=14870] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (4294967294, 4294967294) - sec_ctx_stack_ndx = 0
[2002/01/08 08:52:27.799917, 0, pid=14870] lib/util_sec.c:assert_gid(94)
  Failed to set gid privileges to (-1,-2) now set to (0,0) uid=(0,0)
[2002/01/08 08:52:27.800417, 0, pid=14870] lib/util.c:smb_panic(1055)
  PANIC: failed to set gid
<end of file>
  


this session had an explicit [IPC$] in smb.conf:

<deleted>
[2002/01/08 08:53:28.710400, 3, pid=14877]
smbd/password.c:server_cryptkey(1116)
  got session
[2002/01/08 08:53:28.712511, 3, pid=14877]
smbd/password.c:server_cryptkey(1131)
  password server OK
[2002/01/08 08:53:28.713001, 3, pid=14877] smbd/negprot.c:reply_nt1(186)
  using password server validation
[2002/01/08 08:53:28.713470, 3, pid=14877] smbd/negprot.c:reply_negprot(433)
  Selected protocol NT LANMAN 1.0
[2002/01/08 08:53:28.715485, 3, pid=14877] smbd/process.c:process_smb(860)
  Transaction 2 of length 78
[2002/01/08 08:53:28.715978, 3, pid=14877]
smbd/process.c:switch_message(667)
  switch message SMBsesssetupX (pid 14877)
[2002/01/08 08:53:28.716444, 3, pid=14877] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:53:28.716993, 3, pid=14877]
smbd/reply.c:reply_sesssetup_and_X(855)
  Domain=[]  NativeOS=[Unix] NativeLanMan=[Samba]
[2002/01/08 08:53:28.717502, 3, pid=14877]
smbd/reply.c:reply_sesssetup_and_X(866)
  sesssetupX:name=[]
[2002/01/08 08:53:28.719340, 3, pid=14877] smbd/sec_ctx.c:push_sec_ctx(288)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/01/08 08:53:28.719852, 3, pid=14877] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/01/08 08:53:28.720671, 3, pid=14877] smbd/sec_ctx.c:pop_sec_ctx(427)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:53:28.721453, 3, pid=14877]
smbd/password.c:register_vuid(307)
  uid -2 registered to name nobody
[2002/01/08 08:53:28.721949, 3, pid=14877]
smbd/password.c:register_vuid(309)
  Clearing default real name
[2002/01/08 08:53:28.722423, 3, pid=14877]
smbd/password.c:register_vuid(311)
  User name: nobody	Real name: 
[2002/01/08 08:53:28.723125, 3, pid=14877] smbd/process.c:process_smb(860)
  Transaction 3 of length 69
[2002/01/08 08:53:28.723623, 3, pid=14877]
smbd/process.c:switch_message(667)
  switch message SMBtconX (pid 14877)
[2002/01/08 08:53:28.724098, 3, pid=14877] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:53:28.724734, 3, pid=14877] lib/access.c:check_access(307)
  check_access: no hostnames in host allow/deny list.
[2002/01/08 08:53:28.725453, 2, pid=14877] lib/access.c:check_access(316)
  Allowed connection from  (127.0.0.1)
[2002/01/08 08:53:28.726305, 3, pid=14877]
smbd/password.c:authorise_login(897)
  authorise_login: ACCEPTED: guest account and guest ok (nobody)
[2002/01/08 08:53:28.726868, 0, pid=14877]
smbd/password.c:authorise_login(906)
  authorise_login: rejected invalid user nobody
[2002/01/08 08:53:28.727359, 2, pid=14877]
smbd/service.c:make_connection(318)
  Invalid username/password for ipc$ [nobody]
[2002/01/08 08:53:28.727828, 3, pid=14877] smbd/error.c:error_packet(111)
  error packet at smbd/reply.c(169) cmd=117 (SMBtconX) eclass=2 ecode=2
[2002/01/08 08:53:28.728792, 3, pid=14877]
smbd/process.c:timeout_processing(1085)
  end of file from client
[2002/01/08 08:53:28.729470, 3, pid=14877] smbd/sec_ctx.c:set_sec_ctx(320)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/01/08 08:53:28.730277, 2, pid=14877] smbd/server.c:exit_server(458)
  Closing connections
[2002/01/08 08:53:28.731017, 3, pid=14877]
smbd/connection.c:yield_connection(50)
  Yielding connection to 
[2002/01/08 08:53:28.753814, 3, pid=14877] smbd/server.c:exit_server(493)
  Server exit (normal exit)
<end of file>

one major common point:  both sessions connected to the samba server with a
blank sesssetupX:name=[] field.

i saw one other person about sep 2001 who encountered an almost identical
problem.  however, no one posted a response or solution to the news group
thread.

does anyone know the solution to this problem?  is it a bug in smbpasswd?

thank you for your time and assistance.

frank smith
frank.smith at unilever.com


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list