[Samba] samba on HPUX 11

Mike samba at miratek.com
Fri Mar 8 15:27:12 GMT 2002 

Paul,

I have been working on getting Winbind and Pam to work on HP-UX 11. With
the help of Don McCall from HP and others, I was able to do so. The full
documentation on how to do this can be found at
http://www.miratek.com/samba  (most of the document is exerpts from Don
e-mails). Also you can find sample pam.conf, smb.conf, and nsswitch.conf
files at that url. 

Try this:

1) Samba is sensitive to negative uid/gid pairs; the default guest
account for samba is nobody, which is typically assigned 
-1/-2.  The answer is to create an smbnull user in your /etc/passwd with
positive uid/gid pair and add the global parameter guest account =
smbnull.

2) Log on to the NT domain controller start Server Manager, delete the
servername if it exists, add the HP9000 Server Name in server manager
Then on the HP9000 server:
/opt/samba/bin/smbpasswd -j DOAMIN -r PDC 
  

3) Current Samba release contain a new parameter to the wbinfo program
to specify a username and password to enumerate users and groups as.
This is in response to people using the RestrictAnonymous registry key
which breaks winbindd.

The syntax is 'wbinfo -A username%password' which, when run as root,
stores the username and password specified in secrets.tdb.  When
winbindd makes connections to domain controllers it uses this account
which makes the enumeration non-anonymous.


Other suggestions are on the URL web page. 

Thanks,

Mike
-----Original Message-----
From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]
On Behalf Of Orwig, Paul
Sent: Friday, March 08, 2002 2:05 PM
To: 'samba at lists.samba.org'
Subject: [Samba] samba on HPUX 11

I am having problems getting samba to run on HPUX 11.

Details:
HPUX 11
samba 2.2.2 and 2.2.3a
gcc 3.0.1

configure options: --prefix=/samba --with-pam --without-winbind

Problem:
1)  I am running with logging level at 3 and see many PANIC messages.
  PANIC: failed to set gid

log entry:
[2002/03/07 18:55:58, 3] smbd/server.c:exit_server(492)
  Server exit (normal exit)
[2002/03/07 18:56:18, 3] smbd/oplock.c:init_oplocks(1184)
  open_oplock_ipc: opening loopback UDP socket.
[2002/03/07 18:56:18, 3] lib/util_sock.c:open_socket_in(798)
  bind succeeded on port 0
[2002/03/07 18:56:18, 3] smbd/oplock.c:init_oplocks(1214)
  open_oplock ipc: pid = 27607, global_oplock_port = 65214
[2002/03/07 18:56:18, 3] smbd/process.c:process_smb(860)
  Transaction 0 of length 72
[2002/03/07 18:56:18, 2] smbd/reply.c:reply_special(91)
  netbios connect: name1=ANNIMG           name2=AP-PS03
[2002/03/07 18:56:18, 2] smbd/reply.c:reply_special(110)
  netbios connect: local=annimg remote=ap-ps03
[2002/03/07 18:56:18, 3] smbd/process.c:process_smb(860)
  Transaction 1 of length 174
[2002/03/07 18:56:18, 3] smbd/process.c:switch_message(667)
  switch message SMBnegprot (pid 27607)
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:set_sec_ctx(313)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [XENIX CORE]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [MICROSOFT NETWORKS 1.03]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [LANMAN1.0]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [Windows for Workgroups 3.1a]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [LM1.2X002]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [LANMAN2.1]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(348)
  Requested protocol [NT LM 0.12]
[2002/03/07 18:56:18, 3] smbd/negprot.c:reply_negprot(432)
  Selected protocol NT LM 0.12
[2002/03/07 18:56:18, 3] smbd/process.c:process_smb(860)
  Transaction 2 of length 131
[2002/03/07 18:56:18, 3] smbd/process.c:switch_message(667)
  switch message SMBsesssetupX (pid 27607)
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:set_sec_ctx(313)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] smbd/reply.c:reply_sesssetup_and_X(847)
  Domain=[]  NativeOS=[Windows NT 1381] NativeLanMan=[]
[2002/03/07 18:56:18, 3] smbd/reply.c:reply_sesssetup_and_X(858)
  sesssetupX:name=[]
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:push_sec_ctx(281)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/03/07 18:56:18, 3] smbd/uid.c:push_conn_ctx(284)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:set_sec_ctx(313)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:pop_sec_ctx(420)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] smbd/password.c:register_vuid(328)
  uid -2 registered to name nobody
[2002/03/07 18:56:18, 3] smbd/password.c:register_vuid(330)
  Clearing default real name
[2002/03/07 18:56:18, 3] smbd/password.c:register_vuid(332)
  User name: nobody     Real name:
[2002/03/07 18:56:18, 3] smbd/process.c:chain_reply(1005)
  Chained message
[2002/03/07 18:56:18, 3] smbd/process.c:switch_message(667)
  switch message SMBtconX (pid 27607)
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:set_sec_ctx(313)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] smbd/password.c:authorise_login(863)
  authorise_login: ACCEPTED: guest account and guest ok (nobody)
[2002/03/07 18:56:18, 3] smbd/service.c:make_connection(488)
  Connect path is /tmp
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:push_sec_ctx(281)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/03/07 18:56:18, 3] smbd/uid.c:push_conn_ctx(284)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:set_sec_ctx(313)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:pop_sec_ctx(420)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 3] lib/util_seaccess.c:se_access_check(244)
  se_access_check: user sid is
S-1-5-21-2813895522-917230546-2870367698-996
[2002/03/07 18:56:18, 3] lib/util_seaccess.c:se_access_check(247)
  se_access_check: also S-1-5-21-2813895522-917230546-2870367698-997
[2002/03/07 18:56:18, 3] lib/util_seaccess.c:se_access_check(247)
  se_access_check: also S-1-1-0
[2002/03/07 18:56:18, 3] lib/util_seaccess.c:se_access_check(247)
  se_access_check: also S-1-5-2
[2002/03/07 18:56:18, 3] lib/util_seaccess.c:se_access_check(247)
  se_access_check: also S-1-5-32-546
[2002/03/07 18:56:18, 3] smbd/vfs.c:vfs_init_default(99)
  Initialising default vfs hooks
[2002/03/07 18:56:18, 3] smbd/sec_ctx.c:set_sec_ctx(313)
  setting sec ctx (4294967294, 4294967294) - sec_ctx_stack_ndx = 0
[2002/03/07 18:56:18, 0] lib/util_sec.c:assert_gid(111)
  Failed to set gid privileges to (-1,-2) now set to (0,0) uid=(0,0)
[2002/03/07 18:56:18, 0] lib/util.c:smb_panic(1064)
  PANIC: failed to set gid

[2002/03/07 18:56:28, 3] smbd/oplock.c:init_oplocks(1184)
  open_oplock_ipc: opening loopback UDP socket.
[2002/03/07 18:56:28, 3] lib/util_sock.c:open_socket_in(798)
  bind succeeded on port 0
[2002/03/07 18:56:28, 3] smbd/oplock.c:init_oplocks(1214)
  open_oplock ipc: pid = 27608, global_oplock_port = 65215


I have a handfull of core files, all with the identical gdb listing:

This GDB was configured as "hppa2.0n-hp-hpux11.00"...
(no debugging symbols found)...
Core was generated by `smbd'.
Program terminated with signal 6, Aborted.

warning: The shared libraries were not privately mapped; setting a
breakpoint in a shared library will not work until you rerun the
program.

Reading symbols from /usr/lib/libgen.2...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libsec.2...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libm.2...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libnsl.1...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libxti.2...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libpam.1...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libc.2...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libdld.2...(no debugging symbols
found)...done.
Reading symbols from /usr/lib/libnss_files.1...(no debugging symbols
found)...
done.
Reading symbols from /usr/lib/libnss_dns.1...done.
#0  0xc01f45a0 in kill () from /usr/lib/libc.2
(gdb) backtrace
#0  0xc01f45a0 in kill () from /usr/lib/libc.2
#1  0xc0191948 in raise () from /usr/lib/libc.2
#2  0xc01d1f7c in abort_C () from /usr/lib/libc.2
#3  0xc01d1fd4 in abort () from /usr/lib/libc.2
#4  0x0010df70 in readdirname ()
#5  0x001126cc in assert_gid ()
#6  0x00112830 in set_effective_gid ()
#7  0x000485a0 in become_gid ()
#8  0x000485cc in become_id ()
#9  0x00048ef4 in set_sec_ctx ()
#10 0x00041770 in change_to_user ()
#11 0x0005380c in make_connection ()
#12 0x0002c080 in reply_tcon_and_X ()
#13 0x00051348 in switch_message ()
#14 0x00051b48 in chain_reply ()
#15 0x0002dcb4 in reply_sesssetup_and_X ()
#16 0x00051348 in switch_message ()
#17 0x00051438 in construct_reply ()
#18 0x00051758 in process_smb ()
#19 0x0005226c in smbd_process ()
#20 0x0000db0c in main ()
(gdb) quit

These log/core listings are from samba version 2.2.3a
Please help!

Paul Orwig
Pacific Life

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list