[Samba] Re: Winbind broken after 2.2.8 upgrade
swright at sls.bc.ca
Thu Mar 27 00:11:13 GMT 2003
Ok, stupid me. Somehow I missed updating /lib/libnss_winbind.so on both
these machines. Presumably this would have also caused corruption of the
Since winbind is now installed with a "make install", would it not be a good
idea to also install libnss_winbind.so also? Or at least provide some version
checking in winbind so that it will fail to start and report an error if it
encounters the wrong version of libnss_winbind.so?
It seems that the idmap file is a very weak link in samba right now, so every
effort should be made to prevent corruption during upgrades, etc.
In our case, I was able to re-apply acls for 400 users, but quota information
for a large shared file volume was lost, as I could not re-map the ids, and
had to reset file ownerships to avoid users having incorrect quota
On 25 Mar 2003 at 10:32, samba at lists.samba.org wrote:
> I have just upgraded two of our samba boxes to 2.2.8 and ended up with
> partially broken winbind after the upgrade. The machines are slightly
> different, and so are the symptoms, so here goes:
> System 1: Was at 2.2.3 compiled from source Feb4/02, using options:
> "./configure --with-winbind --with-acl-support --with-quotas". Running on
> RedHat 7.2, installed from SGI's XFS installer to enable ACLs and quotas
> with samba on XFS filesystems. System running fine in production for ~500
> NT domain users for the past 8 months. All users are on NT domain, using
> winbind from user lookups.
> After upgrade to 2.2.8, I see the following:
> getent passwd shows only local users, no domain users
> wbinfo -u and -g report domain users & groups normally
> users connecting to smb shares appear as "root" in smbstatus (!)
> a nobody share appears browsing the system from an NT box.
> As this is a production system, I've had to revert to 2.2.3 so further testing
> may be difficult at this time.
> System #2 is a fresh install of RedHat 8 using the SGI XFS installer v1.2,
> and had the stock samba 2.2.5 rpm installed, over which I compiled and
> installed 2.2.8. Config is essentially the same as system #1 otherwise.
> (smb.conf shown at end of message)
> This time, wbinfo -t, -u, -g all work as expected.
> getent passwd shows local users, then a list of domain user IDs in the
> format: (where 106xx is the id)
> getent group shows a corrupted group listing as follows, "webalizer" is the
> last entry in /etc/group, and the correct domain name is "SHAWNIGAN -
> notice it is mangled in various places:
> hHAWNIGAN+AP French:aminx:1280532334:À«
> Here is what the above should look like (and does on the other box running
> SHAWNIGAN+AP French:x:10023:
Shawn Wright, Systems Manager
Shawnigan Lake School
swright at sls.bc.ca
More information about the samba