[Samba] nss_winbind problem
Sandu Mihai
mihai.sandu at epicrose.ro
Mon Sep 26 05:19:09 MDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well,
I think this is not the only time you guys ever seen that kind of mails.
First of all, I did checked all that is to be checked before writing to
list. wbinfo -u and wbinfo -g work flawless. Also wbinfo -a, so I can
authenticate without problems.
The setup is a normal trust setup where domain X (my domain) trusts
domain Y (another company).
I can reach their PDC, I can authenticate their users, the only thing I
can't do is to have them as local Unix users using nss_winbind.
I am running CentOS 5 with latest patches on, the following packets are
installed:
samba3x.x86_64 3.5.4-0.83.el5_7.2
installed
samba3x-client.x86_64 3.5.4-0.83.el5_7.2
installed
samba3x-common.x86_64 3.5.4-0.83.el5_7.2
installed
samba3x-doc.x86_64 3.5.4-0.83.el5_7.2
installed
samba3x-winbind.i386 3.5.4-0.83.el5_7.2
installed
samba3x-winbind.x86_64 3.5.4-0.83.el5_7.2
installed
I did also checked to see if there are any communication problems
between nss_winbind and the winbind daemon itself, using strace.
At this stage I noticed the messages exchanged over
/var/lib/samba/winbindd_privileged/pipe named pipe are diffrent.
wbinfo ask something and receives what he wants.
getent passwd asks something else and well, it gets nothing.
More than that, when running winbindd at log level 100, if I use wbinfo
I get a lot of chatter, when I use getent passwd I get nothing (even if
strace shows me that getent generates messages over the named pipe).
Bellow are the 2 straces. Hopefully this can shed some light over my
problem and even a fix.
I can conduct whatever tests you want, this is my BDC machine and
secondary FS so it is not that critical.
Best regards,
Sandu Mihai
strace wbinfo -u output:
getpid() = 3552
lstat("/var/run/winbindd", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
lstat("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
fcntl(3, F_GETFD) = 0
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/winbindd/pipe"...}, 110) = 0
select(4, [3], NULL, NULL, {0, 0}) = 0 (Timeout)
write(3,
"0\10\0\0\0\0\0\0\0\0\0\0\340\r\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2096)
= 2096
select(4, [3], NULL, NULL, {5, 0}) = 1 (in [3], left {5, 0})
read(3,
"\250\r\0\0\2\0\0\0\27\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 3496)
= 3496
select(4, [3], NULL, NULL, {0, 0}) = 0 (Timeout)
write(3,
"0\10\0\0000\0\0\0\0\0\0\0\340\r\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
2096) = 2096
select(4, [3], NULL, NULL, {5, 0}) = 1 (in [3], left {5, 0})
read(3,
"\313\r\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
3496) = 3496
select(4, [3], NULL, NULL, {5, 0}) = 1 (in [3], left {5, 0})
read(3, "/var/lib/samba/winbindd_privileg"..., 35) = 35
lstat("/var/lib/samba/winbindd_privileged", {st_mode=S_IFDIR|0750,
st_size=4096, ...}) = 0
lstat("/var/lib/samba/winbindd_privileged/pipe", {st_mode=S_IFSOCK|0777,
st_size=0, ...}) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 4
fcntl(4, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0
fcntl(4, F_GETFD) = 0
fcntl(4, F_SETFD, FD_CLOEXEC) = 0
connect(4, {sa_family=AF_FILE,
path="/var/lib/samba/winbindd_privileged/pipe"...}, 110) = 0
close(3) = 0
select(5, [4], NULL, NULL, {0, 0}) = 0 (Timeout)
write(4,
"0\10\0\0\22\0\0\0\0\0\0\0\340\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2096)
= 2096
select(5, [4], NULL, NULL, {5, 0}) = 1 (in [4], left {4, 996000})
read(4,
"\305*\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
3496) = 3496
select(5, [4], NULL, NULL, {5, 0}) = 1 (in [4], left {5, 0})
read(4, "root,nobody,mihai.sandu,catalin."..., 7453) = 7453
stat("/usr/lib64/samba/en_US.UTF-8.msg", 0x7fff1fd11810) = -1 ENOENT (No
such file or directory)
fstat(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x2b4e27dce000
write(1, "root\nnobody\nxxxx\nxxxx."..., 1024root
nobody
strace getent passwd output:
socket(PF_FILE, SOCK_STREAM, 0) = 5
fcntl(5, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(5, F_SETFL, O_RDWR|O_NONBLOCK) = 0
fcntl(5, F_GETFD) = 0
fcntl(5, F_SETFD, FD_CLOEXEC) = 0
connect(5, {sa_family=AF_FILE, path="/var/run/winbindd/pipe"...}, 110) = 0
select(6, [5], NULL, NULL, {0, 0}) = 0 (Timeout)
write(5,
"0\10\0\0\0\0\0\0\0\0\0\0\345\r\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2096)
= 2096
select(6, [5], NULL, NULL, {5, 0}) = 1 (in [5], left {5, 0})
read(5,
"\250\r\0\0\2\0\0\0\27\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 3496)
= 3496
select(6, [5], NULL, NULL, {0, 0}) = 0 (Timeout)
write(5,
"0\10\0\0000\0\0\0\0\0\0\0\345\r\0\0\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
2096) = 2096
select(6, [5], NULL, NULL, {5, 0}) = 1 (in [5], left {4, 999000})
read(5,
"\313\r\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
3496) = 3496
select(6, [5], NULL, NULL, {5, 0}) = 1 (in [5], left {5, 0})
read(5, "/var/lib/samba/winbindd_privileg"..., 35) = 35
lstat("/var/lib/samba/winbindd_privileged", {st_mode=S_IFDIR|0750,
st_size=4096, ...}) = 0
lstat("/var/lib/samba/winbindd_privileged/pipe", {st_mode=S_IFSOCK|0777,
st_size=0, ...}) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 6
fcntl(6, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(6, F_SETFL, O_RDWR|O_NONBLOCK) = 0
fcntl(6, F_GETFD) = 0
fcntl(6, F_SETFD, FD_CLOEXEC) = 0
connect(6, {sa_family=AF_FILE,
path="/var/lib/samba/winbindd_privileged/pipe"...}, 110) = 0
close(5) = 0
select(7, [6], NULL, NULL, {0, 0}) = 0 (Timeout)
write(6,
"0\10\0\0\7\0\0\0\0\0\0\0\345\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
2096) = 2096
select(7, [6], NULL, NULL, {5, 0}) = 1 (in [6], left {5, 0})
read(6,
"\250\r\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
3496) = 3496
select(7, [6], NULL, NULL, {0, 0}) = 0 (Timeout)
write(6,
"0\10\0\0\t\0\0\0\0\0\0\0\345\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
2096) = 2096
select(7, [6], NULL, NULL, {5, 0}) = 1 (in [6], left {4, 998000})
read(6,
"\250\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
3496) = 3496
close(3) = 0
munmap(0x2b9a11d20000, 4096) = 0
rt_sigaction(SIGPIPE, {0x1, [], SA_RESTORER, 0x2b9a0e41e2d0}, {SIG_DFL,
[], SA_RESTORER, 0x2b9a0e41e2d0}, 8) = 0
rt_sigaction(SIGPIPE, {SIG_DFL, [], SA_RESTORER, 0x2b9a0e41e2d0}, NULL,
8) = 0
select(7, [6], NULL, NULL, {0, 0}) = 0 (Timeout)
write(6,
"0\10\0\0\10\0\0\0\0\0\0\0\345\r\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2096)
= 2096
select(7, [6], NULL, NULL, {5, 0}) = 1 (in [6], left {5, 0})
read(6,
"\250\r\0\0\2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
3496) = 3496
write(1, "xx.xxx:/bin/false\nxxxxx$:*:"..., 44xxxxx:/bin/false
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOgF+oAAoJELXw04oLkAtVfM0H/0tle0SlVLuTOqE77MXMZtij
3Xo5zZBV8p1eV6nuelvS5J0VFFfBkr8cMv2jxI/JUyy4wEkU1W5jO9exMDCVC8kf
3QxRFn1EGqjAAIYG2ept3Xkm31ZosB5tNEV8kPCte0UasmmD3qEUCrunrQ57UIeO
wpUlyOX2EbbTJjiBG/xQxVDLAEx3Eh+yLMQOLVi/6fbTl5bnQ3XwXsjFJvR9uImq
f3JSAFnf88I1R8AEvcBT/ZZ6k9skKlB5OUm+1Mt00ysZfiboVLOqcqadsLeYdUnL
7QXley2VYOK+jxDEBd2nXMDxFbldwETTXM7q3c6jMEvwIFFm1Ebhi6ojJdHmIz4=
=1/Jp
-----END PGP SIGNATURE-----
More information about the samba
mailing list