[Samba] Upgrading from Samba 4.0.1 to 4.1.6
jwaters at h2os.com
Fri Mar 14 09:53:39 MDT 2014
Great I will try that tonight. Thank you for the help! I will make
sure I let you know if that fixed it or not.
On Fri, Mar 14, 2014 at 11:50 AM, Marc Muehlfeld <samba at marc-muehlfeld.de>wrote:
> Hello Jason
> Am 14.03.2014 16:18, schrieb Jason Waters:
> Took a quick look in /usr/local/samba/var/samba.log and saw the ldap
> I guess you hit this fix:
> In setups which provide ldap(s) and/or https services, the private
> key for SSL/TLS encryption might be world readable. This typically
> happens in active directory domain controller setups.
> You would have this in your logs, then:
> [2014/01/29 20:19:14.836873, 0, pid=4311] ../lib/util/util.c:161(file_
> invalid permissions on file '/usr/local/samba/private/tls/key.pem': has
> 0644 should be 0600
> [2014/01/29 20:19:14.843206, 0, pid=4311] ../source4/lib/tls/tls_
> Invalid permissions on TLS private key file
> owner uid 0 should be 0, mode 0644 should be 0600
> This is known as CVE-2013-4476.
> Removing all tls .pem files will cause an auto-regeneration with the
> correct permissions.
> This is about the TLS keys for LDAP encryption. Remove the key files and
> restart Samba.
> I've added this to the Wiki page, too, as we often had this problem on the
> list in the past:
More information about the samba