samba - Aug 2004 - open_sockets_smbd: accept: Software caused connection abort

Sorry if this is an FAQ...I have seen reports of this problem on several 
mailing lists, but never a solution.

I have used Samba on Solaris for years, currently 2.2.1 on Solaris 
9.  Trying to upgrade to 3.0.6, with no luck on 2 different Solaris 9 
systems.  It compiles and installs OK, but clients can't connect.  Not only 
Win2k and XP PC's, but smbclient -L on the same machine can't connect. 
For
each failed attempt, log.smbd says:

[2004/08/25 02:51:48, 0] smbd/server.c:open_sockets_smbd(383)
   open_sockets_smbd: accept: Software caused connection abort

I'm using my same smb.conf file from 2.2.1.  It's basically the same as 
examples/smb.conf.default in the distribution, and substituting that exact 
file gives the same result.

One more weirdness:  each time a client fails to connect (as above), samba 
X's out the encrypted password for that user in my smbpasswd file.

Can anybody help?

TIA
Steve

Hi Steve,

>
>Sorry if this is an FAQ...I have seen reports of this problem on several 
>mailing lists, but never a solution.
>
>I have used Samba on Solaris for years, currently 2.2.1 on Solaris 
>9.  Trying to upgrade to 3.0.6, with no luck on 2 different Solaris 9 
>systems.  It compiles and installs OK, but clients can't connect.  Not
only
>Win2k and XP PC's, but smbclient -L on the same machine can't
connect.  For
>each failed attempt, log.smbd says:
Have you read all the release notes for all the intervening versions?

>
>[2004/08/25 02:51:48, 0] smbd/server.c:open_sockets_smbd(383)
>   open_sockets_smbd: accept: Software caused connection abort
Oh dear.
>
>One more weirdness:  each time a client fails to connect (as above), samba 
>X's out the encrypted password for that user in my smbpasswd file.
>
Ah ha!


Somewhere in the 3.x release series security was tightened up.  I'll bet
that the LCT for each of your users is 000000.  When Samba 3.0.6 finds
such an entry, it disables the user and wipes both their passwords.

I wrote the following one-liner:-

awk -F: '$3 !~ /XX/ && $6=="LCT-00000000" {print $1
":" $2 ":" $3 ":" $4 ":" $5
":LCT-00000010:"; next } {print }' smbpasswd.back | wc -l >
smbpasswd.LCT


which searched through my backup copy of the smbpasswd file and changed
the LCT.



The samba doco is at :-

  http://us4.samba.org/samba/ftp/WHATSNEW-3-0-6.txt

under "3.0.2" and "3.0.2a".

As I read it, the 3.0.2 release notes didn't make it anything like clear
enough how the security fix was implemented, and it was brutal.  The
3.0.2a release notes are not much better.  (They say that authentication
will fail, they don't say that the password will be wiped by smbd)


How did you get a load of LCT's that were 0?




                               Mac
          Assistant Systems Adminstrator @nibsc.ac.uk
                        dmccann@nibsc.ac.uk
   Work: +44 1707 641565          Everything else: +44 7956 237670 (anytime)