Thomas Fleischmann
2007-Jan-05 09:13 UTC
[Samba] troubles with telnet sessions under Solaris8 as AD member with winbind V3.0.23d
Hi guys, I've a problem with telnet sessions under Solaris 8 with samba 3.0.23d winbind. If I have the winbind authorization active for telnet in my pam.conf I got a kick out of the system after exactly 300 sec, no mather if I do or do not activity on the telnet session. The same behavior is for AD and for local users. I've trussed a telnet session a the only thing I see is that my process is killed with a signal 14 (SIGALRM). Do anybody have an idea from where the kick out of the system is coming? Any other Samba Parts are running fine: net ads testjoin -> OK net ads info -> OK net ads status -Uxxx -> OK net ads user -Uxxx -> OK getent passwd, group -> OK all shares can be accessed as wanted by the AD users all ACL's of the AD are working Here are the relevant parts from the trussed telnet session 19091: getgid() = 10513 [6] 19091: getgid() = 10513 [6] 19091: setegid(10513) = 0 19091: open("/var/mail/fleischm", O_RDONLY) Err#2 ENOENT 19091: setegid(6) = 0 19091: lstat64("", 0xFFBEF888) Err#2 ENOENT 19091: llseek(0, 0, SEEK_CUR) = 140 19091: _exit(1) 19083: waitid(P_PID, 19091, 0xFFBEF660, WEXITED|WTRAPPED|WNOWAIT) = 0 19083: ioctl(0, TIOCGPGRP, 0xFFBEF61C) = 0 19083: ioctl(0, TCGETS, 0x000391C0) = 0 19083: waitid(P_PID, 19091, 0xFFBEF660, WEXITED|WTRAPPED) = 0 19083: brk(0x0003B118) = 0 19083: brk(0x0003AF18) = 0 ...skipping... 19083: Received signal #14, SIGALRM, in read() [caught] 19083: read(0, 0x000394E0, 128) Err#4 EINTR 19083: sigfillset(0xFF3428D0) = 0 19083: sigprocmask(SIG_UNBLOCK, 0xFFBEF738, 0x00000000) = 0 19083: sigaction(SIGALRM, 0xFFBEF618, 0xFFBEF698) = 0 19083: kill(19083, SIGALRM) = 0 19083: Received signal #14, SIGALRM [default] 19083: siginfo: SIGALRM pid=19083 uid=36237 19083: *** process killed *** 19080: Received signal #18, SIGCLD, in poll() [caught] 19080: siginfo: SIGCLD CLD_KILLED pid=19083 status=0x000E 19080: poll(0xFFBEF558, 1, -1) Err#4 EINTR 19080: sigaction(SIGCLD, 0xFFBEEEB0, 0xFFBEEF30) = 0 19080: open("/var/adm/utmpx", O_RDWR|O_CREAT, 0644) = 7 19080: open("/var/adm/utmpx", O_RDWR) = 8 19080: fstat64(8, 0xFFBEED58) = 0 19080: ioctl(8, TCGETA, 0xFFBEECE4) Err#25 ENOTTY 19080: read(8, "\0\0\0\0\0\0\0\0\0\0\0\0".., 8192) = 6696 19080: open("/etc/pam_debug", O_RDONLY) Err#2 ENOENT 19080: stat64("/etc/pam.conf", 0xFFBEEDF8) = 0 19080: open("/etc/pam.conf", O_RDONLY) = 9 19080: mmap(0x00000000, 3769, PROT_READ, MAP_PRIVATE, 9, 0) = 0xFF1E0000 19080: munmap(0xFF1E0000, 3769) = 0 19080: close(9) = 0 19080: stat64("/usr/lib/security/pam_unix_session.so.1", 0xFFBEEE00) = 0 19080: stat("/usr/lib/security/pam_unix_session.so.1", 0xFFBEE930) = 0 19080: resolvepath("/usr/lib/security/pam_unix_session.so.1", "/usr/lib/securit y/pam_unix_session.so.1", 1023) = 39 19080: open("/usr/lib/security/pam_unix_session.so.1", O_RDONLY) = 9 19080: mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 9, 0) 0xFF1E0 000 19080: mmap(0x00000000, 81920, PROT_NONE, MAP_PRIVATE|MAP_NORESERVE|MAP_ANON, - 1, 0) = 0xFF0C0000 19080: mmap(0xFF0C0000, 3782, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 9, 0) = 0xFF0C0000 19080: mmap(0xFF0D2000, 1796, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_F IXED, 9, 8192) = 0xFF0D2000 19080: munmap(0xFF0C2000, 65536) = 0 19080: memcntl(0xFF0C0000, 2616, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0 19080: close(9) = 0 19080: munmap(0xFF1E0000, 8192) = 0 19080: stat64("/usr/local/lib/security/pam_winbind.so.1", 0xFFBEEE00) = 0 19080: stat("/usr/local/lib/security/pam_winbind.so.1", 0xFFBEE930) = 0 19080: resolvepath("/usr/local/lib/security/pam_winbind.so.1", "/usr/local/lib/ security/pam_winbind.so", 1023) = 38 19080: open("/usr/local/lib/security/pam_winbind.so.1", O_RDONLY) = 9 19080: mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 9, 0) 0xFF1E0 000 19080: mmap(0xFF0C0000, 114688, PROT_NONE, MAP_PRIVATE|MAP_NORESERVE|MAP_ANON, -1, 0) = 0xFF0A0000 19080: mmap(0xFF0A0000, 39594, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 9, 0 ) = 0xFF0A0000 19080: mmap(0xFF0B8000, 9156, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_F IXED, 9, 32768) = 0xFF0B8000 19080: munmap(0xFF0AA000, 57344) = 0 19080: memcntl(0xFF0A0000, 9180, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0 19080: close(9) = 0 19080: stat("/lib/libthread.so.1", 0xFFBEE7F8) = 0 19080: resolvepath("/lib/libthread.so.1", "/usr/lib/libthread.so.1", 1023) = 23 19080: open("/lib/libthread.so.1", O_RDONLY) = 9 19080: mmap(0xFF1E0000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 9, 0) = 0xFF1E0000 19080: mmap(0x2C9EFD28, 237568, PROT_NONE, MAP_PRIVATE|MAP_NORESERVE|MAP_ANON, -1, 0) = 0xFF060000 19080: mmap(0xFF060000, 114192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 9, 0) = 0xFF060000 19080: mmap(0xFF08C000, 6596, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_F IXED, 9, 114688) = 0xFF08C000 19080: mmap(0xFF08E000, 45624, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ FIXED|MAP_ANON, -1, 0) = 0xFF08E000 19080: munmap(0xFF07C000, 65536) = 0 bash-2.03# less /var/tmp/truss.telnetd 19080: execve("/usr/sbin/in.telnetd", 0xFFBEFD34, 0xFFBEFD3C) argc = 1 19080: resolvepath("/usr/lib/ld.so.1", "/usr/lib/ld.so.1", 1023) = 16 19080: open("/var/ld/ld.config", O_RDONLY) = 3 19080: fstat(3, 0xFFBEF590) = 0 19080: mmap(0x00000000, 5404, PROT_READ, MAP_SHARED, 3, 0) = 0xFF390000 19080: close(3) = 0 19080: stat("/lib/libdl.so.1", 0xFFBEF618) = 0 19080: resolvepath("/lib/libdl.so.1", "/usr/lib/libdl.so.1", 1023) = 19 19080: open("/lib/libdl.so.1", O_RDONLY) = 3 19080: mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) 0xFF380 000 19080: mmap(0x17C05A50, 8192, PROT_NONE, MAP_PRIVATE|MAP_NORESERVE|MAP_ANON, -1 , 0) = 0xFF370000 19080: mmap(0xFF370000, 2302, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_F IXED, 3, 0) = 0xFF370000 19080: close(3) = 0 the complete file is under http://www.itl-net.at/download/truss.telnetd the relevant parts for telnet from my /etc/pam.conf are: other auth requisite pam_authtok_get.so.1 other auth sufficient pam_dhkeys.so.1 other auth sufficient pam_unix_auth.so.1 other auth sufficient /usr/local/lib/security/pam_winbind.so.1 try_first_pass debug other account requisite pam_roles.so.1 other account sufficient pam_projects.so.1 other account sufficient pam_unix_account.so.1 other account sufficient /usr/local/lib/security/pam_winbind.so.1 debug other session sufficient pam_unix_session.so.1 debug other session sufficient /usr/local/lib/security/pam_winbind.so.1 debug other password required pam_dhkeys.so.1 other password requisite pam_authtok_get.so.1 other password requisite pam_authtok_check.so.1 other password required pam_authtok_store.so.1 other password sufficient /usr/local/lib/security/pam_winbind.so.1 telnet auth requisite pam_authtok_get.so.1 telnet auth sufficient pam_dhkeys.so.1 telnet auth sufficient pam_unix_auth.so.1 telnet auth sufficient /usr/local/lib/security/pam_winbind.so.1 try_first_pass debug regards __tom -- Ing. Thomas Fleischmann Sterngasse 14, 2483 Ebreichsdorf/Austria tel: +43 2254 72333; mobil: +43 664 4538672