Tukaram Laxmeshwar
2008-Aug-23 08:43 UTC
[Samba] Question on : Winbindd dumps core in find_builtin_domain () at nsswitch/winbindd_util.c:673
We are seeing winbindd dumping core in find_builtin_domain () at nsswitch/winbindd_util.c:673. We have analyzed the core and found that when there are no built domains it sends smb_panic(). Looking in to the built domain we found that the built domain is being overwritten. Following is the stack trace from the system, #0 0xb7cb8866 in raise () from /lib/libc.so.6 #1 0xb7cb9f23 in abort () from /lib/libc.so.6 #2 0x800b20ca in dump_core () at lib/fault.c:184 #3 0x800c68f8 in smb_panic (why=0x801ccb80 "Could not find BUILTIN domain\n") at lib/util.c:1618 #4 0x80042750 in find_builtin_domain () at nsswitch/winbindd_util.c:673 #5 0x8006af52 in winbindd_gettoken_async (mem_ctx=0x80236000, user_sid=0x8024caa0, cont=0x8003cb90 <getgroups_tokensids_recv>, private_data=0x8024ca90) at nsswitch/winbindd_async.c:1049 #6 0x8003ca89 in getgroups_usersid_recv (private_data=0x8024ca90, success=1, sid=0xbfd177a8, type=SID_NAME_USER) at nsswitch/winbindd_group.c:1203 #7 0x8006885f in lookupname_recv (mem_ctx=0x80236000, success=1, response=0x802bb9fc, c=0x8003ca10, private_data=0x8024ca90) at nsswitch/winbindd_async.c:664 #8 0x800677b7 in do_async_recv (private_data=0x802bb2a8, success=1) at nsswitch/winbindd_async.c:57 #9 0x80065942 in async_reply_recv (private_data=0x802a8770, success=1) at nsswitch/winbindd_dual.c:211 #10 0x80039808 in rw_callback (event=0x802a97bc, flags=1) at nsswitch/winbindd.c:376 #11 0x80038c9d in main (argc=1140850688, argv=0x3400000b) at nsswitch/winbindd.c:810 We code changes to fix this issue and verified that it is not dumping any more. Following is the patch , --- nsswitch/winbindd_cm.c.old 2008-05-15 13:22:13.000000000 +0530 +++ nsswitch/winbindd_cm.c 2008-05-15 13:21:55.000000000 +0530 @@ -1691,6 +1691,10 @@ return; } + if (sid_equal(&domain->sid, &global_sid_Builtin)) { + domain->active_directory = False; + goto done; + } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); Can anybody tell me if this has been fixed in any of the recent patches ? Thanks, Tukaram
Volker Lendecke
2008-Aug-25 08:23 UTC
[Samba] Question on : Winbindd dumps core in find_builtin_domain () at nsswitch/winbindd_util.c:673
On Sat, Aug 23, 2008 at 02:49:25AM -0600, Tukaram Laxmeshwar wrote:> We code changes to fix this issue and verified that it is not dumping any more. > Following is the patch , > --- nsswitch/winbindd_cm.c.old 2008-05-15 13:22:13.000000000 +0530 > +++ nsswitch/winbindd_cm.c 2008-05-15 13:21:55.000000000 +0530 > @@ -1691,6 +1691,10 @@ > return; > } > > + if (sid_equal(&domain->sid, &global_sid_Builtin)) { > + domain->active_directory = False; > + goto done; > + } > result = rpccli_lsa_open_policy2(cli, mem_ctx, True, > SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); > > Can anybody tell me if this has been fixed in any of the recent patches ?No, very likely that is not changed. Your patch might fix it, but to me it seems the wrong place to fix. For S-1-5-32 we should *never* end up in that routine. How does winbind get there? For internal domains we should never connect to the network. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20080825/5a42ae3e/attachment.bin
Har Gagan Sahai
2008-Sep-02 11:48 UTC
[Samba] Question on : Winbindd dumps core in find_builtin_domain() at nsswitch/winbindd_util.c:673
Hi Volker, This is happening in our specific Active Directory setup. It is reaching this path finally and overwriting the builtin domain. This is causing the dump later. We have a bug raised in Novell on this issue (bug #292609, not sure whether you will be able to access this.). regards, Har Gagan Sahai>>> Volker Lendecke <Volker.Lendecke@SerNet.DE> 08/25/08 1:56 PM >>>On Sat, Aug 23, 2008 at 02:49:25AM -0600, Tukaram Laxmeshwar wrote:> We code changes to fix this issue and verified that it is not dumping any more. > Following is the patch , > --- nsswitch/winbindd_cm.c.old 2008-05-15 13:22:13.000000000 +0530 > +++ nsswitch/winbindd_cm.c 2008-05-15 13:21:55.000000000 +0530 > @@ -1691,6 +1691,10 @@ > return; > } > > + if (sid_equal(&domain->sid, &global_sid_Builtin)) { > + domain->active_directory = False; > + goto done; > + } > result = rpccli_lsa_open_policy2(cli, mem_ctx, True, > SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); > > Can anybody tell me if this has been fixed in any of the recent patches ?No, very likely that is not changed. Your patch might fix it, but to me it seems the wrong place to fix. For S-1-5-32 we should *never* end up in that routine. How does winbind get there? For internal domains we should never connect to the network. Volker