Web lists-archives.com

Re: [Samba] samba-tool domain classicupgrade smb_krb5_context_init_basic failed (Invalid argument)




On 15/02/17 14:40, Tom Robinson via samba wrote:
> On 13/02/17 10:18, Andrew Bartlett via samba wrote:
>> On Mon, 2017-02-13 at 10:00 +1100, Tom Robinson via samba wrote:
>>> On 12/02/17 03:13, Rowland Penny via samba wrote:
>>>> On Fri, 10 Feb 2017 12:34:23 +1100
>>>> Tom Robinson via samba <samba@xxxxxxxxxxxxxxx> wrote:
>>>>
>>>>> I've grabbed samba 4.5.4 and customised an existing rpm spec
>>>>> file.
>>>>> Still some issues there.
>>>>>
>>>>> What replaces '--with-aio-support' in the configuration step now?
>>>>>
>>>> As far as I can see, nothing, see the 4.4.0 release notes here:
>>>>
>>>> https://www.samba.org/samba/history/samba-4.4.0.html
>>>>
>>>> Rowland
>>>>
>>> Thanks Rowland.
>>>
>>> Working through this build a few things have come up. The next is:
>>>
>>> pam_smbpasswd
>>>
>>> which appeared in the source (samba-4.3.13/source3/pam_smbpass) until
>>> samba-4.3.13 but I don't see
>>> any recognisable notes about the change not to including it after
>>> that.
>>>
>>> Any clues?
>> I'm sorry about the poor notice.  It looks like I failed to ensure this
>> was mentioned in the WHATSNEW:
>>
>> commit 3c00e8d76a2ef6194a8ce522c15853e5b8e9262b
>> Author: Andrew Bartlett <abartlet@xxxxxxxxx>
>> Date:   Sat Oct 10 08:45:41 2015 +1300
>>
>>     pam_smbpass: REMOVE this PAM module
>>     
>>     This pam module causes GPLv3, thread-unsafe Samba code to be directly loaded
>>     into the address space of many system services.  The code in question was not
>>     expected to run in this context, and while using the Samba, rather than the system
>>     password file is a admirable goal, this needs to be done over inter-process
>>     communication, such as is done by pam_winbind.
>>     
>>     pam_winbind is not a total replacement, as the migrate functionality used
>>     to keep the Samba password up to date with the system password is not
>>     present, but otherwise can provide essentially the same services.
>>     
>>     Andrew Bartlett
>>     
>>     Signed-off-by: Andrew Bartlett <abartlet@xxxxxxxxx>
>>     Reviewed-by: Jeremy Allison <jra@xxxxxxxxx>
>>
>> Sorry,
> No Worries, sorted now.
>
> My next concern is codepages. The latest source (I've moved to 4.5.5 now) doesn't have any
> codepages. The RPM spec file I'm customising lists and wants to install them here:
>
> /usr/share/samba/codepages
> /usr/share/samba/codepages/lowcase.dat
> /usr/share/samba/codepages/upcase.dat
> /usr/share/samba/codepages/valid.dat
>
> Are there still codepages to be packaged?
>
Still unsure about the codepages but I have managed to package samba 4.5.5.

I've installed my packaged samba 4.5.5 on CentOS 7 and tried the upgrade again.
Running the 'samba-tool domain classicupgrade' again fails with a silent SIGSEGV.

#  samba-tool domain classicupgrade --verbose --debuglevel=0 --dbdir /var/lib/samba/bentley
--use-xattrs=yes --realm=mrc.motec.com.au --dns-backend=BIND9_DLZ /etc/samba/smb.bentley.conf 2>&1 |
tee /tmp/out9
Reading smb.conf
Provisioning
Exporting account policy
Exporting groups
Ignoring group 'Administrators' S-1-5-32-544 listed but then not found: Unable to enumerate members
for alias, (-1073741487,The specified local group does not exist.)
Ignoring group 'Account Operators' S-1-5-32-548 listed but then not found: Unable to enumerate
members for alias, (-1073741487,The specified local group does not exist.)
Ignoring group 'Print Operators' S-1-5-32-550 listed but then not found: Unable to enumerate members
for alias, (-1073741487,The specified local group does not exist.)
Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not found: Unable to enumerate
members for alias, (-1073741487,The specified local group does not exist.)
Ignoring group 'Replicators' S-1-5-32-552 listed but then not found: Unable to enumerate members for
alias, (-1073741487,The specified local group does not exist.)
Exporting users
  Skipping wellknown rid=500 (for username=root)
Next rid = 13001

SIGSEGV only shows when I use strace:

# strace samba-tool domain classicupgrade --verbose --debuglevel=0 --dbdir /var/lib/samba/bentley
--use-xattrs=yes --realm=mrc.motec.com.au --dns-backend=BIND9_DLZ /etc/samba/smb.bentley.conf 2>&1 |
tee /tmp/out10

# grep -e Next -e open -e SIGSEGV /tmp/out10
---8<--*snip*---8<---
open("/var/cache/samba/login_cache.tdb", O_RDWR|O_CREAT, 0644) = 10
write(2, "Next rid = 13001\n", 17Next rid = 13001
open("/root/.krb5/config", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("/etc/krb5.conf", O_RDONLY)        = 11
open("/etc/samba/krb5.conf", O_RDONLY)  = -1 ENOENT (No such file or directory)
open("/root/.krb5/config", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("/etc/krb5.conf", O_RDONLY)        = 11
open("/tmp/krb5cc_0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib64/samba/ldb", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/acl.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/libdsdb-module-samba4.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/aclread.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/anr.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/asq.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/descriptor.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/dirsync.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/dns_notify.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/dsdb_notification.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/extended_dn_in.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/extended_dn_out.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/extended_dn_store.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/ildap.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/instancetype.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/lazy_commit.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/ldbsamba_extensions.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/libpopt-samba4.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/linked_attributes.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/local_password.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/new_partition.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/objectclass.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/objectclass_attrs.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/objectguid.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/operational.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/paged_results.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/paged_searches.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/partition.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/password_hash.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/libgpgme.so.11", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 11
open("/lib64/libgpgme.so.11", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/libassuan.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib64/libassuan.so.0", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/ranged_results.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/rdn_name.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/repl_meta_data.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/resolve_oids.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/rootdse.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/samba3sam.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/samba3sid.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/samba_dsdb.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/samba_secrets.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/samldb.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/sample.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/schema_data.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/schema_load.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/secrets_tdb_sync.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/server_sort.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/show_deleted.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/simple_dn.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/simple_ldap_map.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/skel.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/subtree_delete.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/subtree_rename.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/tdb.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/tombstone_reanimate.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/update_keytab.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/vlv.so", O_RDONLY|O_CLOEXEC) = 11
open("/usr/lib64/samba/ldb/wins_ldb.so", O_RDONLY|O_CLOEXEC) = 11
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x8} ---
+++ killed by SIGSEGV +++

# tail -16 /tmp/out10
open("/usr/lib64/samba/ldb/wins_ldb.so", O_RDONLY|O_CLOEXEC) = 11
read(11, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\r\0\0\0\0\0\0"..., 832) = 832
fstat(11, {st_mode=S_IFREG|0755, st_size=10912, ...}) = 0
mmap(NULL, 2105352, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 11, 0) = 0x7ffb12cf4000
mprotect(0x7ffb12cf6000, 2093056, PROT_NONE) = 0
mmap(0x7ffb12ef5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 11, 0x1000) =
0x7ffb12ef5000
mmap(0x7ffb12ef6000, 8, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) =
0x7ffb12ef6000
close(11)                               = 0
mprotect(0x7ffb12ef5000, 4096, PROT_READ) = 0
epoll_create(64)                        = 11
fcntl(11, F_GETFD)                      = 0
fcntl(11, F_SETFD, FD_CLOEXEC)          = 0
stat("/usr/lib64/samba/ldb", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
stat("/usr/lib64/samba/ldb", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x8} ---
+++ killed by SIGSEGV +++





Attachment: signature.asc
Description: OpenPGP digital signature

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba