HEADS UP - samba 3.0.30 winbindd broken

Schweigert, Udo CERT Udo.Schweigert at siemens.com
Fri Jul 18 07:26:38 UTC 2008 

On Fri, Jul 18, 2008 at 14:38:40 +1000, John Marshall wrote:
> On Wed, 09 Jul 2008, 20:56 +1000, John Marshall wrote:
> > HEADS UP if you are thinking of upgrading net/samba3 to 3.0.30 in an Active
> > Directory environment.
> > 
> > I have recently upgraded from 3.0.28a to 3.0.30 on a couple of FreeBSD 7.0
> > servers: one is a member server in a Windows 2000 Active Directory
> > environment, and the other is a member server in a Windows 2003 Active
> > Directory environment.  Everything works for a while and then winbindd goes
> > into sulking mode.  Re-starting fixes everythng for a little while.
> 
> As Johan implied, this specific problem was fixed in 3.0.31 which was
> released by the Samba team last Friday. I've been keeping a close eye on the
> net/samba3 port but no update yet, so...

The other possible solution is to apply this patch (as
files/patch-nsswitch_winbindd.c in the ports dir). It has been taken from the
samba bug-tracking system and I have been running a patched samba for some
days now without a problem (under 6.3-RELEASE and -STABLE).

--- nsswitch/winbindd.c.orig	2008-05-28 14:41:11.000000000 +0200
+++ nsswitch/winbindd.c	2008-07-16 13:26:22.000000000 +0200
@@ -117,14 +117,21 @@
 
 /* Handle the signal by unlinking socket and exiting */
 
-static void terminate(void)
+static void terminate(bool in_parent)
 {
-	pstring path;
-
-	/* Remove socket file */
-	pstr_sprintf(path, "%s/%s", 
-		 WINBINDD_SOCKET_DIR, WINBINDD_SOCKET_NAME);
-	unlink(path);
+	if (in_parent) {
+		/* When parent goes away we should
+		 * remove the socket file. Not so
+		 * when children terminate.
+		 */
+
+		pstring path;
+
+		/* Remove socket file */
+		pstr_sprintf(path, "%s/%s",
+			WINBINDD_SOCKET_DIR, WINBINDD_SOCKET_NAME);
+		unlink(path);
+	}
 
 	idmap_close();
 	
@@ -731,10 +738,10 @@
 }
 
 /* check if TERM has been received */
-void winbind_check_sigterm(void)
+void winbind_check_sigterm(bool in_parent)
 {
 	if (do_sigterm)
-		terminate();
+		terminate(in_parent);
 }
 
 /* Process incoming clients on listen_sock.  We use a tricky non-blocking,
@@ -901,7 +908,7 @@
 
 	/* Check signal handling things */
 
-	winbind_check_sigterm();
+	winbind_check_sigterm(true);
 	winbind_check_sighup();
 
 	if (do_sigusr2) {
--- nsswitch/winbindd_dual.c.orig	2008-05-28 14:41:11.000000000 +0200
+++ nsswitch/winbindd_dual.c	2008-07-16 13:25:53.000000000 +0200
@@ -1015,7 +1015,7 @@
 		main_loop_TALLOC_FREE();
 
 		/* check for signals */
-		winbind_check_sigterm();
+		winbind_check_sigterm(false);
 		winbind_check_sighup();
 
 		run_events(winbind_event_context(), 0, NULL, NULL);


Best regards
Udo Schweigert

Siemens AG
Corporate Technology
Information & Communication
Siemens CERT
Otto-Hahn-Ring 6
81730 München, Germany
Tel.: +49 89 636-42170
Fax: +49 89 636-41166
mailto:udo.schweigert at siemens.com

Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme;
Managing Board: Peter Loescher, Chairman, President and Chief Executive
Officer; Wolfgang Dehen, Heinrich Hiesinger, Joe Kaeser, Jim Reid-Anderson,
Hermann Requardt, Siegfried Russwurm, Peter Y. Solmssen
Registered offices: Berlin and Munich,
Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684
WEEE-Reg.-No. DE 23691322

More information about the freebsd-ports mailing list