** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal unlinked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC,
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal unlinked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC,
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal unlinked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC,
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal unlinked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC,
This bug was fixed in the package samba - 2:4.7.6+dfsg~ubuntu-0ubuntu2
---
samba (2:4.7.6+dfsg~ubuntu-0ubuntu2) bionic; urgency=medium
* debian/patches/passdb_dont_return_ok_if_pinfo_not_filled.patch:
[PATCH] s3:passdb: Do not return OK if we don't have pinfo filled.
Thanks
For the release team: this fixes a crash bug, but in a not very common
scenario: domain was joined via sssd and not samba's net join command,
and the config tells samba to look first at the secrets database which
is only populated via net join.
The MP at
https://code.launchpad.net/~ahasenack/ubunt
** Merge proposal unlinked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/343606
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC,
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/343614
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/343612
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/343606
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, I
** Changed in: samba (Ubuntu)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: samba (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net
after adding cifs/ entries on Windows DC to the machine account with
setspn there are no cifs/ entries in local keytab file what "net ads
join" alternatively has added and samba shares still are accessible.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is su
> Above when you said "it works" after trying "net ads join", did you
mean just the join, or that samba started to authenticate domain users
normally?
After additionally trying "net ads join" samba started to authenticate
domain users normally. I can access a shared directory with a domain
user wi
After a lot of experimentation, I got my samba server, with "security =
ads" but no winbind and no "net ads join" command, to authenticate an AD
user using kerberos.
What nailed it was to use setspn on the windows side to add
cifs/ to the computer account, like this (for a "bionic-sssd"
computer a
Packages from https://launchpad.net/~ahasenack/+archive/ubuntu/samba-
kerberos-method-1761737 have the patch and fix the crash test case.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
I have it building in a ppa and will try shortly
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, INTERNAL ERROR: Signal 11
To manage notifications about this bug
Can someone try what happens with
https://attachments.samba.org/attachment.cgi?id=14155
together with "kerberos method = secrets and keytab"?
I'd guess it should behave like "system keytab" or "dedicated keytab",
but it would be good to have this verified.
--
You received this bug notification
The "kerberos method" options that were tried are in
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1761737/comments/16.
There is no crash when it's set to "system keytab" or "dedicated keytab"
plus pointing the keytab at /etc/krb5.keytab
--
You received this bug notification because you ar
I just noticed https://bugzilla.samba.org/show_bug.cgi?id=13376 and closed
https://bugzilla.samba.org/show_bug.cgi?id=13393 again...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bio
This is https://bugzilla.samba.org/show_bug.cgi?id=13393
Does changing 'secrets and keytab' to 'keytab' help?
** Bug watch added: Samba Bugzilla #13393
https://bugzilla.samba.org/show_bug.cgi?id=13393
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is sub
(sorry if I'm telling you something you already know: the text below is
also for my own benefit and thought process)
Joining a domain means basically creating a computer account in the AD.
That is what allows the computer to query the domain for information
like usernames, uid numbers, and even au
> a) Samba as a standalone server, but using kerberos for
authentication. The users will exist "locally" via sssd, and samba will
be just like any other kerberized service authenticating the users via
the kdc. For that it will need an appropriate service key in
/etc/krb5.keytab. I think realm (the
Ok
The smb.conf(5) manpage does state that for "security = ads" or "server
role = member server" to work, the machine must have been joined to the
domain via "net ads join". This is what creates the necessary secrets in
the local secrets tdb database.
My hypothesis is that there was a change in 4
a)
security = ADS
kerberos method = system keytab
no smb crash, but I cannot authenticate with AD users:
SPNEGO login failed: NT_STATUS_NO_LOGON_SERVERS
b)
security = ADS
kerberos method = dedicated keytab
dedicated keytab file = /etc/krb5.keytab
same as in a)
c)
security = ADS
What happens in terms of accessing the share in the 18.04 server when
you use these settings:
a)
kerberos method = system keytab
b)
kerberos method = dedicated keytab
dedicated keytab file = /etc/krb5.keytab
c) kerberos method = default
--
You received this bug notification because you are a m
> Ok, so to summarize:
> - sssd is providing user and groups from AD (via /etc/nsswitch.conf)
> - realmd was used to join the machine to AD for the above
> - local user authentication is done via pam_sss and using kerberos. Shell
> users get a ticket upon login
> - samba is not using winbind
that
Ok, so to summarize:
- sssd is providing user and groups from AD (via /etc/nsswitch.conf)
- realmd was used to join the machine to AD for the above
- local user authentication is done via pam_sss and using kerberos. Shell users
get a ticket upon login
- samba is not using winbind
I have a feeling
Do I really have to rejoin the client to AD after changing samba security to
ADS? I'm not using samba "net join" and no winbind for AD binding. I've created
the AD machine account with realm and I'm using sssd for authentication to AD
DC.
BTW "realm" changed my "security = ADS" in smb.conf to "
After changing security to ADS, did you join the realm/domain again? You
might have some incorrect local databases. Can you start fresh with
4.7.6 on this box?
Also, even on a fresh 4.7.6, I couldn't get "kerberos method = secrets
and keytab" to work without crashing, that's the samba bug I filed
> The smb.conf file for the 18.04 box shows it as being a standalone
server, not a domain member. Is that expected? Are you managing its
users locally via smbpasswd?
After uploading I noticed that too. No it is not intended. I changed it
to
security = ADS
again and added same settings as in 1
** Bug watch added: Samba Bugzilla #13376
https://bugzilla.samba.org/show_bug.cgi?id=13376
** Also affects: samba via
https://bugzilla.samba.org/show_bug.cgi?id=13376
Importance: Unknown
Status: Unknown
** Changed in: samba (Ubuntu)
Status: Incomplete => Triaged
** Changed
Can you elaborate on how this 18.04 machine is supposed to authenticate
users and give them access or not to a share, since it's not part of the
AD realm, at least according to smb.conf? In the meantime I'll check
with upstream.
--
You received this bug notification because you are a member of Ub
Ok, I can reproduce this with a simple "smbclient -L localhost -N" and
this smb.conf:
[global]
dns proxy = No
domain master = No
kerberos method = secrets and keytab
local master = No
log file = /var/log/samba/log.%m
map to guest = Bad User
Was this 18.04 box a fresh install of samba 4.7.6, or did you at some
point have 4.7.4 or earlier and upgrade?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1761737
Title:
[bionic] samba PANIC, INTE
The smb.conf file for the 18.04 box shows it as being a standalone
server, not a domain member. Is that expected? Are you managing its
users locally via smbpasswd?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.
Trying to access a share on 18.04 with smbclient from 17.10 lets smbd crash too.
The other way round is working - Accessing a share on 17.10 with 18.04 and
smbclient shows me the shared folder content.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscr
smb.conf (18.04) where smbd crashes after a client accesses its share
all our clients should have equal or similar smbd settings
** Attachment added: "smb.conf.18.04"
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1761737/+attachment/5108838/+files/smb.conf.18.04
--
You received this
smb.conf (Ubuntu 17.10) where smb share is working and not crashing smbd if
another client accesses this share.
That 17.10 client for example accesses 18.04 where smbd crashes afterwards.
** Attachment added: "smb.conf.17.10"
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1761737/+attac
crash file on 18.04 when accessing smb share with 17.10
** Attachment added: "_usr_sbin_smbd.0.crash"
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1761737/+attachment/5108823/+files/_usr_sbin_smbd.0.crash
--
You received this bug notification because you are a member of Ubuntu
Bugs,
44 matches
Mail list logo
