Project

General

Profile

Actions

Bug #14998

open

smbd domain cache broken

Added by Toomas Soome 6 days ago. Updated 6 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Category:
smb - SMB server and client
Start date:
Due date:
% Done:

90%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:
racktop:BSR-12059

Description

After some changes of boot environment that apparently left the domain-join credentials unusable for access to our domain controller, I noticed some unusual log messages:
(in particular, "smb_domain_getinfo: no primary domain" is unexpected)

 
2022-08-24T14:26:48.000000+00:00 gwr-test1 smbd[624]: message repeated 2 times: [ [ID 931549 daemon.error] ndr_rpc_bind: smbrdr_ctx_new(Srv=SSSS Dom=DDDD User=UUUU), NETWORK_ACCESS_DENIED (0xc00000ca)]
2022-08-24T14:26:48.000000+00:00 gwr-test1 smbd[624]: [ID 901698 daemon.error] smb_domain_getinfo: no primary domain
2022-08-24T14:26:48.000000+00:00 gwr-test1 smbd[624]: [ID 199031 daemon.notice] smbd_dc_update: DDDD: locate failed

I had a look at the internals of smbd while it was in that state, and I saw that its internal "domain cache" had incorrect entries for the primary domain:
> smb_dcache ::print
[...]
    dc_dci_valid = 0x1 (B_TRUE)
    dc_dci = {
        dc_name = [ "DDDD" ]
        dc_addr = {
            au_addr = {
                au_ipv4 = 10.x.x.x
            }
            a_family = 0x2
        }
        dc_flags = 0x3f1fc    # XXX dsgetdc.h DS_...
    }

> smb_dcache ::print -a dc_cache
feef3660 dc_cache = {
    feef3660 dc_cache.list_size = 0x348
    feef3664 dc_cache.list_offset = 0
    feef3668 dc_cache.list_head = {
        feef3668 list_next = 0x812cc48
        feef366c list_prev = 0x8224588
    }
}

> feef3660 ::walk list | ::print smb_domain_t
[...] showing several entries like this:
    di_lnd = {
        list_next = 0x812c1c8         
        list_prev = 0x812c8c8
    }
    di_type = 0 (SMB_DOMAIN_NULL)
    di_sid = [ "S-1-5-21-X-Y-Z" ]
    di_nbname = [ "DD" ]
    di_fqname = [ "DDDD" ]
    di_binsid = 0x812dec0
    di_u = {
        di_dns = {
            ddi_forest = [ "FFFF" ]
            ddi_guid = [ "GGGG" ]
        }
        di_trust = ...
    }

The di_type == 0 value should not happen. Something is wrong.

Need to fill in di_type for smb_dcache_add

From racktop: 3ab3612387c85bb91fe9c5f4733ca9f103a72517
BSR-12059 smbd domain cache broken

Actions #1

Updated by Electric Monk 6 days ago

  • Gerrit CR set to 2377
Actions #2

Updated by Gordon Ross 6 days ago

  • Description updated (diff)
Actions #3

Updated by Gordon Ross 6 days ago

  • Description updated (diff)
Actions #4

Updated by Joshua M. Clulow 6 days ago

  • External Bug set to racktop:BSR-12059
Actions #5

Updated by Gordon Ross 6 days ago

Testing: Sabotage the connection to the AD server and do something that needs it (eg "smbadm lookup").
Bring the AD server back, then observe the domain cache with mdb per the description.

Actions

Also available in: Atom PDF