This probably doesn't have anything to do with this issue, but there is a new remote code exploit announced today for Sambe. Since you have selinux disabled you are vulnerable (selinux prevents the remote code execution.) CVE-2017-7494 is the CVE you want to look for.
On Wed, May 24, 2017 at 9:44 AM, Bruce Martin <[email protected]> wrote: > The only change that happened between things working and not working (as > best I can tell) is that several packages were upgraded. > > libsmbclient x86_64 4.4.4-13.el7_3 updates > 126 k > libtirpc x86_64 0.2.4-0.8.el7_3 updates > 88 k > libwbclient x86_64 4.4.4-13.el7_3 updates > 100 k > rpcbind x86_64 0.2.0-38.el7_3 updates > 59 k > samba-client x86_64 4.4.4-13.el7_3 updates > 547 k > samba-client-libs x86_64 4.4.4-13.el7_3 updates > 4.6 M > samba-common noarch 4.4.4-13.el7_3 updates > 191 k > samba-common-libs x86_64 4.4.4-13.el7_3 updates > 161 k > samba-common-tools x86_64 4.4.4-13.el7_3 updates > 451 k > samba-libs x86_64 4.4.4-13.el7_3 updates > 260 k > > I tried downgrading libtirpc and rpcbind but still no joy. > > On May 23, 2017, at 4:18 PM, Kent Perrier <[email protected]> wrote: > > In another window can you run journalctl -f -u ypbind to see the messages > logged during start up? > > > Gave that a try with the following results when trying to start ypbind: > > # journalctl -f -u ypbind > -- Logs begin at Wed 2017-05-24 08:54:28 CDT. -- > May 24 08:54:50 quebec.vuiis.vanderbilt.edu systemd[1]: Starting NIS/YP > (Network Information Service) Clients to NIS Domain Binder... > May 24 08:54:50 quebec.vuiis.vanderbilt.edu ypbind-pre-setdomain[1007]: > Setting NIS domain: 'vuiis2' (environment variable) > May 24 08:54:51 quebec.vuiis.vanderbilt.edu setsebool[1020]: setsebool: > SELinux is disabled. > May 24 08:55:50 quebec.vuiis.vanderbilt.edu systemd[1]: *ypbind.service: > control process exited, code=exited status=1* > May 24 08:55:50 quebec.vuiis.vanderbilt.edu systemd[1]: *Failed to start > NIS/YP (Network Information Service) Clients to NIS Domain Binder.* > May 24 08:55:50 quebec.vuiis.vanderbilt.edu systemd[1]: *Unit > ypbind.service entered failed state.* > May 24 08:55:50 quebec.vuiis.vanderbilt.edu systemd[1]: *ypbind.service > failed.* > May 24 09:35:31 quebec.vuiis.vanderbilt.edu systemd[1]: Starting NIS/YP > (Network Information Service) Clients to NIS Domain Binder... > May 24 09:35:31 quebec.vuiis.vanderbilt.edu setsebool[3304]: setsebool: > SELinux is disabled. > May 24 09:36:27 quebec.vuiis.vanderbilt.edu systemd[1]: *ypbind.service: > control process exited, code=exited status=1* > May 24 09:36:27 quebec.vuiis.vanderbilt.edu systemd[1]: *Failed to start > NIS/YP (Network Information Service) Clients to NIS Domain Binder.* > May 24 09:36:27 quebec.vuiis.vanderbilt.edu systemd[1]: *Unit > ypbind.service entered failed state.* > May 24 09:36:27 quebec.vuiis.vanderbilt.edu systemd[1]: *ypbind.service > failed.* > > > > By the way, I recommend ditching NIS (people still run that!?? :D) and > moving to LDAP. > > > Much easier said than done. Do you know of anybody that can convert NIS to > LDAP and is available for a consulting gig? > > > Kent > > On Tue, May 23, 2017 at 3:17 PM, Bruce Martin <[email protected]> wrote: > >> Running an NIS server on CentOS 7 for about a year and previous versions >> of CentOS or RHEL for over a decade. Today things stopped working. None of >> my machines can connect to the NIS server and it seems to be a problem with >> ypbind. >> Red Hat Bugzilla – Bug 1415496 seems to describe the problem but their >> solution is not working for me since it is for Fedora and I am running >> CentOS. >> >> The following are commands I have run to try to identify the problem. My >> Google foo does not seem to work when trying to use some of the errors >> below. >> >> Any suggestions? >> >> Bruce >> >> # systemctl restart ypbind.service >> Job for ypbind.service failed because the control process exited with >> error code. See "systemctl status ypbind.service" and "journalctl -xe" for >> details. >> >> >> # systemctl status ypbind.service >> *●* ypbind.service - NIS/YP (Network Information Service) Clients to NIS >> Domain Binder >> Loaded: loaded (/usr/lib/systemd/system/ypbind.service; enabled; >> vendor preset: disabled) >> Active: *failed* (Result: exit-code) since Tue 2017-05-23 14:45:27 >> CDT; 57s ago >> Process: 3158 ExecStartPost=/usr/libexec/ypbind-post-waitbind >> *(code=exited, >> status=1/FAILURE)* >> Process: 3152 ExecStart=/usr/sbin/ypbind -n $OTHER_YPBIND_OPTS >> (code=exited, status=0/SUCCESS) >> Process: 3148 ExecStartPre=/usr/sbin/setsebool allow_ypbind=1 >> *(code=exited, >> status=1/FAILURE)* >> Process: 3145 ExecStartPre=/usr/libexec/ypbind-pre-setdomain >> (code=exited, status=0/SUCCESS) >> Main PID: 3152 (code=exited, status=0/SUCCESS) >> Status: "Processing requests..." >> >> May 23 14:44:42 quebec.vuiis.vanderbilt.edu systemd[1]: Starting NIS/YP >> (Network Information Service) Clients to NIS Domain Binder... >> May 23 14:44:42 quebec.vuiis.vanderbilt.edu setsebool[3148]: setsebool: >> SELinux is disabled. >> May 23 14:45:27 quebec.vuiis.vanderbilt.edu systemd[1]: *ypbind.service: >> control process exited, code=exited status=1* >> May 23 14:45:27 quebec.vuiis.vanderbilt.edu systemd[1]: *Failed to start >> NIS/YP (Network Information Service) Clients to NIS Domain Binder.* >> May 23 14:45:27 quebec.vuiis.vanderbilt.edu systemd[1]: *Unit >> ypbind.service entered failed state.* >> May 23 14:45:27 quebec.vuiis.vanderbilt.edu systemd[1]: *ypbind.service >> failed.* >> >> >> # journalctl -xe >> May 23 14:45:32 quebec.vuiis.vanderbilt.edu systemd[1]: *rpcbind.service: >> main process exited, code=killed, status=6/ABRT* >> May 23 14:45:32 quebec.vuiis.vanderbilt.edu systemd[1]: *Unit >> rpcbind.service entered failed state.* >> May 23 14:45:32 quebec.vuiis.vanderbilt.edu systemd[1]: *rpcbind.service >> failed.* >> May 23 14:48:05 quebec.vuiis.vanderbilt.edu systemd[1]: Starting Cleanup >> of Temporary Directories... >> -- Subject: Unit systemd-tmpfiles-clean.service has begun start-up >> -- Defined-By: systemd >> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel >> -- >> -- Unit systemd-tmpfiles-clean.service has begun starting up. >> May 23 14:48:05 quebec.vuiis.vanderbilt.edu systemd[1]: Started Cleanup >> of Temporary Directories. >> -- Subject: Unit systemd-tmpfiles-clean.service has finished start-up >> -- Defined-By: systemd >> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel >> -- >> -- Unit systemd-tmpfiles-clean.service has finished starting up. >> -- >> -- The start-up result is done. >> >> # tail -n 40 /var/log/messages >> May 23 14:45:02 quebec systemd: rpcbind.service: main process exited, >> code=killed, status=6/ABRT >> May 23 14:45:02 quebec systemd: Unit rpcbind.service entered failed state. >> May 23 14:45:02 quebec systemd: rpcbind.service failed. >> May 23 14:45:02 quebec systemd: Starting RPC bind service... >> May 23 14:45:02 quebec systemd: Started RPC bind service. >> May 23 14:45:08 quebec systemd: rpcbind.service: main process exited, >> code=killed, status=6/ABRT >> May 23 14:45:08 quebec systemd: Unit rpcbind.service entered failed state. >> May 23 14:45:08 quebec systemd: rpcbind.service failed. >> May 23 14:45:08 quebec systemd: Starting RPC bind service... >> May 23 14:45:08 quebec systemd: Started RPC bind service. >> May 23 14:45:20 quebec systemd: rpcbind.service: main process exited, >> code=killed, status=6/ABRT >> May 23 14:45:20 quebec systemd: Unit rpcbind.service entered failed state. >> May 23 14:45:20 quebec systemd: rpcbind.service failed. >> May 23 14:45:20 quebec systemd: Starting RPC bind service... >> May 23 14:45:20 quebec systemd: Started RPC bind service. >> May 23 14:45:26 quebec systemd: rpcbind.service: main process exited, >> code=killed, status=6/ABRT >> May 23 14:45:26 quebec systemd: Unit rpcbind.service entered failed state. >> May 23 14:45:26 quebec systemd: rpcbind.service failed. >> May 23 14:45:27 quebec ypbind: Binding took 45 seconds >> May 23 14:45:27 quebec ypbind: NIS server for domain vuiis2 is not >> responding. >> May 23 14:45:27 quebec ypbind: Killing ypbind with PID 3152. >> May 23 14:45:27 quebec ypbind: Try increase NISTIMEOUT in >> /etc/sysconfig/ypbind >> May 23 14:45:27 quebec systemd: ypbind.service: control process exited, >> code=exited status=1 >> May 23 14:45:27 quebec systemd: Failed to start NIS/YP (Network >> Information Service) Clients to NIS Domain Binder. >> May 23 14:45:27 quebec systemd: Unit ypbind.service entered failed state. >> May 23 14:45:27 quebec systemd: ypbind.service failed. >> May 23 14:45:27 quebec systemd: Starting RPC bind service... >> May 23 14:45:27 quebec systemd: Started RPC bind service. >> May 23 14:45:32 quebec systemd: rpcbind.service: main process exited, >> code=killed, status=6/ABRT >> May 23 14:45:32 quebec systemd: Unit rpcbind.service entered failed state. >> May 23 14:45:32 quebec systemd: rpcbind.service failed. >> May 23 14:48:05 quebec systemd: Starting Cleanup of Temporary >> Directories... >> May 23 14:48:05 quebec systemd: Started Cleanup of Temporary Directories. >> May 23 14:50:01 quebec systemd: Starting RPC bind service... >> May 23 14:50:01 quebec systemd: Started RPC bind service. >> May 23 14:50:01 quebec systemd: Started Session 3 of user root. >> May 23 14:50:01 quebec systemd: Starting Session 3 of user root. >> May 23 14:50:04 quebec systemd: rpcbind.service: main process exited, >> code=killed, status=6/ABRT >> May 23 14:50:04 quebec systemd: Unit rpcbind.service entered failed state. >> May 23 14:50:04 quebec systemd: rpcbind.service failed. >> >> >> >> -- >> Bruce W. Martin, KQ4TV >> Trustee for NT4UX >> Nashville Linux User Group - Amateur Radio- Special Interest Group >> NLUG-AR-SIG >> >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at http://groups.google.com/group >> /nlug-talk?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to nlug-talk+unsubscribe@ > googlegroups.com > For more options, visit this group at http://groups.google.com/ > group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to nlug-talk+unsubscribe@ > googlegroups.com > For more options, visit this group at http://groups.google.com/ > group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
