[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

Just tested the proposed version on two armhf systems. Both server and client mode now negotiate to tls1.3 if applicable. The other qt applications do still work. Of corse the test application in this thread also works (outputs 15) Package: libqt5network5 Version: 5.15.3+dfsg-2ubuntu0.2 Package:

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

looking at the regression log, I see that it fails to launch jackd (exec of JACK server (command = "/usr/bin/jackd") failed: No such file or directory). Other platforms (amd64) do not have that log output. I suspect this is because drumkv1_jack was not started yet (and so the test is flaky).

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

I have a version with the last attached patch in my ppa. This version works for me. Is there a change we get a SRU for this? Who would make that request? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report.

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

This is my suggested backport of the upstream patch. since, as you might know, the file locations changed a bit, lso the file defining the new datatype moved from qsslsocket_openssl_symbols_p.h to qsslsocket_openssl_p.h since it is required there (setupOpenSslOptions is defined there, but

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

@mitya57 the patch is now submitted to codereview. I am however only able to submit to the dev branch (took me a while to get this, never used gerrit before). This also means that the patch I submitted is for qt6. There is no way i send a codereview for qt5 anymore, so I don't know who will do the

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

just a side node on the findings while hunting down this issue in gdb: on armhf I think the calling convention is that integers are passed on registers. uint64 is not a (32bit) integer and since the value passed to SSL_CTX_set_options was not related in any way to the value passed in

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

https://bugreports.qt.io/browse/QTBUG-105041 this however has priority low. additionally openssl1.1 and openssl3 are not compatible in this case if libssl is loaded in runtime for 32bit this is only solvable if compiletime forces openssl version to 3 OR 1.1, but then the corresponding version

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

actually the first patch was missing something and did not compile ** Patch added: "openssl3_set_options.diff" https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603782/+files/openssl3_set_options.diff ** Patch removed: "openssl3_set_options.patch"

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

this should fix the issue this however requires openssl3.0, but that should be ok for ubuntu going forward ** Patch added: "openssl3_set_options.patch" https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603721/+files/openssl3_set_options.patch -- You

[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

i think I have a trace where the issue is: openssl3 openssl's options is a uint64_t, but in qsslsocket_openssl.cpp the method is defined as long QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SslProtocol protocol, QSsl::SslOptions sslOptions) long on 64bit platforms is 64 bit long, but

[Bug 1951832] Re: xl2tpd "Can not find tunnel" in jammy

i can confirm that the package in -proposed (1.3.16-1ubuntu0.1) does work like expected -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951832 Title: xl2tpd "Can not find tunnel" in jammy To manage

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

I can confirm that 1.6.1+dfsg1-3ubuntu2 fixes the gateway issue -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1954970 Title: remmina "Cannot connect to the RDP server ... via TLS. Check that the

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

remmina will probably have a tls security level switch in the future. https://gitlab.com/Remmina/Remmina/-/commit/cf4d8f99ac258248b8e3f3a5314ae047a210a3e9 imo it would be cleaner to backport this instead of lowering the default security for everyone. In the next ubuntu version I think the will

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

@omriasta are you sure you did not use /sec:rdp? 2.6.1+dfsg1-3ubuntu1 does not contain the upstream patch and will 100% work over gateway if linked to openssl3 and using a tls based transport over rdp gateway (nla/ext/tls), but as said /sec:rdp always worked if the remote end allowed it The

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

I have built a version that includes my mentioned security level workaround. It's in ppa:saxl/freerdp2 With that this bug report should be addressed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

@blaze status 403 is quite strange, but afaik openssl1.1 is not in jammy. If you still have it this is because it probably does not get removed when updating. I will try to make a package that fixes both rdp gateway and windows < 8. It would be very useful if you (and probably others) would be

[Bug 1970655] Re: ubuntu 22.04 fails connecting to a rdp server through a rdp gateway

I've build a package that includes the fix mentioned above in ppa:saxl/freerdp if someone can test if it works note however that a 2008r2 gateway probably fails with ERRCONNECT_TLS_CONNECT_FAILED since openssl3.0 is not compatible with 2008r2 on tls seclevel 1 anymore (#1954970). -- You

[Bug 1958600] Re: Can't connect to VPN

*** This bug is a duplicate of bug 1951832 *** https://bugs.launchpad.net/bugs/1951832 ** This bug has been marked a duplicate of bug 1951832 xl2tpd "Can not find tunnel" in jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to

[Bug 1970068] Re: L2TP+IPSec not working after upgrade to 22.04 LTS

*** This bug is a duplicate of bug 1951832 *** https://bugs.launchpad.net/bugs/1951832 this is probably not a duplicate but this https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/961 #1951832 does talk about a issue with xl2tpd, looking at this log output, the ppp session

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

ok, I created a bug report dedicated for the rdp gateway issue https://bugs.launchpad.net/ubuntu/+source/freerdp2/+bug/1970655 regarding the windows 6.1 tls issue (Windows 7 and Windows Server 2008 R2, probably also Vista and Server 2008) there is now an upstream report here

[Bug 1970655] [NEW] ubuntu 22.04 fails connecting to a rdp server through a rdp gateway

Public bug reported: There is a regression in freerdp if linked/compiled against openssl 3 This has been fixed upstream with https://github.com/FreeRDP/FreeRDP/commit/9d7c20ce8fe50bd6de54e7480b5096761a510daf.patch The upstream bug report was https://github.com/FreeRDP/FreeRDP/issues/7797 This

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

reading the first message actually it would be better splitting out the gateway fix since this bug really talks about windows 2008r2. If you agree I will make a new report about the backport of the gateway fix -- You received this bug notification because you are a member of Ubuntu Bugs, which

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

The relevant change is SHA1 in openssl3 https://github.com/openssl/openssl/commit/aba03ae571ea677fc484daef00a21ca8f7e82708 SHA1 is, contrary to what someone would expect given that the documentation says: Level 4 Security level set to 192 bits of security. As a result RSA, DSA and DH keys

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

I just discovered that a direct tls connection to a windows 7 (=2008r2) rdp server indeed fails with ERRCONNECT_TLS_CONNECT_FAILED the error is that there is no cipher match (this probably happens also with a 2008r2 based rdp gateway server, but that someone would need to check) this however

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

again: a debug log output would be very useful. With a gateway there are actually two TLS handshakes. It would be useful what handshake fails. What version of RD Gateway are you using? If it is a 2008/2008R2 based one, is that even openssl3 compatible? (I checked that TLS1.0 is enabled on the

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

> I've been testing this patch and it didn't help in my case what would probably be useful in this thread if someone would post the output of ex. xfreerdp /v: /log-level:debug I know we are talk about remmina here, but it would be very strange if xfreerdp works and remmina doesn't. For me

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

https://github.com/FreeRDP/FreeRDP/pull/7822 addresses a gateway issue only, so if you don't use a gateway this will not fix anything for you. I just compiled the latest ubuntu 2.6.1 version with this patch applied and for me now gateway connections work -- You received this bug notification

[Bug 1951832] Re: xl2tpd "Can not find tunnel" in jammy

I agree with adrian-wilkins. Even though xl2tpd is in "universe", not "main", this should have been noticed since contrary to other software this does 100% not work Hope it gets better until the first point release is out since if a ubuntu user gets updated to 22.04 he/she will not only notice

[Bug 1954970] Re: remmina "Cannot connect to the RDP server ... via TLS. Check that the client and server support a common TLS version"

it is now fixed upstream and in stable-2.0 https://github.com/FreeRDP/FreeRDP/pull/7823 https://github.com/FreeRDP/FreeRDP/pull/7822 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1954970 Title:

[Bug 1951832] Re: xl2tpd "Can not find tunnel" in jammy

Now I've replaced xl2tpd in my ppa with a working lto-enabled 1.3.16 version. This is the patch I used to create a working version ** Patch added: "lto-fix-bug-1968336.patch" https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5582809/+files/lto-fix-bug-1968336.patch

[Bug 1968336] Re: xl2tpd fails to connect after upgrading to 22.04

*** This bug is a duplicate of bug 1951832 *** https://bugs.launchpad.net/bugs/1951832 ** This bug has been marked a duplicate of bug 1951832 xl2tpd "Can not find tunnel" in jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to

[Bug 1968336] Re: xl2tpd fails to connect after upgrading to 22.04

@iamfuss got it working with this patch. The compiler seems to drop the function if compiled with lto. Don't know if this is the issue of gcc or this specific function. That's why I don't try to upstreaming this patch. If someone understands better why this happens this person should do it

[Bug 1951832] Re: xl2tpd "Can not find tunnel" in jammy

There seems to be a duplicate: https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1968336 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951832 Title: xl2tpd "Can not find tunnel" in jammy To

[Bug 1968195] Re: websocket transport is never enabled

closed in tandem with #1968577. This was also backported to stable-2.0 branch ** Changed in: freerdp (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968195

[Bug 1951832] Re: xl2tpd "Can not find tunnel" in jammy

I tried around and it really seems to be that a default build works but a debian version does not. the reason is lto. in the meantime I made my ppa version of 1.3.17 that works. (ppa:saxl/ppa) WARNING: this is on 1.3.17. If there will be a working 1.3.16 version then it will not be downgraded

[Bug 1968195] [NEW] websocket transport is never enabled

Public bug reported: freerdp supports an rdp gateway with websocket transport since 2.3.0. There was however a backport bug that never enabled this feature since the introduction to disable this feature (by /gt:auto,no-websockets) the relevant stable push is

[Bug 1964441] [NEW] libwbxml < 0.11.8 issue with libexpat1 CVE-2022-25236 fix

Public bug reported: see https://github.com/libwbxml/libwbxml/releases/tag/libwbxml-0.11.8 ubuntu jammy should upgrade to 0.11.8 from 0.11.7 older versions of ubuntu should backport https://github.com/libwbxml/libwbxml/pull/78 This issue breaks for example sogo activesync (included first on

[Bug 1947404] Re: glibc 2.34 32bit armhf segfaults with ping ::1 (recvmsg)

since jammy now is on 2.35, it is fixed there. ** Summary changed: - glibc 2.34 impish/jammy 32bit armhf segfaults with ping ::1 (recvmsg) + glibc 2.34 32bit armhf segfaults with ping ::1 (recvmsg) -- You received this bug notification because you are a member of Ubuntu Bugs, which is

[Bug 1947404] Re: glibc 2.34 impish/jammy 32bit armhf segfaults with ping ::1 (recvmsg)

it seems to be fixed in 2.35 The relevant diffs are: https://sourceware.org/git/?p=glibc.git;a=commit;h=8fba672472ae0055387e9315fc2eddfa6775ca79 https://sourceware.org/git/?p=glibc.git;a=commit;h=798d716df71fb23dc89d1d5dba1fc26a1b5c0024 I will try to build it for impish, but glibc is currently

[Bug 1947404] Re: glibc 2.34 impish/jammy 32bit armhf segfaults with ping ::1 (recvmsg)

** Summary changed: - glibc 2.34 impish 32bit armhf segfaults with ping ::1 (recvmsg) + glibc 2.34 impish/jammy 32bit armhf segfaults with ping ::1 (recvmsg) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1960258] [NEW] card/caldav compatibility limited due to gnustep 1.28 change in ubuntu jammy

Public bug reported: There is a regressin in string encoding in sogo/gnustep. See https://github.com/gnustep/libs-base/issues/212 https://www.sogo.nu/bugs/view.php?id=5416 since this is not likely to be solved in sogo I would suggest: revert

[Bug 1947404] [NEW] glibc 2.34 impish 32bit armhf segfaults with ping ::1 (recvmsg)

Public bug reported: see https://sourceware.org/bugzilla/show_bug.cgi?id=28350 in short the 32 to 64 bit timestamp emulation messes up the cmsg of the received packet (half-overwrites a cmsg struct instead of appending it) ** Affects: glibc (Ubuntu) Importance: Undecided Status:

[Bug 1861316] [NEW] ubuntu 20.04: libnss-winbind:386 should remain

Public bug reported: Ubuntu 20.04 limits the available i386 packages. There are some applications and its dependencies that are kept in i386. I think libnss libraries/plugins should be available in both archs since having them only on one arch might be confusing (ex. in wine the %USERNAME%

[Bug 1860906] [NEW] armhf: MailPartViewers: undefined symbol: OPENSSL_init_ssl

Public bug reported: On at least armhf and the upcoming focal fossa version of sogo (4.1.1) I get the following error in sogo.log Error (objc-load):/usr/lib/GNUstep/SOGo/MailPartViewers.SOGo/MailPartViewers: undefined symbol: OPENSSL_init_ssl Error

[Bug 1851199] [NEW] tmate broken in ubuntu 19.10

Public bug reported: the tmate build of ubuntu 19.10 ist broken. when launching tmate it immediatly quits with the only message [lost server]. The terminal is in a broken state (ex echo off) since both tmate and libmsgpackc2 come from ubuntu: libmsgpackc2: Installed: 3.0.1-3 Candidate:

[Bug 1820846] Re: bind_dlz zone update broken in samba 4.10

Wow, I did not expect to enter this in time for ubuntu 19.04 being so close to beta freeze. Thank you very much for your fast inclusion given that I am the only one who complained about this bug. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed

[Bug 1820846] Re: bind_dlz zone update broken in samba 4.10

there seem to be some issues with lists.samba.org (or my mail server and lists.samba.org, port 25 says connection refused) regardless of this, since 4.10.0 is already released today and it is questionable if it will be accepted upstream in time for ubuntu 19.04 release or samba 4.10.1 release, I

[Bug 1820846] Re: bind_dlz zone update broken in samba 4.10

Now I sent it to samba-technical@ using git send-email. Hope this is how it is expected to be done. This is the first time I use this method... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820846

[Bug 1820846] [NEW] bind_dlz zone update broken in samba 4.10

Public bug reported: I discovered that dynamic updates did not work anymore after updating samba to 4.10 (rc4). I tracked down the reason and submitted a patch to samba bugtracker, but it did not make into the final release. Likewise it will not be fixed in ubuntu disco if this patch is not

[Bug 1771276] Re: linux 4.15 currupts ipsec packets over non ethernet devices

** Changed in: linux (Ubuntu Bionic) Status: Triaged => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1771276 Title: linux 4.15 currupts ipsec packets over non ethernet devices To

[Bug 1771276] Re: linux 4.15 currupts ipsec packets over non ethernet devices

upstream works it was included upstream here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=87cdf3148b11d46382dbce2754ae7036aba96380 somehow they did non backport it to 4.15 (the only version that is affected) ** Tags added: kernel-fixed-upstream -- You

[Bug 1771276] Re: linux 4.15 currupts ipsec packets over non ethernet devices

There is no crash. All needed information is on https://wiki.strongswan.org/issues/2571 #6 The reason is explained https://wiki.strongswan.org/issues/2571 #17, so the issue is already resolved in 4.16, but since 4.15 is EOL and 4.14 did non have this issue and Ubuntu 18.04 is a LTS release you

[Bug 1771276] [NEW] linux 4.15 currupts ipsec packets over non ethernet devices

Public bug reported: Linux 4.15 has a bug that currupts ipsec packets if they are received over a non ethernet interface. This is a serve showstopper bug for me since it breaks my VPN setup and locks me out of my server. see https://wiki.strongswan.org/issues/2571 and

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Yes, it seems apt remove libnss-resolve would only remove that single thing. Well, I'm not the one that decides what gets recommended, but systemd also has nss-mymachines that also uses dbus. Also that could be some day be recommended by ex. systemd-nspawn :) Again: Now I consider this bug as

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Yes, I think a version between 16.04 and 18.04 added this (Don't remember what version). If someone installs libnss-resolve it will modify nsswitch automatically. I think we can close this ticket since it does not apply to a default configuration. Also I think /etc/hosts is not empty by default

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

I've tested if my suggested workaround would work. see ppa:saxl/ppa. It works :) Summary: Default 18.04 installation should not be affected since /etc/hosts contains an entry with the local hostname. If ubuntu removes this line by default the default installation will break (afaik systemd-

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

i guess I found the problem. winbindd somewhere does change its uid to the target uid to create the users kerberos cache. If keytab method contains system keytab (it does in my configuration), in gse_krb5.c fill_mem_keytab_from_system_keytab there is a call to name_to_fqdn. This function uses

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Some testresults: resolv.conf dns server*, nsswitch setting, hosts contains 127.0.1.1 entry, result - 127.0.0.53 , file resolve dns, no, fails 127.0.1.1 , file

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Some additions: I discovered that if I do not symlink /etc/resolv.conf -> /lib/systemd/resolv.conf but /etc/resolvconf/resolv.conf and add dns=dnsmasq rc-manager=resolvconf in /etc/NetworkManager/NetworkManager.conf, the problem is gone. Additionally I re-added the 127.0.1.1 entry in

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Requested logs. The failed first authentication is on Apr 21 11:05:28, immediatly after the second attempt succeeds. Before I logged in with the domain account I checked that networking of the machine worked: wbinfo -P and wbinfo -p both showed online, wbinfo -u displayed every user. The DC is

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

The content is: # Let NetworkManager manage all devices on this system network: version: 2 renderer: NetworkManager -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764853 Title: winbind returns

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

/etc/netplan/ contains 01-network-manager-all.yaml, if I remove it I get no network connection. This systems seems to be already migrated to netplan. /etc/network/interfaces.d/ is empty, /etc/network/interfaces contains only the default lo interface. smb.conf: [global] workgroup = JDW

[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

1) Yes, it is a desktop system, but not a wireless system, so network is available (NetworkManager). I've checked that with ssh-ing into this machine with a local account. Both wbinfo -p and wbinfo -P showed everything is online. But also in this case the first domain login failes. 2) It is a

[Bug 1764853] [NEW] winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Public bug reported: The following issue exists only on Ubuntu 18.04 I've upgraded ubuntu from 17.10 and noticed that winbind does not work well. 90% of the time I reboot my system I'm getting PAM_AUTHINFO_UNAVAIL when trying to log in with a domain account. clicking login again on the login

[Bug 1752670] [NEW] ppp 2.4.7-2+1ubuntu1 bionic mschap broken

Public bug reported: pppd 2.4.7-2+1ubuntu1 breaks vpn connections to Windows and Mikrotik Servers. It seams only mschap is broken. manually compiling https://github.com/paulusmack/ppp/ fixes it, so the problem seams to be downstream. Removing replace-vendored-hash-functions.patch seams to fix

[Bug 1713226] Re: systemd-networkd messes up networking

The example 2 in my first posting is not an bug since the package contains /lib/systemd/network/80-container-host0.network. As I wrote this only affects systemd-nspawn containers the unexpected "thing" is that when you upgrade you do not expect a system wide configuration that is active in

[Bug 1713226] Re: systemd-networkd messes up networking

Here are the files of the networkmanager systemd-networkd conflict (I already removed ifupdown, the problem is the same, so we say for sure networkmanager or systemd-networkd causes the problem) the output of ip a is the following: 1: lo: mtu 65536 qdisc noqueue state

[Bug 1713226] Re: systemd-networkd messes up networking

this was a upgrade so the ifupdown problem should not happen with clean installs. How is the migration planned? If for example one will do a upgrade from 16.04 to the next 18.04 such problems are a clear show stopper since breaking the network for most servers will mean needing physical access.

[Bug 1713226] [NEW] systemd-networkd messes up networking

Public bug reported: Since systemd-234-2ubuntu8 systemd-networkd is enabled by default. This causes problems existing configurations ex1: if the network has ipv6 enables (the host recieves a router advertisement), networkmanager does not configure the network anymore so you get only ipv6 and

[Bug 1672162] [NEW] pam_winbind broken missing symbols

Public bug reported: Ubuntu zesty samba 4.5.4 installs a pam_winbind version that has missing symbols, for example wbcCtxFree since arch linux does not have this bug I checked what is different there: The breaking patch is fix-1584485.patch If I remove this one it works again (of course

[Bug 1625940] Re: CIFS client: access problems after updating to kernel 4.4.0-38-generic

*** This bug is a duplicate of bug 1626112 *** https://bugs.launchpad.net/bugs/1626112 the fix of bug #1626112 does not resolve this problem automount gets the wrong UID, so it does not work if I mount manually with the correct uid= parameter it works as expected (also with the other

[Bug 1625940] [NEW] CIFS client: access problems after updating to kernel 4.4.0-38-generic

Public bug reported: Since updating to kernel 4.4.0-38 on ubuntu xenial I cannot access automount shares anymore it seems that automount since this update resolves $UID always to 0 instead of the requesting users uid. reverting to the older kernel resolves this.

[Bug 1574507] [NEW] plasma-nm only sometimes show current transmit and recieve speed

Public bug reported: When expanding the plasma-nm applet only sometimes it shows the current transmit and recieve speeds. Usually when it gets expanded the first time it shows this information. But if you open the network settings dialog (kde5-nm-connection-editor) it always stopps working until

[Bug 1388091] Re: winbindd does not provide geocs to libnss_winbind in ad configuration with winbind nss info = template (default)

in samba 4.3.3 in ubuntu xenial the problem is resolved. The upstream bug is/was https://bugzilla.samba.org/show_bug.cgi?id=10440 As you can see there the proper fix is quite big, maybe not the best idea to backport to 4.1, but at least in the next lts version of ubuntu it should be fixed **

[Bug 1388091] Re: winbindd does not provide geocs to libnss_winbind in ad configuration with winbind nss info = template (default)

in samba 4.3.3 in ubuntu xenial the problem is resolved. The upstream bug is/was https://bugzilla.samba.org/show_bug.cgi?id=10440 As you can see there the proper fix is quite big, maybe not the best idea to backport to 4.1, but at least in the next lts version of ubuntu it should be fixed **

[Bug 1530929] [NEW] /usr/share/pam-configs/winbind should not include krb5_ccache_type or other options

Public bug reported: the template file winbind includes a lot of options that should be in /etc/security/pam_winbind.conf. Putting options in the template overwrites the option in /etc/security/pam_winbind.conf, So, if you want for example to put the krb5cc outside of tmp, you have to modify

[Bug 1530929] [NEW] /usr/share/pam-configs/winbind should not include krb5_ccache_type or other options

Public bug reported: the template file winbind includes a lot of options that should be in /etc/security/pam_winbind.conf. Putting options in the template overwrites the option in /etc/security/pam_winbind.conf, So, if you want for example to put the krb5cc outside of tmp, you have to modify

[Bug 1475118] Re: It would be nice to get Samba 4.2 in Wily (4.1 in Maintenance mode for 6 more months. EOL by 10/2016)

debian now has samba 4.2.1 in experimental. This should be a good starting point I've used samba 4.1 and now I am on 4.2 on arch (used as ad-server). 4.2 to me seems to be more stable (winbindd simply works better than the now obsolete "source4" winbind; even on winbindd they made some

[Bug 1475118] Re: It would be nice to get Samba 4.2 in Wily (4.1 in Maintenance mode for 6 more months. EOL by 10/2016)

debian now has samba 4.2.1 in experimental. This should be a good starting point I've used samba 4.1 and now I am on 4.2 on arch (used as ad-server). 4.2 to me seems to be more stable (winbindd simply works better than the now obsolete "source4" winbind; even on winbindd they made some

[Bug 1355992] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.10 upgrade

patch applied in ubuntu package ** Changed in: samba (Ubuntu) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1355992 Title: pam_winbind

[Bug 1388091] [NEW] winbindd does not provide geocs to libnss_winbind in ad configuration with winbind nss info = template (default)

Public bug reported: affected with Ubuntu version 14.04.1 and 14.10. If the user loggs in, he does not see his own full name (geocs). it is also reporduceable by getent passwd $USER. usually there should be a field containing the users full name. if winbindd enumerates all users or winbind rpc

[Bug 1388091] Re: winbindd does not provide geocs to libnss_winbind in ad configuration with winbind nss info = template (default)

A samba version containing this patch is built in my ppa ppa:saxl/ppa (for utopic) There is also a version for trusty, but its also samba 4.1.11 backported from utopic -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu.

[Bug 1355992] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.10 upgrade

patch applied in ubuntu package ** Changed in: samba (Ubuntu) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1355992 Title: pam_winbind krb5_ccache_type=FILE

[Bug 1388091] [NEW] winbindd does not provide geocs to libnss_winbind in ad configuration with winbind nss info = template (default)

Public bug reported: affected with Ubuntu version 14.04.1 and 14.10. If the user loggs in, he does not see his own full name (geocs). it is also reporduceable by getent passwd $USER. usually there should be a field containing the users full name. if winbindd enumerates all users or winbind rpc

[Bug 1388091] Re: winbindd does not provide geocs to libnss_winbind in ad configuration with winbind nss info = template (default)

A samba version containing this patch is built in my ppa ppa:saxl/ppa (for utopic) There is also a version for trusty, but its also samba 4.1.11 backported from utopic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1355992] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.10 upgrade

in 4.1.11+dfsg-1ubuntu2 the last patch on https://bugzilla.samba.org/show_bug.cgi?id=10490 is applied. ** Bug watch added: Samba Bugzilla #10490 https://bugzilla.samba.org/show_bug.cgi?id=10490 -- You received this bug notification because you are a member of Ubuntu Server Team, which is

[Bug 1355992] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.10 upgrade

in 4.1.11+dfsg-1ubuntu2 the last patch on https://bugzilla.samba.org/show_bug.cgi?id=10490 is applied. ** Bug watch added: Samba Bugzilla #10490 https://bugzilla.samba.org/show_bug.cgi?id=10490 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

I have built a package some time ago with the new patch posted on bugs.samba.org for utopic (https://launchpad.net/~saxl/+archive/ubuntu/ppa/+build/6263614), The 4.1.11+dfsg-1ubuntu1saxl1 build works well on my site. The problem is that I am also the bug reporter on bugs.samba.org, so maybe

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

I have built a package some time ago with the new patch posted on bugs.samba.org for utopic (https://launchpad.net/~saxl/+archive/ubuntu/ppa/+build/6263614), The 4.1.11+dfsg-1ubuntu1saxl1 build works well on my site. The problem is that I am also the bug reporter on bugs.samba.org, so maybe

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

well, I have the same problem with 14.10, to get a working samba 4.1.11 all you need to do is apply the patch in this bugreport. It has been dropped when syncing with debian. In my private ppa there is a working samba version for utopic. As a longterm workaround I have changed from pam_winbind

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

well, I have the same problem with 14.10, to get a working samba 4.1.11 all you need to do is apply the patch in this bugreport. It has been dropped when syncing with debian. In my private ppa there is a working samba version for utopic. As a longterm workaround I have changed from pam_winbind

[Bug 1355992] [NEW] pam_winbind krb5_ccache_type=FILE stopped working after 14.10 upgrade

Public bug reported: essentially the same as lp #1310919, since 4.1.11+dfsg-1ubuntu1 dropped the patch krb5_kt_start_seq.diff that is not applied upstream yet ** Affects: samba (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a

[Bug 1355992] [NEW] pam_winbind krb5_ccache_type=FILE stopped working after 14.10 upgrade

Public bug reported: essentially the same as lp #1310919, since 4.1.11+dfsg-1ubuntu1 dropped the patch krb5_kt_start_seq.diff that is not applied upstream yet ** Affects: samba (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a

[Bug 1307778] Re: getent group on trusty returns only local groups

The behavior of BUILTIN\ is not a bug but is intended like this. The idmap_ad plugin is only used for the WORKGROUP domain. everything else is up to idmap config * : range = 10-30. See man idmap_ad If you try setting a gid to the groups in the AD, does this workaround the problem? (to be

[Bug 1307778] Re: getent group on trusty returns only local groups

The behavior of BUILTIN\ is not a bug but is intended like this. The idmap_ad plugin is only used for the WORKGROUP domain. everything else is up to idmap config * : range = 10-30. See man idmap_ad If you try setting a gid to the groups in the AD, does this workaround the problem? (to be

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

I can confirm that this fixes the bug for my installations (two different domains on multiple 14.04 clients), everywhere using kerberos method = secrets and keytab and the keytab access set to root:root 600 just a side note: the bug is not in pam_winbind but in winbindd itself (as you can read

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

I can confirm that this fixes the bug for my installations (two different domains on multiple 14.04 clients), everywhere using kerberos method = secrets and keytab and the keytab access set to root:root 600 just a side note: the bug is not in pam_winbind but in winbindd itself (as you can read

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

I have looked at the source and found a potential problem. This patch should fix it, but of corse needs some testing. ** Patch added: krb5_kt_start_seq.diff https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1310919/+attachment/4094414/+files/krb5_kt_start_seq.diff -- You received this

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

for those who are also affected by this bug: i've uploaded the a samba package with this patch on my ppa (ppa:saxl/ppa). Building should start shortly. p.s.: I have opened a bugreport upstream (https://bugzilla.samba.org/show_bug.cgi?id=10490), but since older versions of samba did not have this

[Bug 1310919] Re: pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade

I have looked at the source and found a potential problem. This patch should fix it, but of corse needs some testing. ** Patch added: krb5_kt_start_seq.diff https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1310919/+attachment/4094414/+files/krb5_kt_start_seq.diff -- You received this

  1   2   >