Just tested the proposed version on two armhf systems. Both server and
client mode now negotiate to tls1.3 if applicable. The other qt
applications do still work. Of corse the test application in this thread
also works (outputs 15)
Package: libqt5network5
Version: 5.15.3+dfsg-2ubuntu0.2
Package:
looking at the regression log, I see that it fails to launch jackd (exec of
JACK server (command = "/usr/bin/jackd") failed: No such file or directory).
Other platforms (amd64) do not have that log output.
I suspect this is because drumkv1_jack was not started yet (and so the test is
flaky).
I have a version with the last attached patch in my ppa. This version works for
me.
Is there a change we get a SRU for this? Who would make that request?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
This is my suggested backport of the upstream patch.
since, as you might know, the file locations changed a bit, lso the file
defining the new datatype moved from qsslsocket_openssl_symbols_p.h to
qsslsocket_openssl_p.h since it is required there (setupOpenSslOptions
is defined there, but
@mitya57 the patch is now submitted to codereview. I am however only
able to submit to the dev branch (took me a while to get this, never
used gerrit before). This also means that the patch I submitted is for
qt6. There is no way i send a codereview for qt5 anymore, so I don't
know who will do the
just a side node on the findings while hunting down this issue in gdb:
on armhf I think the calling convention is that integers are passed on
registers. uint64 is not a (32bit) integer and since the value passed to
SSL_CTX_set_options was not related in any way to the value passed in
https://bugreports.qt.io/browse/QTBUG-105041
this however has priority low.
additionally openssl1.1 and openssl3 are not compatible in this case if libssl
is loaded in runtime
for 32bit this is only solvable if compiletime forces openssl version to
3 OR 1.1, but then the corresponding version
actually the first patch was missing something and did not compile
** Patch added: "openssl3_set_options.diff"
https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603782/+files/openssl3_set_options.diff
** Patch removed: "openssl3_set_options.patch"
this should fix the issue
this however requires openssl3.0, but that should be ok for ubuntu going
forward
** Patch added: "openssl3_set_options.patch"
https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603721/+files/openssl3_set_options.patch
--
You
i think I have a trace where the issue is:
openssl3 openssl's options is a uint64_t, but in qsslsocket_openssl.cpp the
method is defined as
long QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SslProtocol protocol,
QSsl::SslOptions sslOptions)
long on 64bit platforms is 64 bit long, but
i can confirm that the package in -proposed (1.3.16-1ubuntu0.1) does
work like expected
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951832
Title:
xl2tpd "Can not find tunnel" in jammy
To manage
I can confirm that 1.6.1+dfsg1-3ubuntu2 fixes the gateway issue
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1954970
Title:
remmina "Cannot connect to the RDP server ... via TLS. Check that the
remmina will probably have a tls security level switch in the future.
https://gitlab.com/Remmina/Remmina/-/commit/cf4d8f99ac258248b8e3f3a5314ae047a210a3e9
imo it would be cleaner to backport this instead of lowering the default
security for everyone.
In the next ubuntu version I think the will
@omriasta are you sure you did not use /sec:rdp? 2.6.1+dfsg1-3ubuntu1 does not
contain the upstream patch and will 100% work over gateway if linked to
openssl3 and using a tls based transport over rdp gateway (nla/ext/tls), but as
said /sec:rdp always worked if the remote end allowed it
The
I have built a version that includes my mentioned security level
workaround.
It's in ppa:saxl/freerdp2
With that this bug report should be addressed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@blaze status 403 is quite strange, but afaik openssl1.1 is not in
jammy. If you still have it this is because it probably does not get
removed when updating.
I will try to make a package that fixes both rdp gateway and windows < 8.
It would be very useful if you (and probably others) would be
I've build a package that includes the fix mentioned above in
ppa:saxl/freerdp
if someone can test if it works
note however that a 2008r2 gateway probably fails with
ERRCONNECT_TLS_CONNECT_FAILED since openssl3.0 is not compatible with
2008r2 on tls seclevel 1 anymore (#1954970).
--
You
*** This bug is a duplicate of bug 1951832 ***
https://bugs.launchpad.net/bugs/1951832
** This bug has been marked a duplicate of bug 1951832
xl2tpd "Can not find tunnel" in jammy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
*** This bug is a duplicate of bug 1951832 ***
https://bugs.launchpad.net/bugs/1951832
this is probably not a duplicate but this
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/961
#1951832 does talk about a issue with xl2tpd, looking at this log
output, the ppp session
ok, I created a bug report dedicated for the rdp gateway issue
https://bugs.launchpad.net/ubuntu/+source/freerdp2/+bug/1970655
regarding the windows 6.1 tls issue (Windows 7 and Windows Server 2008
R2, probably also Vista and Server 2008) there is now an upstream report
here
Public bug reported:
There is a regression in freerdp if linked/compiled against openssl 3
This has been fixed upstream with
https://github.com/FreeRDP/FreeRDP/commit/9d7c20ce8fe50bd6de54e7480b5096761a510daf.patch
The upstream bug report was
https://github.com/FreeRDP/FreeRDP/issues/7797
This
reading the first message actually it would be better splitting out the
gateway fix since this bug really talks about windows 2008r2. If you
agree I will make a new report about the backport of the gateway fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
The relevant change is SHA1 in openssl3
https://github.com/openssl/openssl/commit/aba03ae571ea677fc484daef00a21ca8f7e82708
SHA1 is, contrary to what someone would expect given that the documentation
says:
Level 4
Security level set to 192 bits of security. As a result RSA, DSA and
DH keys
I just discovered that a direct tls connection to a windows 7 (=2008r2) rdp
server indeed fails with
ERRCONNECT_TLS_CONNECT_FAILED
the error is that there is no cipher match (this probably happens also
with a 2008r2 based rdp gateway server, but that someone would need to
check)
this however
again: a debug log output would be very useful.
With a gateway there are actually two TLS handshakes. It would be useful what
handshake fails.
What version of RD Gateway are you using? If it is a 2008/2008R2 based
one, is that even openssl3 compatible? (I checked that TLS1.0 is enabled
on the
> I've been testing this patch and it didn't help in my case
what would probably be useful in this thread if someone would post the
output of ex.
xfreerdp /v: /log-level:debug
I know we are talk about remmina here, but it would be very strange if
xfreerdp works and remmina doesn't.
For me
https://github.com/FreeRDP/FreeRDP/pull/7822 addresses a gateway issue
only, so if you don't use a gateway this will not fix anything for you.
I just compiled the latest ubuntu 2.6.1 version with this patch applied
and for me now gateway connections work
--
You received this bug notification
I agree with adrian-wilkins. Even though xl2tpd is in "universe", not
"main", this should have been noticed since contrary to other software
this does 100% not work
Hope it gets better until the first point release is out since if a ubuntu user
gets updated to 22.04 he/she will not only notice
it is now fixed upstream and in stable-2.0
https://github.com/FreeRDP/FreeRDP/pull/7823
https://github.com/FreeRDP/FreeRDP/pull/7822
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1954970
Title:
Now I've replaced xl2tpd in my ppa with a working lto-enabled 1.3.16
version.
This is the patch I used to create a working version
** Patch added: "lto-fix-bug-1968336.patch"
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5582809/+files/lto-fix-bug-1968336.patch
*** This bug is a duplicate of bug 1951832 ***
https://bugs.launchpad.net/bugs/1951832
** This bug has been marked a duplicate of bug 1951832
xl2tpd "Can not find tunnel" in jammy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
@iamfuss got it working with this patch.
The compiler seems to drop the function if compiled with lto.
Don't know if this is the issue of gcc or this specific function. That's why I
don't try to upstreaming this patch. If someone understands better why this
happens this person should do it
There seems to be a duplicate:
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1968336
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951832
Title:
xl2tpd "Can not find tunnel" in jammy
To
closed in tandem with #1968577. This was also backported to stable-2.0
branch
** Changed in: freerdp (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968195
I tried around and it really seems to be that a default build works but
a debian version does not.
the reason is lto. in the meantime I made my ppa version of 1.3.17 that works.
(ppa:saxl/ppa)
WARNING: this is on 1.3.17. If there will be a working 1.3.16 version then it
will not be downgraded
Public bug reported:
freerdp supports an rdp gateway with websocket transport since 2.3.0.
There was however a backport bug that never enabled this feature since
the introduction to disable this feature (by /gt:auto,no-websockets)
the relevant stable push is
Public bug reported:
see https://github.com/libwbxml/libwbxml/releases/tag/libwbxml-0.11.8
ubuntu jammy should upgrade to 0.11.8 from 0.11.7
older versions of ubuntu should backport
https://github.com/libwbxml/libwbxml/pull/78
This issue breaks for example sogo activesync (included first on
since jammy now is on 2.35, it is fixed there.
** Summary changed:
- glibc 2.34 impish/jammy 32bit armhf segfaults with ping ::1 (recvmsg)
+ glibc 2.34 32bit armhf segfaults with ping ::1 (recvmsg)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
it seems to be fixed in 2.35
The relevant diffs are:
https://sourceware.org/git/?p=glibc.git;a=commit;h=8fba672472ae0055387e9315fc2eddfa6775ca79
https://sourceware.org/git/?p=glibc.git;a=commit;h=798d716df71fb23dc89d1d5dba1fc26a1b5c0024
I will try to build it for impish,
but glibc is currently
** Summary changed:
- glibc 2.34 impish 32bit armhf segfaults with ping ::1 (recvmsg)
+ glibc 2.34 impish/jammy 32bit armhf segfaults with ping ::1 (recvmsg)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Public bug reported:
There is a regressin in string encoding in sogo/gnustep.
See
https://github.com/gnustep/libs-base/issues/212
https://www.sogo.nu/bugs/view.php?id=5416
since this is not likely to be solved in sogo I would suggest:
revert
Public bug reported:
see
https://sourceware.org/bugzilla/show_bug.cgi?id=28350
in short the 32 to 64 bit timestamp emulation messes up the cmsg of the
received packet (half-overwrites a cmsg struct instead of appending it)
** Affects: glibc (Ubuntu)
Importance: Undecided
Status:
Public bug reported:
Ubuntu 20.04 limits the available i386 packages.
There are some applications and its dependencies that are kept in i386.
I think libnss libraries/plugins should be available in both archs since
having them only on one arch might be confusing (ex. in wine the
%USERNAME%
Public bug reported:
On at least armhf and the upcoming focal fossa version of sogo (4.1.1) I
get the following error in sogo.log
Error (objc-load):/usr/lib/GNUstep/SOGo/MailPartViewers.SOGo/MailPartViewers:
undefined symbol: OPENSSL_init_ssl
Error
Public bug reported:
the tmate build of ubuntu 19.10 ist broken.
when launching tmate it immediatly quits with the only message [lost
server]. The terminal is in a broken state (ex echo off)
since both tmate and libmsgpackc2 come from ubuntu:
libmsgpackc2:
Installed: 3.0.1-3
Candidate:
Wow, I did not expect to enter this in time for ubuntu 19.04 being so
close to beta freeze.
Thank you very much for your fast inclusion given that I am the only one
who complained about this bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
there seem to be some issues with lists.samba.org (or my mail server and
lists.samba.org, port 25 says connection refused)
regardless of this, since 4.10.0 is already released today and it is
questionable if it will be accepted upstream in time for ubuntu 19.04
release or samba 4.10.1 release, I
Now I sent it to samba-technical@ using git send-email.
Hope this is how it is expected to be done. This is the first time I use
this method...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820846
Public bug reported:
I discovered that dynamic updates did not work anymore after updating
samba to 4.10 (rc4).
I tracked down the reason and submitted a patch to samba bugtracker, but
it did not make into the final release. Likewise it will not be fixed in
ubuntu disco if this patch is not
** Changed in: linux (Ubuntu Bionic)
Status: Triaged => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1771276
Title:
linux 4.15 currupts ipsec packets over non ethernet devices
To
upstream works
it was included upstream here:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=87cdf3148b11d46382dbce2754ae7036aba96380
somehow they did non backport it to 4.15 (the only version that is
affected)
** Tags added: kernel-fixed-upstream
--
You
There is no crash. All needed information is on
https://wiki.strongswan.org/issues/2571 #6
The reason is explained https://wiki.strongswan.org/issues/2571 #17, so the
issue is already resolved in 4.16, but since 4.15 is EOL and 4.14 did non have
this issue and Ubuntu 18.04 is a LTS release you
Public bug reported:
Linux 4.15 has a bug that currupts ipsec packets if they are received over a
non ethernet interface.
This is a serve showstopper bug for me since it breaks my VPN setup and locks
me out of my server.
see https://wiki.strongswan.org/issues/2571 and
Yes, it seems apt remove libnss-resolve would only remove that single
thing.
Well, I'm not the one that decides what gets recommended, but systemd
also has nss-mymachines that also uses dbus. Also that could be some day
be recommended by ex. systemd-nspawn :)
Again: Now I consider this bug as
Yes, I think a version between 16.04 and 18.04 added this (Don't
remember what version).
If someone installs libnss-resolve it will modify nsswitch
automatically.
I think we can close this ticket since it does not apply to a default
configuration.
Also I think /etc/hosts is not empty by default
I've tested if my suggested workaround would work. see ppa:saxl/ppa.
It works :)
Summary: Default 18.04 installation should not be affected since
/etc/hosts contains an entry with the local hostname. If ubuntu removes
this line by default the default installation will break (afaik systemd-
i guess I found the problem.
winbindd somewhere does change its uid to the target uid to create the users
kerberos cache.
If keytab method contains system keytab (it does in my configuration), in
gse_krb5.c fill_mem_keytab_from_system_keytab there is a call to name_to_fqdn.
This function uses
Some testresults:
resolv.conf dns server*, nsswitch setting, hosts contains 127.0.1.1 entry,
result
-
127.0.0.53 , file resolve dns, no, fails
127.0.1.1 , file
Some additions:
I discovered that if I do not symlink /etc/resolv.conf ->
/lib/systemd/resolv.conf but /etc/resolvconf/resolv.conf
and add
dns=dnsmasq
rc-manager=resolvconf
in /etc/NetworkManager/NetworkManager.conf,
the problem is gone.
Additionally I re-added the 127.0.1.1 entry in
Requested logs.
The failed first authentication is on Apr 21 11:05:28, immediatly after the
second attempt succeeds.
Before I logged in with the domain account I checked that networking of the
machine worked:
wbinfo -P and wbinfo -p both showed online, wbinfo -u displayed every user.
The DC is
The content is:
# Let NetworkManager manage all devices on this system
network:
version: 2
renderer: NetworkManager
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1764853
Title:
winbind returns
/etc/netplan/ contains 01-network-manager-all.yaml, if I remove it I get no
network connection.
This systems seems to be already migrated to netplan.
/etc/network/interfaces.d/ is empty, /etc/network/interfaces contains
only the default lo interface.
smb.conf:
[global]
workgroup = JDW
1) Yes, it is a desktop system, but not a wireless system, so network is
available (NetworkManager).
I've checked that with ssh-ing into this machine with a local account. Both
wbinfo -p and wbinfo -P showed everything is online. But also in this case the
first domain login failes.
2) It is a
Public bug reported:
The following issue exists only on Ubuntu 18.04
I've upgraded ubuntu from 17.10 and noticed that winbind does not work well.
90% of the time I reboot my system I'm getting PAM_AUTHINFO_UNAVAIL when trying
to log in with a domain account.
clicking login again on the login
Public bug reported:
pppd 2.4.7-2+1ubuntu1 breaks vpn connections to Windows and Mikrotik Servers.
It seams only mschap is broken.
manually compiling https://github.com/paulusmack/ppp/ fixes it, so the problem
seams to be downstream.
Removing replace-vendored-hash-functions.patch seams to fix
The example 2 in my first posting is not an bug since the package
contains /lib/systemd/network/80-container-host0.network. As I wrote
this only affects systemd-nspawn containers
the unexpected "thing" is that when you upgrade you do not expect a
system wide configuration that is active in
Here are the files of the networkmanager systemd-networkd conflict (I
already removed ifupdown, the problem is the same, so we say for sure
networkmanager or systemd-networkd causes the problem)
the output of ip a is the following:
1: lo: mtu 65536 qdisc noqueue state
this was a upgrade so the ifupdown problem should not happen with clean
installs.
How is the migration planned?
If for example one will do a upgrade from 16.04 to the next 18.04 such
problems are a clear show stopper since breaking the network for most
servers will mean needing physical access.
Public bug reported:
Since systemd-234-2ubuntu8 systemd-networkd is enabled by default.
This causes problems existing configurations
ex1: if the network has ipv6 enables (the host recieves a router
advertisement), networkmanager does not configure the network anymore so you
get only ipv6 and
Public bug reported:
Ubuntu zesty samba 4.5.4 installs a pam_winbind version that has missing
symbols, for example
wbcCtxFree
since arch linux does not have this bug I checked what is different
there:
The breaking patch is fix-1584485.patch
If I remove this one it works again (of course
*** This bug is a duplicate of bug 1626112 ***
https://bugs.launchpad.net/bugs/1626112
the fix of bug #1626112 does not resolve this problem
automount gets the wrong UID, so it does not work
if I mount manually with the correct uid= parameter it works as expected (also
with the other
Public bug reported:
Since updating to kernel 4.4.0-38 on ubuntu xenial I cannot access
automount shares anymore
it seems that automount since this update resolves $UID always to 0
instead of the requesting users uid. reverting to the older kernel
resolves this.
Public bug reported:
When expanding the plasma-nm applet only sometimes it shows the current
transmit and recieve speeds.
Usually when it gets expanded the first time it shows this information.
But if you open the network settings dialog (kde5-nm-connection-editor)
it always stopps working until
in samba 4.3.3 in ubuntu xenial the problem is resolved.
The upstream bug is/was https://bugzilla.samba.org/show_bug.cgi?id=10440
As you can see there the proper fix is quite big, maybe not the best idea to
backport to 4.1,
but at least in the next lts version of ubuntu it should be fixed
**
in samba 4.3.3 in ubuntu xenial the problem is resolved.
The upstream bug is/was https://bugzilla.samba.org/show_bug.cgi?id=10440
As you can see there the proper fix is quite big, maybe not the best idea to
backport to 4.1,
but at least in the next lts version of ubuntu it should be fixed
**
Public bug reported:
the template file winbind includes a lot of options that should be in
/etc/security/pam_winbind.conf.
Putting options in the template overwrites the option in
/etc/security/pam_winbind.conf,
So, if you want for example to put the krb5cc outside of tmp, you have to
modify
Public bug reported:
the template file winbind includes a lot of options that should be in
/etc/security/pam_winbind.conf.
Putting options in the template overwrites the option in
/etc/security/pam_winbind.conf,
So, if you want for example to put the krb5cc outside of tmp, you have to
modify
debian now has samba 4.2.1 in experimental. This should be a good
starting point
I've used samba 4.1 and now I am on 4.2 on arch (used as ad-server). 4.2
to me seems to be more stable (winbindd simply works better than the now
obsolete "source4" winbind; even on winbindd they made some
debian now has samba 4.2.1 in experimental. This should be a good
starting point
I've used samba 4.1 and now I am on 4.2 on arch (used as ad-server). 4.2
to me seems to be more stable (winbindd simply works better than the now
obsolete "source4" winbind; even on winbindd they made some
patch applied in ubuntu package
** Changed in: samba (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1355992
Title:
pam_winbind
Public bug reported:
affected with Ubuntu version 14.04.1 and 14.10.
If the user loggs in, he does not see his own full name (geocs).
it is also reporduceable by getent passwd $USER. usually there should be
a field containing the users full name.
if winbindd enumerates all users or winbind rpc
A samba version containing this patch is built in my ppa ppa:saxl/ppa (for
utopic)
There is also a version for trusty, but its also samba 4.1.11 backported from
utopic
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
patch applied in ubuntu package
** Changed in: samba (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1355992
Title:
pam_winbind krb5_ccache_type=FILE
Public bug reported:
affected with Ubuntu version 14.04.1 and 14.10.
If the user loggs in, he does not see his own full name (geocs).
it is also reporduceable by getent passwd $USER. usually there should be
a field containing the users full name.
if winbindd enumerates all users or winbind rpc
A samba version containing this patch is built in my ppa ppa:saxl/ppa (for
utopic)
There is also a version for trusty, but its also samba 4.1.11 backported from
utopic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
in 4.1.11+dfsg-1ubuntu2 the last patch on
https://bugzilla.samba.org/show_bug.cgi?id=10490 is applied.
** Bug watch added: Samba Bugzilla #10490
https://bugzilla.samba.org/show_bug.cgi?id=10490
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
in 4.1.11+dfsg-1ubuntu2 the last patch on
https://bugzilla.samba.org/show_bug.cgi?id=10490 is applied.
** Bug watch added: Samba Bugzilla #10490
https://bugzilla.samba.org/show_bug.cgi?id=10490
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
I have built a package some time ago with the new patch posted on
bugs.samba.org for utopic
(https://launchpad.net/~saxl/+archive/ubuntu/ppa/+build/6263614),
The 4.1.11+dfsg-1ubuntu1saxl1 build works well on my site. The problem
is that I am also the bug reporter on bugs.samba.org, so maybe
I have built a package some time ago with the new patch posted on
bugs.samba.org for utopic
(https://launchpad.net/~saxl/+archive/ubuntu/ppa/+build/6263614),
The 4.1.11+dfsg-1ubuntu1saxl1 build works well on my site. The problem
is that I am also the bug reporter on bugs.samba.org, so maybe
well, I have the same problem with 14.10,
to get a working samba 4.1.11 all you need to do is apply the patch in
this bugreport. It has been dropped when syncing with debian.
In my private ppa there is a working samba version for utopic.
As a longterm workaround I have changed from pam_winbind
well, I have the same problem with 14.10,
to get a working samba 4.1.11 all you need to do is apply the patch in
this bugreport. It has been dropped when syncing with debian.
In my private ppa there is a working samba version for utopic.
As a longterm workaround I have changed from pam_winbind
Public bug reported:
essentially the same as lp #1310919, since 4.1.11+dfsg-1ubuntu1 dropped
the patch krb5_kt_start_seq.diff that is not applied upstream yet
** Affects: samba (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
Public bug reported:
essentially the same as lp #1310919, since 4.1.11+dfsg-1ubuntu1 dropped
the patch krb5_kt_start_seq.diff that is not applied upstream yet
** Affects: samba (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
The behavior of BUILTIN\ is not a bug but is intended like this. The
idmap_ad plugin is only used for the WORKGROUP domain. everything else
is up to idmap config * : range = 10-30. See man idmap_ad
If you try setting a gid to the groups in the AD, does this workaround
the problem? (to be
The behavior of BUILTIN\ is not a bug but is intended like this. The
idmap_ad plugin is only used for the WORKGROUP domain. everything else
is up to idmap config * : range = 10-30. See man idmap_ad
If you try setting a gid to the groups in the AD, does this workaround
the problem? (to be
I can confirm that this fixes the bug for my installations (two
different domains on multiple 14.04 clients), everywhere using kerberos
method = secrets and keytab
and the keytab access set to root:root 600
just a side note: the bug is not in pam_winbind but in winbindd itself
(as you can read
I can confirm that this fixes the bug for my installations (two
different domains on multiple 14.04 clients), everywhere using kerberos
method = secrets and keytab
and the keytab access set to root:root 600
just a side note: the bug is not in pam_winbind but in winbindd itself
(as you can read
I have looked at the source and found a potential problem. This patch
should fix it, but of corse needs some testing.
** Patch added: krb5_kt_start_seq.diff
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1310919/+attachment/4094414/+files/krb5_kt_start_seq.diff
--
You received this
for those who are also affected by this bug: i've uploaded the a samba
package with this patch on my ppa (ppa:saxl/ppa). Building should start
shortly.
p.s.: I have opened a bugreport upstream
(https://bugzilla.samba.org/show_bug.cgi?id=10490), but since older
versions of samba did not have this
I have looked at the source and found a potential problem. This patch
should fix it, but of corse needs some testing.
** Patch added: krb5_kt_start_seq.diff
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1310919/+attachment/4094414/+files/krb5_kt_start_seq.diff
--
You received this
1 - 100 of 112 matches
Mail list logo