[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

[Andreas Hasenack]

Thanks for filing this bug in Ubuntu.

Is this perhaps a desktop system, where the network is only available
after you login, because of network manager? Or is it a server?

Is it a fresh install of ubuntu bionic 18.04, or did you upgrade from a
previous release? This matters because 18.04 uses netplan for networking
by default if it's a fresh install.


** Changed in: samba (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1764853

Title:
  winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1764853/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1763085] Re: Investigate updating to pacemaker 1.1.18 and corosync 2.4.3

[Corey Bryant]

Nish,

Thanks very much for the update. I successfully performed some testing
with a keystone cluster. The results are in the following paste:
https://paste.ubuntu.com/p/Wtwnyvn8XZ/

Thanks,
Corey

-- 
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1763085

Title:
  Investigate updating to pacemaker 1.1.18 and corosync 2.4.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/corosync/+bug/1763085/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1761737] Re: [bionic] samba PANIC, INTERNAL ERROR: Signal 11

[Andreas Hasenack]

Ok

The smb.conf(5) manpage does state that for "security = ads" or "server
role = member server" to work, the machine must have been joined to the
domain via "net ads join". This is what creates the necessary secrets in
the local secrets tdb database.

My hypothesis is that there was a change in 4.7.x and that when the
secrets are not found, it crashes. Definitely a bug, but we might be in
an unsupported configuration. I have yet to hear from upstream in their
bug.

Here is what we could try:

a) Samba as a standalone server, but using kerberos for authentication. The 
users will exist "locally" via sssd, and samba will be just like any other 
kerberized service authenticating the users via the kdc. For that it will need 
an appropriate service key in /etc/krb5.keytab. I think realm (the tool) only 
extracts host/* keys, not cifs/* keys, and samba might want cifs/* ones.
Note that the realm tool does not change smb.conf as far as I can see, that's 
why you still had "security = user" or "server role = stanalone server" in your 
smb.conf before. That might be a hint.

Also, we have to be careful in this configuration to use the same
username format. SSSD by default likes "usern...@realm.com", and samba
might expect just "username", or "username@WORKGROUP". That kind of
thing.

b) Samba as a normal member server. For this you would have to use "net
ads join". I'm not sure if this would require winbind, probably not.

I can try both scenarios in a clean VM, but I'm a bit out of time and
can't commit to it just yet. If we can't address this for the release,
then an SRU is in order.

I also just tried 4.7.7 quickly and can still reproduce the crash with
the minimal smb.conf I showed in the upstream bug at
https://bugzilla.samba.org/show_bug.cgi?id=13376.

-- 
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1761737

Title:
  [bionic] samba PANIC, INTERNAL ERROR: Signal 11

To manage notifications about this bug go to:
https://bugs.launchpad.net/samba/+bug/1761737/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs