Winbind upstart script uses incorrect path to winbindd_privileged
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| samba (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Description: Ubuntu 14.04 LTS
Release: 14.04
winbind:
Installed: 2:4.1.6+
Candidate: 2:4.1.6+
Version table:
*** 2:4.1.6+
500 http://
100 /var/lib/
2:
500 http://
Upstart script seems to think winbindd_privileged lives in /var/run/samba, but it in fact lives in /var/lib/samba by default.
This may have changed in an upstream samba release.
Error in upstart script masks issue by creating winbindd_privileged directory in the wrong place, and then fails to correct the permissions on the actual winbindd_privileged directory, so users that are members of winbindd_priv can't access the socket.
/etc/init/samba:
pre-start script
test -x /usr/sbin/winbindd || exit 0
mkdir -p /var/run/
chgrp winbindd_priv /var/run/
chmod 0750 /var/run/
end script
should be changed to
pre-start script
test -x /usr/sbin/winbindd || exit 0
mkdir -p /var/lib/
chgrp winbindd_priv /var/lib/
chmod 0750 /var/lib/
end script
Official documentation states http://
winbindd privileged socket directory (G)
This setting controls the location of the winbind daemon's privileged socket.
Default: winbindd privileged socket directory = $prefix/
Default is definitely /var/lib.
Package's smb.conf does not set winbindd privileged socket directory nor has it ever AFAIK.
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in samba (Ubuntu): | |
| status: | New → Confirmed |
| Martin Vogt (dekkart) wrote | #2 |
| Philippe Clérié (pclerie) wrote | #3 |
Status changed to 'Confirmed' because the bug affects multiple users.