Comment 0 for bug 1951490

After updating my AD-DC to samba 4.13 I am unable to print from normal user accounts (Windows is logging "Win32 error code returned by the print processor: 50. The request is not supported."). Also the Log is full with entries like this:

[2021/11/19 01:48:37.496949, 0] ../../source3/rpc_server/rpc_server.c:1086(dcesrv_auth_gensec_prepare)
   dcesrv_auth_gensec_prepare: Failed to prepare gensec: NT_STATUS_INVALID_SERVER_STATE

Enabling debug logs show that this is caused by the ownership of a directory which samba complains is not matching:

[2021/11/19 01:48:37.482365, 4, effective(30000XX, 100), real(30000XX, 0)] ../../source3/rpc_server/rpc_ncacn_np.c:110(make_internal_rpc_pipe_socketpair)
  Create of internal pipe \pipe\spoolss requested
[2021/11/19 01:48:37.485785, 3, effective(30000XX, 100), real(30000XX, 0)] ../../lib/util/util.c:483(directory_create_or_exist_strict)
  directory_create_or_exist_strict: invalid ownership on directory /var/lib/samba/private/msg.sock
[2021/11/19 01:48:37.485807, 1, effective(30000XX, 100), real(30000XX, 0)] ../../source3/auth/auth_samba4.c:248(prepare_gensec)
  imessaging_init failed

That is, because /var/lib/samba/private/msg.sock is owned by root:root in my case (and it gets created with those permissions aswell if I delete it), but https://github.com/samba-team/samba/blob/db11778b57610e24324aa4342f89918f66157d71/source4/lib/messaging/messaging.c#L507 uses geteuid() which is sometimes the user ID of the connecting user (as can be seen above, XX is the number that represents the uid of the windows user connecting).

I am not sure if this is also the cause for the printing issue, but this spam in the log is super annoying aswell and should be fixed.

Futher information about the system:
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Arch: amd64
Samba-Version: 2:4.13.14+dfsg-0ubuntu0.20.04.1