Привет ВСЕМ!
делаю все по стандарту...
в /etc/nsswitch.confpasswd: files winbind nisplus
shadow: files winbind nisplus
group: files winbind nisplusв smb.conf
winbind cache time = 15
template shell = /bin/bash
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yesworkgroup = EXAMPLE
security = domain
password server = opmast.example.com
encrypt passwords = yesдобавляем машину в домен :
net rpc join -Adminпроверяем winbindd :
wbinfo -p все отличнопроверяем видит ли winbindd контроллер домена :
wbinfo -pпроверяем авторизацию пользователя:
wbinfo -a авторизация проходитв /etc/squid/squid.conf
auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_resuses 0
auth_param ntlm max_challenge_lifetime 2 minutesauth_param basic program /usr/lib/squid/wb_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hoursпосле этого пытаемся
wb_group -d
выдает следующее :
/wb_group[14612](wb_check_group.c:308): Can't contact winbindd. Dying
Где копать?
система:
FC-3
squid-2.5.stable6-3.rpm
samba-2.2.6 - с исходников
попробую сейчас установить все с rpmЗаранее спасибо.
>[оверквотинг удален]
>
>
>Где копать?
>система:
>FC-3
>squid-2.5.stable6-3.rpm
>samba-2.2.6 - с исходников
>попробую сейчас установить все с rpm
>
>Заранее спасибо.повесь strace на wb_auth
он все покажет
скорее всего, права на сокет winbindd кривоватые
ставим из пакетов и не дурим голову другим людям
хочется с исходникой - правь spec и собирай скока душе угодно
>повесь strace на wb_auth
>он все покажет
>скорее всего, права на сокет winbindd кривоватые
>ставим из пакетов и не дурим голову другим людям
>хочется с исходникой - правь spec и собирай скока душе угоднопри установке из пакетов ничего не изменилось делал strace...
Подскажите где может быть засада. пока попробую сделать это:he Winbind interface changed in Samba and therefore, the winbind components of your Squid version may be don't work correctly. To enable the Squid winbind components to work correctly, before compiling squid, replace the Squid versions of winbindd_nss.h located in the squid/helpers/ directories (there are three: one in the basic_auth/winbind, one in the ntlm_auth/winbind, and one in the external_acl/winbind_group directories) with the Samba version of winbindd_nss.h found in samba/source/nsswitch.
Вот вывод strace...
strace на wb_group -d :
execve("/usr/lib/squid/wb_group", ["/usr/lib/squid/wb_group", "-d"], [/* 21 vars */]) = 0
uname({sys="Linux", node="squidtest", ...}) = 0
brk(0) = 0xf7f5f000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 5
fstat64(5, {st_mode=S_IFREG|0644, st_size=30522, ...}) = 0
old_mmap(NULL, 30522, PROT_READ, MAP_PRIVATE, 5, 0) = 0xf6fde000
close(5) = 0
open("/lib/tls/librt.so.1", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\300"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=51100, ...}) = 0
old_mmap(NULL, 81912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6fca000
old_mmap(0xf6fd2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x7000) = 0xf6fd2000
old_mmap(0xf6fd4000, 40952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6fd4000
close(5) = 0
open("/lib/tls/libpthread.so.0", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\350"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=108424, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6fc9000
old_mmap(NULL, 70132, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6fb7000
old_mmap(0xf6fc5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xd000) = 0xf6fc5000
old_mmap(0xf6fc7000, 4596, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6fc7000
close(5) = 0
open("/lib/tls/libm.so.6", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0c\232"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=215248, ...}) = 0
old_mmap(NULL, 139424, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6f94000
old_mmap(0xf6fb5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x20000) = 0xf6fb5000
close(5) = 0
open("/lib/libresolv.so.2", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\3\243"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=81316, ...}) = 0
old_mmap(NULL, 80040, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6f80000
mprotect(0xf6f8f000, 18600, PROT_NONE) = 0
old_mmap(0xf6f90000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xf000) = 0xf6f90000
old_mmap(0xf6f92000, 6312, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6f92000
close(5) = 0
open("/lib/libnsl.so.1", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\312\244"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=96020, ...}) = 0
old_mmap(NULL, 88288, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6f6a000
old_mmap(0xf6f7c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x11000) = 0xf6f7c000
old_mmap(0xf6f7e000, 6368, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6f7e000
close(5) = 0
open("/lib/tls/libc.so.6", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \217\210"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=1512400, ...}) = 0
old_mmap(NULL, 1207532, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6e43000
old_mmap(0xf6f64000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x120000) = 0xf6f64000
old_mmap(0xf6f68000, 7404, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6f68000
close(5) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6e42000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6e41000
mprotect(0xf6f64000, 8192, PROT_READ) = 0
mprotect(0xf6f7c000, 4096, PROT_READ) = 0
mprotect(0xf6f90000, 4096, PROT_READ) = 0
mprotect(0xf6fb5000, 4096, PROT_READ) = 0
mprotect(0xf6fc5000, 4096, PROT_READ) = 0
mprotect(0xf6fd2000, 4096, PROT_READ) = 0
mprotect(0xf6ffb000, 4096, PROT_READ) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xf6e416c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0xf6fde000, 30522) = 0
set_tid_address(0xf6e41708) = 2321
rt_sigaction(SIGRTMIN, {0xf6fbb3a0, [], SA_RESTORER|SA_SIGINFO, 0xf6fc28a0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0xf6fbb410, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0xf6fc28a0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xfee5f7b8, 30, (nil), 0}) = 0
write(2, "/wb_group[2321](wb_check_group.c"..., 39/wb_group[2321](wb_check_group.c:344): ) = 39
write(2, "External ACL winbindd group help"..., 78External ACL winbindd group helper build Oct 18 2004, 17:26:14 starting up...
) = 78
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
write(2, "/wb_group[2321](wb_check_group.c"..., 39/wb_group[2321](wb_check_group.c:308): ) = 39
write(2, "Can\'t contact winbindd. Dying\n", 30Can't contact winbindd. Dying
) = 30
exit_group(1) = ?
strace yf wb_auth -d :execve("/usr/lib/squid/wb_auth", ["/usr/lib/squid/wb_auth", "-d"], [/* 21 vars */]) = 0
uname({sys="Linux", node="squidtest", ...}) = 0
brk(0) = 0xf85d4000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 5
fstat64(5, {st_mode=S_IFREG|0644, st_size=30522, ...}) = 0
old_mmap(NULL, 30522, PROT_READ, MAP_PRIVATE, 5, 0) = 0xf6fde000
close(5) = 0
open("/lib/tls/librt.so.1", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\300"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=51100, ...}) = 0
old_mmap(NULL, 81912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6fca000
old_mmap(0xf6fd2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x7000) = 0xf6fd2000
old_mmap(0xf6fd4000, 40952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6fd4000
close(5) = 0
open("/lib/tls/libpthread.so.0", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\350"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=108424, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6fc9000
old_mmap(NULL, 70132, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6fb7000
old_mmap(0xf6fc5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xd000) = 0xf6fc5000
old_mmap(0xf6fc7000, 4596, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6fc7000
close(5) = 0
open("/lib/tls/libm.so.6", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0c\232"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=215248, ...}) = 0
old_mmap(NULL, 139424, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6f94000
old_mmap(0xf6fb5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x20000) = 0xf6fb5000
close(5) = 0
open("/lib/libresolv.so.2", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\3\243"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=81316, ...}) = 0
old_mmap(NULL, 80040, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6f80000
mprotect(0xf6f8f000, 18600, PROT_NONE) = 0
old_mmap(0xf6f90000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xf000) = 0xf6f90000
old_mmap(0xf6f92000, 6312, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6f92000
close(5) = 0
open("/lib/libnsl.so.1", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\312\244"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=96020, ...}) = 0
old_mmap(NULL, 88288, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6f6a000
old_mmap(0xf6f7c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x11000) = 0xf6f7c000
old_mmap(0xf6f7e000, 6368, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6f7e000
close(5) = 0
open("/lib/tls/libc.so.6", O_RDONLY) = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \217\210"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=1512400, ...}) = 0
old_mmap(NULL, 1207532, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xf6e43000
old_mmap(0xf6f64000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x120000) = 0xf6f64000
old_mmap(0xf6f68000, 7404, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6f68000
close(5) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6e42000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6e41000
mprotect(0xf6f64000, 8192, PROT_READ) = 0
mprotect(0xf6f7c000, 4096, PROT_READ) = 0
mprotect(0xf6f90000, 4096, PROT_READ) = 0
mprotect(0xf6fb5000, 4096, PROT_READ) = 0
mprotect(0xf6fc5000, 4096, PROT_READ) = 0
mprotect(0xf6fd2000, 4096, PROT_READ) = 0
mprotect(0xf6ffb000, 4096, PROT_READ) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xf6e416c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0xf6fde000, 30522) = 0
set_tid_address(0xf6e41708) = 2333
rt_sigaction(SIGRTMIN, {0xf6fbb3a0, [], SA_RESTORER|SA_SIGINFO, 0xf6fc28a0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0xf6fbb410, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0xf6fc28a0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xfee288e8, 30, (nil), 0}) = 0
write(2, "/wb_auth[2333](wb_basic_auth.c:1"..., 37/wb_auth[2333](wb_basic_auth.c:183): ) = 37
write(2, "basic winbindd auth helper build"..., 70basic winbindd auth helper build Oct 18 2004, 17:25:55 starting up...
) = 70
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lstat64("/var/run/winbindd/pipe", {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
write(2, "/wb_auth[2333](wb_basic_auth.c:1"..., 37/wb_auth[2333](wb_basic_auth.c:160): ) = 37
write(2, "Can\'t contact winbindd. Dying\n", 30Can't contact winbindd. Dying
) = 30
exit_group(1) = ?
вот stat на /var/run/winbindd/pipe :File: `/var/run/winbindd/pipe'
Size: 0 Blocks: 8 IO Block: 4096 socket
Device: fd00h/64768d Inode: 147830 Links: 1
Access: (0777/srwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2007-08-16 22:50:22.330318512 +0800
Modify: 2007-08-16 22:25:03.451223232 +0800
Change: 2007-08-16 22:25:03.451223232 +0800