[Pkg-samba-maint] Bug#705251: smbclient -L produces suspicious DNS lookup failures in log.nmbd
Ilguiz Latypov
ilatypov at rim.com
Thu Apr 11 23:29:52 UTC 2013
Package: smbclient
Version: 2:3.6.13-1
Severity: minor
Dear Maintainer,
* What led up to the situation?
Ran smbclient -A /etc/credentials-USER -L HOST.example.net
* What exactly did you do (or not do) that was effective (or
ineffective)?
Ran the above command.
* What was the outcome of this action?
The list of shares showed up with a harmless NT_STATUS_CONNECTION_RESET
message in the bottom.
read_fd_with_timeout failed, read error = NT_STATUS_CONNECTION_RESET.
Receiving SMB: Server 10.65.25.54 stopped responding
session request to HOST.EXAMPLE.NET failed (Read error: Connection reset
by peer)
The log file /var/log/samba/log.nmbd had this,
[2013/04/11 19:15:09, 3]
nmbd/nmbd_winsserver.c:2068(wins_process_name_query_request)
wins_process_name_query: name query for name HOST.EXAMPLE.NE<20>
returning DNS fail.
My /etc/request-key.conf has my correction against a dns_resolver from
/sbin/key.dns_resover that worked around mounting DFS shares,
#create dns_resolver * * /sbin/key.dns_resolver
%k
create user debug:* negate /bin/keyctl negate %k
30 %S
create user debug:* rejected /bin/keyctl reject %k 30 %c
%S
create user debug:* expired /bin/keyctl reject %k 30 %c
%S
create user debug:* revoked /bin/keyctl reject %k 30 %c
%S
create user debug:loop:* * |/bin/cat
create user debug:* * /usr/share/keyutils
/request-key-debug.sh %k %d %c %S
# Follow a separate entry in /etc/request-key.d/
#create cifs.spnego * * /usr/sbin/cifs.upcall
-t %k
# Do not follow man cifs.upcall suggesting to prefer key.dns_resolver to
# cifs.upcall as the former receives -126 from a call to
# keyctl_instantiate_iov().
create dns_resolver * * /usr/sbin/cifs.upcall
-t %k
negate * * * /bin/keyctl negate %k
30 %S
I kept another option in a separate file /etc/request-
key.d/cifs.spnego.conf,
create cifs.spnego * * /usr/sbin/cifs.upcall -t %k
Running the same command against the short hostname HOST produced same list
without the message.
I have the recommended version of cifs-utils,
$ dpkg -S /usr/sbin/cifs.upcall
cifs-utils: /usr/sbin/cifs.upcall
$ dpkg -l cifs-utils
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-
pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture
Description
+++-===========================-==================-==================-===========================================================
ii cifs-utils 2:5.5-1 i386
Common Internet File System utilities
* What outcome did you expect instead?
No reset message, no suspicious DNS lookups.
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 3.8-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages smbclient depends on:
ii dpkg 1.16.10
ii libc6 2.13-38
ii libcap2 1:2.22-1.2
ii libcomerr2 1.42.5-1.1
ii libgssapi-krb5-2 1.10.1+dfsg-5
ii libk5crypto3 1.10.1+dfsg-5
ii libkrb5-3 1.10.1+dfsg-5
ii libldap-2.4-2 2.4.31-1
ii libpopt0 1.16-7
ii libreadline6 6.2+dfsg-0.1
ii libtalloc2 2.0.8-0.1
ii libtdb1 1.2.10-2
ii libtinfo5 5.9-10
ii libwbclient0 2:3.6.13-1
ii samba-common 2:3.6.13-1
ii zlib1g 1:1.2.7.dfsg-13
smbclient recommends no packages.
Versions of packages smbclient suggests:
ii cifs-utils 2:5.5-1
-- no debconf information
More information about the Pkg-samba-maint
mailing list