source3/auth/auth_util.c::create_local_token() will sometimes add an erroneous GID token for the group ID -1, which is treated as an 'unsigned int' and converted to 4294967295 (S-1-22-2-4294967295) , resulting in a crash in the syscall to Linux's setgroups().
Additional DEBUG() statements in the source reveal the issue. I'm still working on a fix: setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-0] get_privileges: No privileges assigned to SID [S-1-22-2-0] get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] create_local_token(i=1, server_info->utok.ngroups=0, sid=S-1-22-2-0) create_local_token(i=2, server_info->utok.ngroups=1, sid=S-1-1-0) create_local_token(i=3, server_info->utok.ngroups=2, sid=S-1-5-2) // SID_NT_NETWORK create_local_token(i=4, server_info->utok.ngroups=2, sid=S-1-5-11) create_local_token(server_info->utok.ngroups=2) add_sid_to_array_unique(S-1-22-1-0) create_local_token(server_info->utok.ngroups=2) add_sid_to_array_unique(S-1-22-2-0) add_sid_to_array_unique(S-1-22-2-4294967295) Security token SIDs (6): SID[ 0]: S-1-22-1-0 SID[ 1]: S-1-22-2-0 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-22-2-4294967295 Privileges (0x 0): Rights (0x 0): UNIX token of user 0 Primary group is 0 and contains 2 supplementary groups Group[ 0]: 0 Group[ 1]: 4294967295 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1016895 Title: smbd crashed with SIGABRT in dump_core() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1016895/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
