#953530 samba-common-bin: post-install fails with "lock directory /run/samba does not exist" #953530
- Package:
- samba-common-bin
- Source:
- samba
- Description:
- Samba common files used by both the server and the client
- Submitter:
- Gian Piero Carrubba
- Date:
- 2022-05-29 18:03:55 UTC
- Severity:
- serious
While upgrading samba-common-bin from 2:4.11.5+dfsg-1 to 2:4.11.5+dfsg-1+b1: ERROR: pid directory /run/samba does not exist Server role: ROLE_STANDALONE dpkg: error processing package samba-common-bin (--configure): installed samba-common-bin package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: samba-common-bin E: Sub-process /usr/bin/dpkg returned an error code (1) --- samba-common-bin was installed as a dependency of smbclient, the "server role" message is misleading as I don't have any need for a SMB server (and for any lock or pidfile, afaik). Thank you, Gian Piero.
I just ran into the same issue with a fresh install of
2:4.11.5+dfsg-1+b1. For reference, packaging/systemd/README contains
the following warning:
Presumably that should be changed to
/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/samba.conf
for the current Debian packaging.
Cheers,
Kevin
packaging/systemd/README: https://git.samba.org/samba.git/?p=samba.git;a=blob;f=packaging/systemd/README
Fwiw, ubuntu reporters have hit this issue as well: https://bugs.launchpad.net/debian/+source/samba/+bug/1886114 We've not yet reproduced the error about /run/samba, but I found one way to make it fail to get into an installation failure state: $ sudo apt-get install samba $ sudo apt-get remove --purge samba-common-bin $ sudo rm -rf /run/samba $ sudo rm -rf /etc/samba $ sudo apt-get install samba-common-bin Reading package lists... Done ... Setting up samba-common-bin (2:4.13.3+dfsg-1ubuntu2) ... Checking smb.conf with testparm Load smb config files from /etc/samba/smb.conf Error loading services. dpkg: error processing package samba-common-bin (--configure): installed samba-common-bin package post-installation script subprocess returned error exit status 1 After this it will continue to exhibit error messages similar to what other reporters have seen. To restore the system back to working order, this seems to do it: $ sudo apt-get remove --purge *samba* $ sudo apt-get install samba I tried tampering with and removing /run/samba at various points, and tinkering with /usr/lib/tmpfiles.d/samba.conf in various ways, but wasn't able to generate the "lock directory /run/samba does not exist" issue. I also tested the above with 2:4.11.6+dfsg-0ubuntu1.6, and found it gives identical behavior as above.
the 'found' version so I won't have to do this. =============================================================== Preparing to unpack .../09-samba-common-bin_2%3a4.13.14+dfsg-1+b2_amd64.deb ... Unpacking samba-common-bin (2:4.13.14+dfsg-1+b2) over (2:4.13.14+dfsg-1+b1) ... ... Setting up samba-common-bin (2:4.13.14+dfsg-1+b2) ... Checking smb.conf with testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. Weak crypto is allowed ERROR: lock directory /run/samba does not exist ERROR: pid directory /run/samba does not exist Server role: ROLE_STANDALONE dpkg: error processing package samba-common-bin (--configure): installed samba-common-bin package post-installation script subprocess returned error exit status 1 ... Errors were encountered while processing: samba-common-bin [master 549da0e] committing changes in /etc made by "aptitude safe-upgrade" 1 file changed, 382 insertions(+), 449 deletions(-) rewrite ssh/moduli (99%) E: Sub-process /usr/bin/dpkg returned an error code (1) Setting up samba-common-bin (2:4.13.14+dfsg-1+b2) ... Checking smb.conf with testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. Weak crypto is allowed ERROR: lock directory /run/samba does not exist ERROR: pid directory /run/samba does not exist Server role: ROLE_STANDALONE dpkg: error processing package samba-common-bin (--configure): installed samba-common-bin package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: samba-common-bin =============================================================== And indeed I do not have a /run/samba/ directory on my Bookworm system/server. I don't think it's relevant, but it (still?) has sysv-init as init. (And is a Xen dom0 host.)
After I manually created /run/samba/, the installation succeeded.
Hi, Gian Piero Carrubba wrote: Diederik de Haas wrote: too (on purpose). This is indeed unrelated. For me it was a Xen DomU (i.e. a Xen guest host) and an EeePC 900A (i.e. a netbook) without any virtualisation. Diederik de Haas wrote: So I suspect that the init script for some reason no more creates that directory. Diederik de Haas wrote: The reason why this pops up now with multiple people again is probably that we had a bunch of important kernel updates and hence reboots and empty /run/ tmpfs after reboot — which brings up this issue again even if you had created /run/samba/ manually after the previous reboot. Regards, Axel
Yeah, that's a pattern :-) Looking a bit further and I found https://bugs.debian.org/975422 through https://salsa.debian.org/samba-team/samba/-/commit/0c3b2056764cd1a566766c3e1764d7c312eab5d7 titled: "Ensure systemd-tmpfiles is called before testparm (Closes: #975422)" This seems highly relevant for this issue. My (Xen Dom0) *Bookworm* system/server is somewhat unusual in that it's off most of the time and reboots (or cold boots) happen more regular then what most people expect for a Xen Dom0 system. Not sure what to make of this and whether it's relevant ... Cheers, Diederik
23.03.2022 16:38, Diederik de Haas wrote: How about just mkdir -p /run/samba at the place of #DEBHELPER# in there ? /mjt
We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 953530@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated samba package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Tue, 05 Apr 2022 16:01:25 +0300
Source: samba
Architecture: source
Version: 2:4.16.0+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 862338 878612 953530 975882 988197 998423 1004690 1004691 1004692 1005642 1006875
Changes:
samba (2:4.16.0+dfsg-1) experimental; urgency=medium
.
* New upstream major release.
Closes: #1004690, CVE-2021-20316: Fileserver symlink metadata share escape
Closes: #1004691, CVE-2021-43566: mkdir race condition allows share escape
Closes: #1004692, CVE-2021-44141: UNIX extensions in SMB1 disclose whether
the outside target of a symlink exists
Closes: #1005642 (windows client data corruption due to cache poisoning)
Closes: #988197 (legacy printing support, 47d79d7e7e406f7dd2)
Closes: #998423 (coredump connecting from macos to shares with var substs)
* Notable changes in 4.16 series compared to 4.13:
- modular VFS (see The_New_VFS.txt)
- publishing printers in AD is more complete
- group policies for winbindd cilents (like linux systems)
- certificate auto enrollement in AD group policy
- large list of improvements in samba-tool
- SMB1 protocol has been deprecated, some subcommands has been removed
- more consistend options/subcommands in samba commands
* d/rules: export PYTHONHASHSEED=1. This makes lots of sporadic build-time
debian-specific failures to go away, by preserving order of waf hashes
* refresh patches, update build-depend versions (talloc, tdb, tevent)
* refresh lintian-overrides files, add many new overrides
* build-depend on python3-markdown
* build-depend on libjson-perl for new heimdal bits
* more consistent internal lib naming; refresh file lists everywhere
* samba: install new rpc_* services, install samba-dcerpc
* refresh symbols files
* build libldb from samba sources, not from separate source
(this moves ldb plugins from /usr/lib/$triple/ldb/plugin/ldb/ to
/usr/lib/$triple/samba/ldb/ - the same where dsdb modules are).
* optimizations for d/make_shlibs; also allow one to specify explicit
version for some packages
* as per clarifications for waf --{bundled,builtin}-libraries, remove
now-wrong usage there. This also fixes build failures with current
samba sources
* d/rules: various optimizations to reduce startup costs by eliminating
unnecessary external command calls during d/rules read by make.
Including caching of LDB version information in d/ldb-version.mk file.
This does not affect the buildd processing much (and does not affect
runtime at all), but helps with build procedure debugging.
* d/rules: numerous small fixes, cleanups and other changes, including:
- clean up the install target
- remove some now-irrelevant parts
- fix no-glusterfs-build on non-linux
* change build procedure: instead of `waf build', run `waf install'.
`waf build' builds samba to be run from the build dir, and `waf install'
rebuilds/relinks everything again for production. Build the production
variant only, no build-dir one.
* samba-common-bin.postinst: explicitly mkdir /run/samba before invoking
samba binaries (Closes: #953530)
* in the salsa git repository of samba, stop keeping debian patches in
applied form, keep them in d/patches/ only as most other packages do.
* move single python (helper) module, libsamba-policy, together with
2 internal libraries used by it, from samba-libs package to python3-samba.
This makes samba-libs to be free from python-related files, and makes
python3-samba to be the only python-providing package.
Closes: #1006875, #878612, #862338
* also move dckeytab python module from samba to python3-samba
(actually stop moving it from python3-samba to samba to incorrectly
avoid a circular dependency). Also verify that python3-samba does
not depend on samba package.
* weak-crypto-allowed-clarify.diff: clarify "weak crypto is allowed"
testparm message (Closes: #975882)
* spelling.patch: fix many common spelling mistakes in the source
* ctdb: simplify/cleanup instllation of READMEs/examples
* d/control: remove breaks/replaces/depends on ancient versions of some
packages (ancient dpkg version in Pre-Depends, ancient samba-libs)
* d/rules: rework wrong shlibdeps handling
* move helper programs from /usr/lib/$multiarch/ to /usr/libexec/
where they belongs. This should not affect users.
* smbclient: re-do the fix for an old bug, #221618. The original "fix"
did not fix anything (it is too late already to #define _FILE_OFFSET_BITS
when all types has already been defined). From now on, raise an error
if off_t is less than 64bits (it should >=64 when #include'ing
<libsmbclient.h> with proper LFS defines). In theory this can break
some sources which either included libsmbclient.h without a reason or
which didn't use any of the functions which deals with off_t (smbc_lseek
etc), - which did not explicitly enable LFS on a 32bit system.
Please email us if you faced such situation.
* drop 07_private_lib patch: we do not need to force rpath for
private libraries into every samba binary, upstream build system
does a good job here.
Checksums-Sha1:
ac4dcf7872c3fd7367b88b8e3065a93f1b26d2c8 4265 samba_4.16.0+dfsg-1.dsc
41afac83620ded6de15b3fe74f7505f0a0cc5148 18124712 samba_4.16.0+dfsg.orig.tar.xz
81d9b4f61332ec1a04a578cd9b98ea8fb8770967 259416 samba_4.16.0+dfsg-1.debian.tar.xz
176ab81041f9d7e7a31bba072d87eb5395273f01 8757 samba_4.16.0+dfsg-1_source.buildinfo
Checksums-Sha256:
14d65b1408a4c0b3c2a6eb128f741b741b08291431cc6f17cb6ae19a7ec010f8 4265 samba_4.16.0+dfsg-1.dsc
440096f6743ab83a838a0a736c74f3505b9a5e0a416d01c616e47c260ed8058d 18124712 samba_4.16.0+dfsg.orig.tar.xz
16715dee5a9ac1dbd21f885894c82f4d67b2ffb1fc318165d957231aa1d0f075 259416 samba_4.16.0+dfsg-1.debian.tar.xz
8d1b3100872eeee8342557bb51a196f053e39858ea1ba1475d93c489423ab82c 8757 samba_4.16.0+dfsg-1_source.buildinfo
Files:
17cdb99e5329eea8c1ee694614d8f25d 4265 net optional samba_4.16.0+dfsg-1.dsc
fd69b391b0ba348d61c243dab194efbc 18124712 net optional samba_4.16.0+dfsg.orig.tar.xz
2aedfb68b3005f957ad30f29cd1722cc 259416 net optional samba_4.16.0+dfsg-1.debian.tar.xz
355fc7b692fea393d738ce05b6a391ca 8757 net optional samba_4.16.0+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmJMPngPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZZucH/RGoWcAz9XjQmtApfhBdSxMniHVy/eNYDeoR
u4u/33oU/Kwtm2keIxzeAjr88HEIxU9vCPKhreE/7skioclvQHS4/OfZNOSa7q0z
Qj8RKMo3qoNhZaYrPZJ12zkj+cmnIoqEVa8mgMnvVl4VGg9TfegxMbtNN0sWGtAk
yICDIJcn3IQ6/BTfXt2SVstiIHKz5L56xHVBx2LRfZZQfynGP9d/VHxWIo2EBHhi
Q6BVTcrqk3BJ436oKe3QDOL08aCOFypLTh9+zhov56WkbcN5aVqd5qQSNM6ng4Xp
2veROWwV9ngzPF3H+G8WyXZo9aJesRlqFOPr2/jDd3tARkgjL70=
=f4yZ
-----END PGP SIGNATURE-----
We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 953530@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated samba package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sat, 28 May 2022 22:52:59 +0300
Source: samba
Architecture: source
Version: 2:4.13.13+dfsg-1~deb11u4
Distribution: bullseye-proposed-updates
Urgency: medium
Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 953530 998423 999876 1001053 1004691 1005642 1006935 1009855
Changes:
samba (2:4.13.13+dfsg-1~deb11u4) bullseye-proposed-updates; urgency=medium
.
* fix the order of everything during build by exporting PYTHONHASHSEED=1
for waf. This should fix the broken i386 build of the last security
upload. Closes: #1006935, #1009855
* Import the left-over patches from 4.13.17 upstream stable branch:
- s3-winbindd-fix-allow-trusted-domains-no-regression.patch
https://bugzilla.samba.org/show_bug.cgi?id=14899
Closes: #999876, winbind fails to start with `allow trusted domains: no`
- IPA-DC-add-missing-checks.patch
https://bugzilla.samba.org/show_bug.cgi?id=14903
- CVE-2020-25717-s3-auth-fix-MIT-Realm-regression.patch
https://bugzilla.samba.org/show_bug.cgi?id=14922
Closes: #1001053, MIT-kerberos auth broken after 4.13.13+dfsg-1~deb11u2
- dsdb-Use-DSDB_SEARCH_SHOW_EXTENDED_DN-when-searching.patch
https://bugzilla.samba.org/show_bug.cgi?id=14656
https://bugzilla.samba.org/show_bug.cgi?id=14902
- s3-smbd-Fix-mkdir-race-condition-allows-share-escape.patch
https://bugzilla.samba.org/show_bug.cgi?id=13979
Closes: #1004691, CVE-2021-43566: mkdir race condition allows share escape
* 4 patches from upstream to fix possible serious data corruption issue
with windows client cache poisoning, Closes: #1005642
https://bugzilla.samba.org/show_bug.cgi?id=14928
* two patches from upstream to fix coredump when connecting to shares
with var substitutions, Closes: #998423
https://bugzilla.samba.org/show_bug.cgi?id=14809
* samba-common-bin.postinst: mkdir /run/samba before invoking samba binaries
Closes: #953530
* remove file creation+deletion from previously applied combined patches
CVE-2021-23192-only-4.13-v2.patch & CVE-2021-3738-dsdb-crash-4.13-v03.patch
to make patch deapply happy (quilt does not notice this situation)
* d/salsa-ci.yml: target bullseye
Checksums-Sha1:
0ca51aa2da29720bbd031f3312a2cd9b1510e2e1 4034 samba_4.13.13+dfsg-1~deb11u4.dsc
3a47efcafa28d4822f1255a013a5f6e969c08fd9 473752 samba_4.13.13+dfsg-1~deb11u4.debian.tar.xz
5fdee37732717fb03c62f3a1192e362e33d9dfd1 8990 samba_4.13.13+dfsg-1~deb11u4_source.buildinfo
Checksums-Sha256:
8a73f505c06f019493f5f072849883f91225d153dc04cf29b0c842db95f2f122 4034 samba_4.13.13+dfsg-1~deb11u4.dsc
400ee978570b9e4660504dd78134cc48c49976f7779c0d91d50759194fdb577b 473752 samba_4.13.13+dfsg-1~deb11u4.debian.tar.xz
acd609e8ea1a52aae286c1b4c8627786fc8e942318ab37aaf1647441929933e9 8990 samba_4.13.13+dfsg-1~deb11u4_source.buildinfo
Files:
a6145bfa833244fe4cb634424a6788a0 4034 net optional samba_4.13.13+dfsg-1~deb11u4.dsc
608b6314448bc0d7caf365567f1ceade 473752 net optional samba_4.13.13+dfsg-1~deb11u4.debian.tar.xz
a91c6e2d38554116a6032357bb70bcdd 8990 net optional samba_4.13.13+dfsg-1~deb11u4_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmKSfjIPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZNgUH/0jEPHRjiCZG3HXAYsOvT4W8c++knegy0qEM
GWJen2oFCCNQQCGcxzATDPOk2YuzFjgWBnvxsTKDqPXtZCZxIomzr/rAmf5UmIc6
y2Qlbl9CnrgTlQbfUiUEEuvd306VDg3zff0ttsEAkiSp/PmBPpTqA2dnXZuPfnZo
l/3xfq936EdjeTaHAsZkerH5+4W34W8ZM2PqGJ2gjWGCfWaK450UAWJIMEFK6hFB
8SdmE4M8PmK3eEhe8bSt1IRoYS0/juTRdpaZnP5dJ9qSiDy9Rf5zk4YQjFTAoTJP
+giD8JgtrzCcoQ1GSy2N6TuulsG1ipafxSpYg9he/J6FT79qS8U=
=ssEN
-----END PGP SIGNATURE-----