Univention Bugzilla – Attachment 9997 Details for
Bug 49193
Check if the samba4 Password is changed properly, after a server-password-change
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
2.diff
2.diff (text/plain), 2.21 KB, created by
Arvid Requate
on 2019-04-29 20:38:30 CEST
(
hide
)
Description:
2.diff
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2019-04-29 20:38:30 CEST
Size:
2.21 KB
patch
obsolete
>diff --git a/base/univention-server/server_password_change b/base/univention-server/server_password_change >index 7ce6be04b3..099718e445 100755 >--- a/base/univention-server/server_password_change >+++ b/base/univention-server/server_password_change >@@ -196,7 +196,7 @@ run-parts --verbose --arg localchange --regex '^univention-samba4' -- /usr/lib/u > # if samba-tool user setpassword fails, reset the old password. > if [ $? != 0 ]; then > revert_password_change >- FAIL "resetting old server password for $ldap_hostdn, because samba could not set the new password locally." >+ FAIL "Failed to set new password in samba, machine password set back to old password for $ldap_hostdn." > fi > > # The password is changed on the master now, but it is not clear if >@@ -218,7 +218,7 @@ do > # changes that would only worsen the situation. Instead, try to rollback. > # Reset the old password with UDM and give up. > revert_password_change >- FAIL "resetting old server password for $ldap_hostdn, because access to local LDAP did not work with the new password" >+ FAIL "Access to local LDAP did not work with the new password, machine password set back to old password for $ldap_hostdn." > fi > trial_counter=$(( trial_counter - 1)) > done >diff --git a/services/univention-samba4/server_password_change.d/univention-samba4 b/services/univention-samba4/server_password_change.d/univention-samba4 >index 9745fe5e44..1275a4c67d 100755 >--- a/services/univention-samba4/server_password_change.d/univention-samba4 >+++ b/services/univention-samba4/server_password_change.d/univention-samba4 >@@ -50,6 +50,7 @@ set_machine_secret() { > - > %EOF > if [ "$?" -ne "0" ]; then >+ echo "ERROR: Storing new password in samba secrets.ldb failed." > install -m 0600 /etc/krb5.keytab.SAVE /etc/krb5.keytab > exit 1 > fi >@@ -63,6 +64,8 @@ if [ "$1" = "localchange" ]; then > > ## if samba-tool user setpassword fails, revert changes to secrets.ldb and krb5.keytab > if [ "$?" -ne "0" ]; then >+ echo "ERROR: Changing machine password in Samba failed." >+ echo "INFO: Restoring secrets.ldb and krb5.keytab." > old_password=$(tail -n 1 /etc/machine.secret.old | sed -n 's/^[0-9]*: //p') > ldbmodify -H /var/lib/samba/private/secrets.ldb <<-%EOF > dn: flatname=${windows_domain},cn=Primary Domains
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=9997">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 49193
:
9989
| 9997