[Bug 1764853] Re: winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

msaxl 1764853 at bugs.launchpad.net
Sat Apr 21 09:54:36 UTC 2018 

Some additions:

I discovered that if I do not symlink /etc/resolv.conf -> /lib/systemd/resolv.conf but /etc/resolvconf/resolv.conf
and add
dns=dnsmasq
rc-manager=resolvconf

in /etc/NetworkManager/NetworkManager.conf,

the problem is gone.

Additionally I re-added the 127.0.1.1 entry in /etc/hosts (should not be
required with systemd-resolved).

This entry is the source of the problem: if it is missing, getaddrinfo
in source3/lib/util.c should get the domain name from systemd-resolve
(hostname -f does, getent hosts <hostname> also), but on the first call
after reboot it does not return the fqdn but only the hostname. Very
strange.. I will look if I find something in systemd-resolve, maybe
there is a regression

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1764853

Title:
  winbind returns PAM_AUTHINFO_UNAVAIL on first login after reboot

Status in samba package in Ubuntu:
  Incomplete

Bug description:
  The following issue exists only on Ubuntu 18.04

  I've upgraded ubuntu from 17.10 and noticed that winbind does not work well.
  90% of the time I reboot my system I'm getting PAM_AUTHINFO_UNAVAIL when trying to log in with a domain account.
  clicking login again on the login screen most of the time succeeds (so the password is correct)

  I've checked if it works if I wait 10 minutes before logging in, no success, so it is not a timing issue.
  Also I've checked if winbind is working (log in with ssh using a local account)
  getent passwd xy and wbinfo -K user%pwd both work always.

  Now my workaround is putting
  winbind request timeout = 3
  in smb.conf, since the PAM_AUTHINFO_UNAVAIL is returned about 60sec after trying to login. This workaround solves nothing, it only makes logging in faster. (But now it fails mostly two times, but waiting 6 seconds is better than 60)

  To me it seems like deadlock, but I was unable to track it since it
  happens only on the first login. Then I would have to reboot
  (restarting winbind does not trigger it twice, also removing all
  caches in /run/samba does not trigger it twice)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1764853/+subscriptions

More information about the foundations-bugs mailing list