[CentOS] Samba and TCPWrappers

Tue Sep 25 11:23:20 UTC 2007
Bob Chiodini <bchiodini at gmail.com>

Good Morning,

I have a Centos 4.5 (x86_64) server running samba to share data with 
windows users.  We've been going through a security audit and the 
following log entries were noted:

[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)

  get_alias_user_groups: gid of user bendew doesn't exist. Check your /etc/passwd and /etc/group files

[2007/09/24 09:37:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)

  get_domain_user_groups: primary gid of user [nobody] is not a Domain group !

  get_domain_user_groups: You should fix it, NT doesn't like that

[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)

  get_alias_user_groups: gid of user nobody doesn't exist. Check your /etc/passwd and /etc/group files

[2007/09/24 09:37:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)

  get_domain_user_groups: primary gid of user [mark] is not a Domain group !

  get_domain_user_groups: You should fix it, NT doesn't like that

[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)

  get_alias_user_groups: gid of user mark doesn't exist. Check your /etc/passwd and /etc/group files

I am using tcpwrappers and have blocked the subnets that should not 
access my server.  The IP of the auditor is within one of the blocked 
subnets, but still seems to be getting through.  Is samba integrated 
with tcpwrappers.  ldd smbd does not show a reference to libwrap, should it?

Bob...