After a System upgrade from Ubuntu Precise Pangolin to Trusty Tahr I wasn’t able to connect to the server using SMB. The server is part of a active directory. Reading the documentation through, I figured out that wbinfo worked flawless, but the user was not found when using id.
$ wbinfo -u
$ id my.user
id: my.user: no such user
/etc/nsswitch.conf need be configured right (winbind must be configured), but it was in my case:
passwd: compat winbind
group: compat winbind
Using strace, I figured out that libnss_winbind.so.2 wasn’t found by id. In the end, the solution was easy as that:
$ sudo apt-get install libnss-winbind
$ sudo service winbind restart
winbind start/running, process 3399
$ id my.user
uid=10006(my.user) gid=10002(domain user) groups=...
On Fedora 20, when using git send-email I always got this error:
Unable to initialize SMTP properly. Check config and use --smtp-debug. VALUES: server=my.server.com encryption=ssl hello=my.host.com port=465 at /usr/libexec/git-core/git-send-email line 1255.
Even using the suggested parameter –smtp-debug 1 did not help, I get the exactly same output with that parameter. In the end, it turned out the self-signed certificate is not accepted right away (which of course is good) but lead to no specific error message (which is not so good). However, using the parameter –smtp-ssl-cert-path “” disables certificate verification, which already allowed me to send the e-mail.
However, one want to install the certificate in a way that its always accepted. git send-email relies on OpenSSL certificate database. In order to add an additional CA certificate one has to add it to /etc/pki/tls/certs and create a symlink to its hash.
$ curl http://url.to/root.crt -o myroot.crt
$ openssl x509 -noout -in myroot.crt -fingerprint
If you are paranoid, and you should be nowadays, verify your fingerprint at this point 🙂
# mv myroot.crt /etc/pki/tls/certs
# cd /etc/pki/tls/certs
# openssl x509 -in myroot.crt -out myroot.pem -outform PEM
# ln -s myroot.pem `openssl x509 -hash -noout -in myroot.pem`.0
This works also for Arch Linux, however the OpenSSL certificates are located under /etc/ssl/certs/. Also for SMTP with SSL to work, the following packages are needed
pacman -S perl-net-smtp-ssl perl-authen-sasl