[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate

Andreas Schneider asn at cryptomilk.org
Mon Sep 7 16:03:47 UTC 2015 

On Monday, September 07, 2015 04:46:54 PM Andreas Schneider wrote:
> On Monday, September 07, 2015 03:45:36 PM Andrew Bartlett wrote:
> > On Thu, 2015-09-03 at 18:53 +0200, Andreas Schneider wrote:
> > > On Friday 28 August 2015 16:50:52 Andrew Bartlett wrote:
> > > > On Fri, 2015-08-28 at 15:52 +1200, Andrew Bartlett wrote:
> > > > > It is, but not in the way you think.  The issue is that we need
> > > > > it to
> > > > > forward DNS queries between the two forests, for the trust to be
> > > > > set
> > > > > up
> > > > > correctly.  While I've currently set up a hack (attached) to make
> > > > > it
> > > > > forward between the two servers, this may break other things.
> > > > > 
> > > > > The autobuild got as far as a smb2.notify test failing, that may
> > > > > or
> > > > > may
> > > > > not be related:
> > > > > 
> > > > > [432(1779)/1870 at 50m34s] samba3.smb2.notify(nt4_dc)
> > > > > TESTING CHANGE NOTIFY BASEDIR EVENTS
> > > > > maximum runtime exceeded for smbtorture - terminating
> > > > > UNEXPECTED(error): samba3.smb2.notify.basedir
> > > > > (samba.subunit.RemotedTestCase)(nt4_dc)
> > > > > REASON: Exception: Exception: was started but never finished!
> > > > > UNEXPECTED(error): samba3.smb2.notify.basedir(nt4_dc)
> > > > > (samba.subunit.RemotedTestCase)
> > > > > REASON: was started but never finished!
> > > > 
> > > > The attached patches help ensure we really use resolv_wrapper, and
> > > > not
> > > > nss_wrapper, and that the 127. addresses used actually get written
> > > > into
> > > > DNS.
> > > 
> > > Hi,
> > > 
> > > the patchset at:
> > > 
> > > https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/master
> > > -selftest
> > > 
> > > should work now. The patch "selftest: Always fake dns for nt4_dc and
> > > fileserver" doesn't have a review. It turns on dns faking for nt4_dc.
> > > If we
> > > join as a member to AD we can contact the AD DNS server.
> > > 
> > > Review and push appreciated!
> > 
> > I would review this, but can you please propose a patch with a clearer
> > 
> > title and rationalle for 'dns faking'.  Can we please define it into:
> >  - nss DNS emulation
> >  - resolv DNS emulation
> 
> nss DNS emulation is used by most of our code.
> resolv DNS emulation is only used for SRV lookups.
> 
> resolv DNS emulation works only because libresolv is a library on its own
> and it is using socket function we wrap with socket_wrapper.
> 
> getaddrinfo calls gethosbyname3 which comes from libnss_dns.so and it calls
> __libc_res_nsearch().
> 
> Maybe we can intercept __libc_res_nsearch(). I have to play around with it.
> 
> > I have real trouble working out which mode dns faking is meant to be,
> > and it has caused me much trouble when attempting to work on this patch
> > set.
> > 
> > It also doesn't work for me, because this still fails:
> > 
> > make -j testenv SELFTEST_TESTENV="fl2003dc:local"
> > 
> > Perhaps you didn't update your branch?  I expected the attached to be
> > included at least (but even with this patch that command fails).
> 
> You can't turn of the nss DNS emulation. At least not yet ...
> 

I've played with resolv_wrapper and added some internal glibc functions of the 
res library. 'getent hosts' works but you can't wrap getaddrinfo(). See the 
following output.


     21429:     transferring control: ./tests/test_dns_fake
     21429:
     21429:     binding file ./tests/test_dns_fake [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `_cmocka_run_group_tests'
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/ld-linux-
x86-64.so.2 [0]: normal symbol `__tls_get_addr' [GLIBC_2.3]
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `_assert_true'
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `malloc' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `getenv' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `print_message'
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `vprint_message'
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `vsnprintf' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `printf' [GLIBC_2.2.5]
[==========] Running 1 test(s).
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `fflush' [GLIBC_2.2.5]
[ RUN      ] test_getaddrinfo
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/librt.so.1 
[0]: normal symbol `clock_gettime' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `signal' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `_setjmp' [GLIBC_2.2.5]
     21429:     binding file ./tests/test_dns_fake [0] to /lib64/libc.so.6 
[0]: normal symbol `memset' [GLIBC_2.2.5]
     21429:     binding file ./tests/test_dns_fake [0] to /lib64/libc.so.6 
[0]: normal symbol `getaddrinfo' [GLIBC_2.2.5]
     21429:     binding file ./tests/test_dns_fake [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `_assert_int_equal'
     21429:     binding file ./tests/test_dns_fake [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `_assert_true'
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `cm_print_error'
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `memcpy' [GLIBC_2.14]
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `_fail'
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `strlen' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `realloc' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `longjmp' [GLIBC_2.2.5]
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `print_error'
     21429:     binding file /lib64/libcmocka.so.0 [0] to 
/lib64/libcmocka.so.0 [0]: normal symbol `vprint_error'
     21429:     binding file /lib64/libcmocka.so.0 [0] to /lib64/libc.so.6 
[0]: normal symbol `fputs' [GLIBC_2.2.5]


This is a test for getaddrinfo() as you can see it doesn't bind any libresolv 
function so we can't wrap. This is why you can't turn off nss_wrapper!


	-- andreas

More information about the samba-technical mailing list