[Samba] samba4 samba3 installed and running

Eric eric at bootz.us
Tue Sep 7 17:11:05 MDT 2010


   # Support for Samba4
   /usr/local/samba/private/named.conf.update r,
   /usr/local/samba/private/dns.keytab kr,
   /var/tmp/DNS_104 w,

Implementing the confuration above allowed me to restart bind 
successfully, now I'm just getting:
***rndc: connect failed: 127.0.0.1#953: connection refused***
However, I do not think this a "samba config with DNS issue" anymore as 
I was was hastily making changes to DNS to solve the problem, so 
everything looks good.

HUGE THANKS!


On 09/06/2010 06:47 AM, Michael Wood wrote:
> On 6 September 2010 04:59, Eric<eric at bootz.us>  wrote:
>    
>> Bind won't start after implementing:
>> Step 8 Configure DNS --from-- http://wiki.samba.org/index.php/Samba4/HOWTO
>>
>> Here are my System Logs:
>> Sep  5 22:27:12 saturn named[4068]: loading configuration from
>> '/etc/bind/named.conf'
>> Sep  5 22:27:12 saturn named[4068]: /usr/local/samba/private/named.conf:14:
>> open: /usr/local/samba/private/named.conf.update: permission denied
>> Sep  5 22:27:12 saturn named[4068]: loading configuration: permission denied
>> Sep  5 22:27:12 saturn named[4068]: exiting (due to fatal error)
>>      
> It's probably Apparmor blocking access to /usr/local/samba/private/*
> and /var/tmp/DNS_104.
>
> I have this in my /etc/apparmor.d/usr.sbin.named file:
>
>    # Support for Samba4
>    /usr/local/samba/private/named.conf.update r,
>    /usr/local/samba/private/dns.keytab kr,
>    /var/tmp/DNS_104 w,
>
> Run "invoke-rc.d apparmor reload" after changing that file.  I'm not
> sure if the DNS_104 file will always be called that, but when I tried
> it, that's what it was called.  I'm not sure what it's used for, but
> something to do with GSSAPI it seems.
>
>    
>> I am using Ubuntu Lucid, all packages are uptodate.
>>
>> I have installed source4 and source3 with the goal of creating franky
>>      
> I think that the plans for how to merge Samba3 and Samba4 have changed
> a bit since the original "franky" plan.
>
> I've CCed the samba-technical list in case someone there would like to
> comment on this :)
>
>    
>> Here is some extra info:
>> The first scan is with the include in my named.conf.local the second is
>> without the include, as you can see BIND starts right back up again no
>> problem
>> I have changed group permissions to reflect group "bind" on named.conf and
>> named.conf.update, because I thought that might be the issue... it did not
>> seem to work, also group permissions for bind are read only.
>> --------------------------------------------------------------------
>>
>> nmap -sS -sV -O -T4 -n -v 192.168.1.103
>>
>> 192.168.1.103
>> 80/tcp  open  http      Apache httpd 2.2.14 ((Ubuntu))
>> 389/tcp open  ldap      OpenLDAP 2.2.X
>> 464/tcp open  kpasswd5?
>> 749/tcp open  rpcbind
>> Device type: general purpose
>> Running: Linux 2.6.X
>> OS details: Linux 2.6.17 - 2.6.24
>> Network Distance: 0 hops
>> TCP Sequence Prediction: Difficulty=198 (Good luck!)
>> IP ID Sequence Generation: All zeros
>> Nmap done: 1 IP address (1 host up) scanned in 33.75 seconds
>> --------------------------------------------------------------------
>> --------------------------------------------------------------------
>> --------------------------------------------------------------------
>>
>> nmap -sS -sV -O -T4 -n -v 192.168.1.103
>>
>> 192.168.1.103
>> 53/tcp    open  domain      ISC BIND 9.7.0-P1
>> 80/tcp    open  http        Apache httpd 2.2.14 ((Ubuntu))
>> 135/tcp   open  msrpc?
>> 139/tcp   open  netbios-ssn Samba smbd 3.X (workgroup: SATURN)
>> 389/tcp   open  ldap        OpenLDAP 2.2.X
>> 445/tcp   open  netbios-ssn Samba smbd 3.X (workgroup: SATURN)
>> 1024/tcp  open  kdm?
>> 10000/tcp open  http        Webmin httpd
>> Device type: general purpose
>> Running: Linux 2.6.X
>> OS details: Linux 2.6.17 - 2.6.24
>> Network Distance: 0 hops
>> TCP Sequence Prediction: Difficulty=201 (Good luck!)
>> IP ID Sequence Generation: All zeros
>> Nmap done: 1 IP address (1 host up) scanned in 108.24 seconds
>> --------------------------------------------------------------------
>>
>> Thanks for any help,
>> Eric
>>      
>    



More information about the samba mailing list