[Samba] CentOS 6, BIND_DLZ and kinit errors (Cannot contact any KDC for requested realm)

Thomas Harold thomas-lists at nybeta.com
Sat May 3 08:48:23 MDT 2014


It seems like the BIND 9.8 that ships with CentOS 6.x (and probably RHEL
6.x) is not built with --with-dlopen option.

Platform: CentOS 6.5
BIND 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1

Error seen:

RuntimeError: kinit for HOSTNAME$EXAMPLE.COM failed (Cannot contact any
KDC for requested realm)

Background:

Trying to setup Samba 4 using an existing install of BIND 9.8 as the DNS
backend.  However, even though the configuration files are correct, I'm
still stuck at the "kinit" errors.

Looking at the output from starting 'named' in debug mode:

named -g -c /etc/bind/named.conf -u named -d3
03-May-2014 10:33:42.456 starting BIND
9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 -g -c /etc/bind/named.conf -u
named -d3
03-May-2014 10:33:42.456 built with '--build=x86_64-redhat-linux-gnu'
'--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu'
'--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64'
'--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib'
'--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool'
'--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic'
'--disable-static' '--disable-openssl-version-check'
'--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes'
'--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego'
'--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
'--enable-fixed-rrset' 'build_alias=x86_64-redhat-linux-gnu'
'host_alias=x86_64-redhat-linux-gnu'
'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS= -DDIG_SIGCHASE'

There is no mention of --with-dlopen=yes in there.  That is even though
the bind-9.8.2/README file states that as of 9.8.1, dlopen is built by
default.

...

Am I on the right track here that the base install of BIND on CentOS 6.x
does not include --with-dlopen=yes, even as of the 9.8.2 build?


More information about the samba mailing list