[Samba] bind - samba_dlz - insufficient access rights
Robert Moskowitz
rgm at htt-consult.com
Thu Sep 10 20:39:56 UTC 2015
On 09/10/2015 04:30 PM, Reindl Harald wrote:
>
> Am 10.09.2015 um 22:25 schrieb Robert Moskowitz:
>> Rebuilt my server to test that I 'knew' how to build it, and to do it on
>> the net where it will run. Took some effort to get permissions to
>> /var/lib/samba/private/dns/sam.ldb right, and I probably overkilled. But
>> got past that to see:
>>
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> descriptor initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> objectclass initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> asq initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> server_sort initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> paged_results initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> dirsync initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt named[2698]: samba_dlz: ldb: module
>> schema_load initialization failed : insufficient access rights
>> Sep 10 16:21:14 homebase.home.htt systemd[1]: named.service: control
>> process exited, code=exited status=1
>> Sep 10 16:21:14 homebase.home.htt systemd[1]: Failed to start Berkeley
>> Internet Name Domain (DNS).
>>
>> so now what am I missing?
>
> *what are* the permissions
> "ls -lha -R" may help..........
But to what directory/file?
I am guessing:
ls -lha -R /var/lib/samba/private/dns
/var/lib/samba/private/dns:
total 2.9M
drwxr-x--- 3 root named 4.0K Sep 10 13:27 .
drwxr-x--- 7 root named 4.0K Sep 10 16:36 ..
-rw-rw---- 1 root named 2.9M Sep 10 13:27 sam.ldb
drwxr-xr-x 2 root named 4.0K Sep 10 13:27 sam.ldb.d
/var/lib/samba/private/dns/sam.ldb.d:
total 27M
drwxr-xr-x 2 root named 4.0K Sep 10 13:27 .
drwxr-x--- 3 root named 4.0K Sep 10 13:27 ..
-rw------- 1 root named 8.2M Sep 10 13:27
CN=CONFIGURATION,DC=HOME,DC=HTT.ldb
-rw------- 1 root named 8.9M Sep 10 13:27
CN=SCHEMA,CN=CONFIGURATION,DC=HOME,DC=HTT.ldb
-rw------- 2 root named 4.1M Sep 10 13:27
DC=DOMAINDNSZONES,DC=HOME,DC=HTT.ldb
-rw------- 2 root named 4.1M Sep 10 13:27
DC=FORESTDNSZONES,DC=HOME,DC=HTT.ldb
-rw-r--r-- 1 root named 1.3M Sep 10 13:27 DC=HOME,DC=HTT.ldb
-rw-r----- 2 root named 412K Sep 10 15:10 metadata.tdb
> some sane software refuses to run with *too wide* open permissions as
> well fails with to tight ones
Yes. I would not be supprised that I was hitting on the wrong
permissions problem all along and opened up something best left closed.
I wonder what is missing in the script/instructions in sernet and
classicupgrade that resulted in permissions problems to begin with.
More information about the samba
mailing list