[Samba] Segmentation fault in samba_upgradedns - Samba 4.4.5

Rowland Penny rpenny at samba.org
Fri Sep 2 17:17:25 UTC 2016 

On Fri, 2 Sep 2016 17:33:08 +0100
Cameron Murdoch via samba <samba at lists.samba.org> wrote:

> 
> Thanks for the info. This may be of concern to the Freebsd samba
> maintainer.
> 
> I've done some further debugging of the segfault I get when
> attempting to change to the bind backend.
> 
> To confirm, I get the following:
> 
> [root at dc2 /usr/local/etc]# samba_upgradedns --dns-backend=BIND9_DLZ
> Reading domain information
> Segmentation fault (core dumped)
> 
> I've been carefully adding some debugging prints to the python code,
> and in samba_upgradedns the segfault occurs in this function:
> 
> names = find_provision_key_parameters(ldbs.sam, ldbs.secrets,
> ldbs.idmap, paths, lp.configfile, lp)
> 
> In samba/provision/__init__.py the segfault occurs in this function,
> (which I think is the first occurrence of ndr_unpack in the file):
> 
> names.invocation = str(ndr_unpack(misc.GUID,
> res5[0]["invocationId"][0]))

I will look into this. I have also asked the rest of the team for their
input.


> 
> 
> Also as promised here is my named.conf. I have confimed that Bind is
> working, but bind is not running when I run samba_upgradedns.
> // named.conf
> options {
>         //auth-nxdomain yes;
>         directory       "/usr/local/etc/namedb/working";
>         pid-file        "/var/run/named/pid";
>         dump-file       "/var/dump/named_dump.db";
>         statistics-file "/var/stats/named.stats";
>         notify no;
>         empty-zones-enable no;
> 
>         //listen-on       { 127.0.0.1; };
> 
>         allow-query {
>             127.0.0.1;
>             192.168.50.0/24;
>         };
> 
>         allow-recursion {
>             127.0.0.1;
>             192.168.50.0/24;
>         };
> 
>         // Google public DNS
>         forwarders {
>             8.8.8.8;
>             8.8.4.4;
>         };
> 
> };
> 
> // The traditional root hints mechanism. Use this, OR the slave zones
> below. zone "." { type hint; file
> "/usr/local/etc/namedb/named.root"; };
> 
> // RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
> zone "localhost"        { type master; file
> "/usr/local/etc/namedb/master/localhost-forward.db"; };
> zone "127.in-addr.arpa" { type master; file
> "/usr/local/etc/namedb/master/localhost-reverse.db"; };
> zone "255.in-addr.arpa" { type master; file
> "/usr/local/etc/namedb/master/empty.db"; };
> 
> // RFC 1912-style zone for IPv6 localhost address (RFC 6303)
> zone "0.ip6.arpa"       { type master; file
> "/usr/local/etc/namedb/master/localhost-reverse.db"; };
> 
> 
> Many thanks,
> C

Nothing wrong with what is there, it is what is missing that will give
you problems if you try to start Bind with a Samba AD DC, see here:

https://wiki.samba.org/index.php/Configure_BIND_as_backend_for_Samba_AD

Rowland

More information about the samba mailing list