[Samba] Problem with named.service
Fermin Francisco
abcddo at yahoo.com
Mon Jun 11 17:53:52 UTC 2018
I forgot to say that I updated Centos from 7.4 to 7.5, and I updated samba4 to the new version.
This Would be a problem of records of something like that.
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:45:03 a. m. GMT-4, Fermin Francisco <abcddo at yahoo.com> escribió:
Sorry, the real e-mail is this:
[root at pc ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone domain.local
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#62351: update 'domain.local/IN' denied
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: disallowing update of signer=ADMISIONES1\$\@domain.LOCAL name=ADMISIONES1.domain.local ty...s rights
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#51971/key ADMISIONES1\$\@domain.LOCAL: updating zone 'domain.local/NONE': update ...REFUSED)
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone domain.local
Jun 11 09:06:45 pc named[1278]: samba_dlz: starting transaction on zone domain.local
Jun 11 09:06:45 pc named[1278]: client 172.20.2.23#56645: update 'domain.local/IN' denied
Jun 11 09:06:45 pc named[1278]: samba_dlz: cancelling transaction on zone domain.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:16:55 a. m. GMT-4, Fermin Francisco <abcddo at yahoo.com> escribió:
Good morning!
After I changed some permissions and owners of some files where Rowland told me, I have the next escenary:
[root at proxy ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone gmu.local
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#62351: update 'gmu.local/IN' denied
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: disallowing update of signer=ADMISIONES1\$\@GMU.LOCAL name=ADMISIONES1.gmu.local ty...insuficient access rights
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#51971/key ADMISIONES1\$\@GMU.LOCAL: updating zone 'gmu.local/NONE': update ...REFUSED)
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone gmu.local
Jun 11 09:06:45 proxy named[1278]: samba_dlz: starting transaction on zone gmu.local
Jun 11 09:06:45 proxy named[1278]: client 172.20.2.23#56645: update 'gmu.local/IN' denied
Jun 11 09:06:45 proxy named[1278]: samba_dlz: cancelling transaction on zone gmu.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:53:21 p. m. GMT-4, Fermin Francisco <abcddo at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf
-rw-r--r--. 1 root root 78 Jun 7 17:32 /etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts
-rw-r--r--. 1 root root 193 Dec 4 2017 /etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname
-rw-r--r--. 1 root root 6 Mar 15 2017 /etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf
-rw-r--r-- 1 root named 275 Jun 7 21:14 /etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf
-rw-r----- 1 named named 673 Jun 9 13:00 /etc/named.conf
-----------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf
-rw-r--r--. 1 root root 481 Jun 9 07:50 /usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf
-rwx------. 1 named named 738 Jun 9 13:17 /usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/
total 7276drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot
drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot_sdb
-rw------- 1 named named 59031552 Jun 9 13:17 core.2775
drwxrwx---. 2 named named 4096 Apr 12 14:48 data
-rw------- 1 named named 4619 Jun 9 16:41 _default.tsigkeys
drwxrwx---. 2 named named 4096 Jun 9 10:00 dynamic
drwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap
-rw-r----- 1 root named 2281 May 22 2017 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Apr 12 14:48 slaves
-rw------- 1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj
-rw------- 1 named named 0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinux
lrwxrwxrwx. 1 root root 17 Mar 15 2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4
-rwxr-xr-x. 1 root root 1150 Mar 15 2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab
-rwx------. 1 root named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:13:24 p. m. AST, Fermin Francisco <abcddo at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf-rw-r--r--. 1 root root 78 Jun 7 17:32 /etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts-rw-r--r--. 1 root root 193 Dec 4 2017 /etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname-rw-r--r--. 1 root root 6 Mar 15 2017 /etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf-rw-r--r-- 1 root named 275 Jun 7 21:14 /etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf-rw-r----- 1 named named 673 Jun 9 13:00 /etc/named.conf
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf-rw-r--r--. 1 root root 481 Jun 9 07:50 /usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf-rwx------. 1 named named 738 Jun 9 13:17 /usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/total 7276drwxr-x--- 7 root named 4096 Jun 6 17:01 chrootdrwxr-x--- 7 root named 4096 Jun 6 17:01 chroot_sdb-rw------- 1 named named 59031552 Jun 9 13:17 core.2775drwxrwx---. 2 named named 4096 Apr 12 14:48 data-rw------- 1 named named 4619 Jun 9 16:41 _default.tsigkeysdrwxrwx---. 2 named named 4096 Jun 9 10:00 dynamicdrwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap-rw-r----- 1 root named 2281 May 22 2017 named.ca-rw-r----- 1 root named 152 Dec 15 2009 named.empty-rw-r----- 1 root named 152 Jun 21 2007 named.localhost-rw-r----- 1 root named 168 Dec 15 2009 named.loopbackdrwxrwx--- 2 named named 4096 Apr 12 14:48 slaves-rw------- 1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj-rw------- 1 named named 0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinuxlrwxrwxrwx. 1 root root 17 Mar 15 2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4-rwxr-xr-x. 1 root root 1150 Mar 15 2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab-rwx------. 1 root named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 2:15:50 p. m. AST, Dr. Hansjörg Maurer <hansjoerg.maurer at itsd.de> escribió:
Hi
can you post your /etc/krb5.conf
Regards
Hansjörg
--
Dr. Hansjörg Maurer
itsystems Deutschland AG
Erzgießereistr. 22
80335 München
Tel: +49-89-52 04 68-41
Fax: +49-89-52 04 68-59
E-Mail: hansjoerg.maurer at itsd.de
Web: http://www.itsd.de
Amtsgericht München HRB 132146
USt-IdNr. DE 812991301
Steuer-Nr. 143/100/81575
Aufsichtsratsvorsitzender:
Stefan Adam
Vorstand:
Dr. Michael Krocka
Dr. Hansjörg Maurer
----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an hansjoerg.maurer at itsd.de.
Our system is equipped with an email encryption gateway. If you want email sent to you to be encrypted please send a S/MIME signed email or your PGP public key to hansjoerg.maurer at itsd.de.
More information about the samba
mailing list