[Samba] AD bind DNS broken after 4.7.3 -> 4.9.2 upgrade

Rowland Penny rpenny at samba.org
Wed Jan 2 19:35:04 UTC 2019 

On Wed, 02 Jan 2019 20:09:44 +0100
Král Gergely via samba <samba at lists.samba.org> wrote:

> 2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt írta:
> > Can you try to upgrade to any 4.8 version then to 4.9.4?
> > might work, atleast my guess this will have a better chance get
> > passed this bug.
> > 
> 
> I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But!
> 
> 
> After upgrading the dnsupdate did not work, giving these log messages:
> 
> [2019/01/02 19:18:42.908955,  0] 
> ../source4/smbd/server.c:466(binary_smbd_main)
>    samba version 4.8.5-Debian started.
>    Copyright Andrew Tridgell and the Samba Team 1992-2018
> [2019/01/02 19:18:56.468276,  0] 
> ../source4/smbd/server.c:638(binary_smbd_main)
>    binary_smbd_main: samba: using 'standard' process model
> [2019/01/02 19:19:00.030904,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> [2019/01/02 19:19:00.031193,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
> 176, in _run
> [2019/01/02 19:19:00.031286,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     return self.run(*args, **kwargs)
> [2019/01/02 19:19:00.031360,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
> run [2019/01/02 19:19:00.031595,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     raise e
> [2019/01/02 19:19:00.471859,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> [2019/01/02 19:19:00.472011,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
> 176, in _run
> [2019/01/02 19:19:00.472084,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     return self.run(*args, **kwargs)
> [2019/01/02 19:19:00.472238,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
> run [2019/01/02 19:19:00.472301,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     raise e
> 
> and so on...
> 
> After downgrading from 4.9.2 back to 4.7.3 I experienced the same,
> and I could fix it by running "samba_upgradedns
> --dns-backend=BIND9_DLZ" (at least I guess this fixed it). The
> results of this command were basically the same as on the wiki page.
> But this time the result was exactly the same as with 4.9.2:
> 
> isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ
> Reading domain information
> DNS accounts already exist
> No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone
> DNS records will be automatically created
> DNS partitions already exist
> dns-isa account already exists
> Failed to create link /var/lib/samba/private/dns.keytab -> 
> /var/lib/samba/bind-dns/dns.keytab: No such file or directory
> Failed to chown /var/lib/samba/bind-dns to bind gid 107
> Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107
> Traceback (most recent call last):
>    File "/usr/sbin/samba_upgradedns", line 533, in <module>
>      create_dns_dir(logger, paths)
>    File
> "/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py", line
> 697, in create_dns_dir os.mkdir(dns_dir, 0770)
> OSError: [Errno 2] No such file or directory: 
> '/var/lib/samba/bind-dns/dns'
> 
> 
> I started to panic, but since I ran this with samba stopped, I
> restarted samba and the error messages are gone! The names are
> resolved and the clients are happily updating the records.
> 
> 
> So to summarize, I do not know how it got fixed and why upgradedns
> does not work, but I believe the bug is already included somewhere in
> the 4.8 branch. Even if it works.
> 
> 

OK, this is what I am going to do, I will provision 4.7.12 again,
upgrade it to 4.8.8 and if this works, then upgrade it to 4.9.4,
expecting this to fail, this will then give us a search vector.

Rowland

More information about the samba mailing list