[Samba] self compiled 4.10.3 replication failure.

Andrew Bartlett abartlet at samba.org
Tue May 21 00:34:48 UTC 2019 

On Mon, 2019-05-20 at 20:11 -0400, Tom Diehl via samba wrote:
> On Mon, 20 May 2019, Nico Kadel-Garcia wrote:
> 
> > On Mon, May 20, 2019 at 3:33 PM <me at tdiehl.org> wrote:
> > > 
> > > On Sat, 18 May 2019, Nico Kadel-Garcia wrote:
> > > 
> > > > On Wed, May 15, 2019 at 4:32 PM Tom Diehl via samba
> > > > <samba at lists.samba.org> wrote:
> > > > > 
> > > > > Hi,
> > > > > 
> > > > > I have a new Centos 7.6 VM that I self compiled 4.10.3 and joined it to an
> > > > > existing samba AD domain that has 2 existing DCs. One of the existing DCs is
> > > > > running 4.8.7 and the other is running 4.7.7. Everything looks OK except
> > > > > that when I run samba-tool drs showrepl on the new DC (VDC4) I get the
> > > > > following output:
> > > > 
> > > > "self-compiled" can include a lot of sins, especially if trying to
> > > > place it alongside *or* in place of the provided libraries for tevent,
> > > > ldb, tdb, and talloc. Let me point you to my git repo,
> > > 
> > > Well OK maybe I should have said self compiled using the instructions
> > > @ https://wiki.samba.org/index.php/Build_Samba_from_Source#configure and
> > > the package list from https://wiki.samba.org/index.php/Package_Dependencies_Required_to_Build_Samba#Red_Hat_Enterprise_Linux_7_.2F_CentOS_7_.2F_Scientific_Linux_7
> > > substituting python36-devel for python-devel and adding python32-dns
> > > to get the samba-tool dns module to work.
> > > None of the distro samba packages are installed.
> > > 
> > > TBH, I am guessng about the package list given the change from python2 to python3
> > > as it does not look like the wiki has been updated for 4.10.x.
> > > 
> > > > https:/github.com/nkadel/samba4repo/, with submodules for samba
> > > > itself, talloc, tevent, etc., etc. It's built to use the official
> > > > upstream tarballs from www.samba.org, not tarballs from *me*, and that
> > > > also will give you a good git repo you can use to manage any
> > > > compilation options in the ".spec" file.
> > > 
> > > Is there a way to only build the Centos bits using your git repo? I have no
> > > Fedora machines and so far I have not been successful in getting the above
> > > to build on a Centos 7 VM using the version of Mock supplied by the Centos
> > > project.
> > 
> > Yeah. Comment out the other operating systems in the Makefiles.
> > Install the dependencies, as  RPMs, in order. The order in the top
> > level Makefile should get you through the process.
> 
> OK, I thought about that but I was wondering if there was an easier way.
> Thanks for confirming that.
> 
> > > > Hmm. some classic questions include "is SELinux on", and "which
> > > > Kerberos did you use, the supported internal Heimdal Kerberos or the
> > > > experimental support for MIT kerberos?
> > > 
> > > SELinux is in permissive and my configure line is simply ./configure so no MIT
> > > here. IMO no one in their right mind would try to use MIT in production.
> > 
> > If you just run "./configure" and then "make install, you can wind up
> > interleaving RPM based components on top of system components. Some of
> > the critical libraries are system libraries, used by other components,
> > and may not have been updated or may show up before your new compiled
> > versions based the system's LD_LIBRARY_PATH and other factors. I can't
> > try to debug that without a good look at what you have in place, and
> > where you put things, deliberately or accidentally. This is precisely
> > why I publish RPM's, and why for someone who doesn't like to play with
> > this stuff I'd actually they spend some money and pay for the Sernet,
> > commercially supported binaries.
> 
> Here's where I disagree. When you run ./configure, make and make install
> everything gets put into /usr/local/samba by default. It is not installed
> over top of any system components.

Correct.  Samba then uses -rpath to select these libraries in
preference to system libraries. 

It is important to to overwrite or upgrade system versions of libldb in
particular. 

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba

More information about the samba mailing list