[Samba] Testparm Creating Sock File? and Missing Service Records

John Clendenen john at dotdigital.digital
Fri Nov 22 17:18:28 UTC 2019


I’m experiencing an issue with selinux blocking Samba on Fedora when bind
interfaces only is set. Based on the selinux logs, it is attempting to
create a sock file in /var/lib/samba/private/msg.sock/.

We are wondering why testparm is using a sock file, or if this is
unexpected behavior.

Link to ticket below:


Additionally, I have found that DNS (BIND DLZ in my case) is missing
kerberos udp service records, at least in Fedora’s Samba AD packages. I
assume it’s an upstream issue with Samba, but I can open a ticket with
Fedora if that’s more appropriate.

After adding the following records, I am able to bind clients more reliably
as well as establish trust with IPA.

samba-tool dns add _msdcs."$(hostname -d)" _kerberos._udp.dc
SRV "$(hostname -f) 88 0 100"
samba-tool dns add _msdcs."$(hostname -d)"
_kerberos._udp."${SITE}"._sites.dc SRV "$(hostname -f) 88 0 100"

More information about the samba mailing list