[Samba] Testparm Creating Sock File? and Missing Service Records
John Clendenen
john at dotdigital.digital
Fri Nov 22 17:18:28 UTC 2019
Hi,
I’m experiencing an issue with selinux blocking Samba on Fedora when bind
interfaces only is set. Based on the selinux logs, it is attempting to
create a sock file in /var/lib/samba/private/msg.sock/.
We are wondering why testparm is using a sock file, or if this is
unexpected behavior.
Link to ticket below:
https://bugzilla.redhat.com/show_bug.cgi?id=1768656
------------------------------
Additionally, I have found that DNS (BIND DLZ in my case) is missing
kerberos udp service records, at least in Fedora’s Samba AD packages. I
assume it’s an upstream issue with Samba, but I can open a ticket with
Fedora if that’s more appropriate.
After adding the following records, I am able to bind clients more reliably
as well as establish trust with IPA.
samba-tool dns add 127.0.0.1 _msdcs."$(hostname -d)" _kerberos._udp.dc
SRV "$(hostname -f) 88 0 100"
samba-tool dns add 127.0.0.1 _msdcs."$(hostname -d)"
_kerberos._udp."${SITE}"._sites.dc SRV "$(hostname -f) 88 0 100"
More information about the samba
mailing list