[Samba] Cannot remove old NS record

L.P.H. van Belle belle at bazuin.nl
Thu Jan 2 08:00:04 UTC 2020 

Hai,  

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Paul 
> R. Ganci via samba
> Verzonden: woensdag 1 januari 2020 23:49
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Cannot remove old NS record
> 
> On 12/22/19 12:07 PM, Rowland penny via samba wrote:
> >>
> >> Are there any suggestions to to fix the problem?
> >>
> > Cached record somewhere ?
> >
> > You seem to have done everything correctly.
> >
> Okay I discovered that any changes to my DNS are not being seeing by 
> bind.  So exploring the Wiki
> 
> https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Reconf
iguring_the_BIND9_DLZ_Back_End
> 
> I found this entry:
> 
> If you create new DNS records in the directory and are not able to 
> resolve them using the |nslookup|, |host| or other DNS lookup 
> tools, the 
> database hard links can got lost. This happens, for example, 
> if you move 
> the databases across mount points.
> 
> To verify that the domain and forest partition as well as the 
> |metadata.tdb| database are hard linked in both directories, run
> 
> # ls -lai /usr/local/samba/private/sam.ldb.d/
> 
> # ls -lai /usr/local/samba/private/dns/sam.ldb.d/
> 
> The same files must have the same inode number in the first column of 
> the output in the both directories. If they differ, the hard link got 
> lost and Samba and BIND use separate database files and thus 
> DNS updates 
> in the directory are not resolveable through the BIND DNS server.
> 
> So I did the procedure on my system and much to my chagrin I found:
> 
>  > ls -lai /var/lib/samba/private/sam.ldb.d/
> total 83720
> 67868145 drwxr-x--- 2 root named      296 Dec 21 17:54 .
>    810580 drwxr-x--- 8 root named     4096 Jan  1 15:31 ..
> 67868196 -rw------- 1 root root  29609984 Nov  7 09:29 
> CN=CONFIGURATION,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 67868195 -rw------- 1 root root  33222656 Nov  7 09:29 
> CN=SCHEMA,CN=CONFIGURATION,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 67868192 -rw-rw---- 1 root named  6950912 Jan  1 14:30 
> DC=DOMAINDNSZONES,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 67868194 -rw-rw---- 1 root named  4247552 Nov  7 09:29 
> DC=FORESTDNSZONES,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 67868202 -rw------- 1 root root  10862592 Jan  1 15:20 
> DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 67868159 -rw-rw---- 1 root named   831488 Jan  1 14:30 metadata.tdb
> 
> root at nureyev> ls -lai /var/lib/samba/private/dns/sam.ldb.d/
> total 74520
> 34684505 drwxrwx--- 2 root named      296 Dec 21 17:54 .
>    810835 drwxrwx--- 3 root named       38 Dec 21 17:54 ..
> 34685771 -rw-rw---- 1 root named 27410432 Jan  1 15:04 
> CN=CONFIGURATION,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 34684600 -rw-rw---- 1 root named 32534528 Jan  1 15:04 
> CN=SCHEMA,CN=CONFIGURATION,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 34684570 -rw-rw---- 1 root named  6950912 Jan  1 15:04 
> DC=DOMAINDNSZONES,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 34684597 -rw-rw---- 1 root named  4247552 Jan  1 15:04 
> DC=FORESTDNSZONES,DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 34684507 -rw-rw---- 1 root named  4333568 Jan  1 15:04 
> DC=MYHOME,DC=NURDOG,DC=COM.ldb
> 34685651 -rw-rw---- 1 root named   831488 Dec  2  2018 metadata.tdb
> 
> Unfortunately the inode numbers do not match.
> 
> I also found this entry in the Wiki:
> 
> To auto-repair the hard linking, see Reconfiguring the BIND9_DLZ Back 
> End 
> <https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Recon
figuring_the_BIND9_DLZ_Back_End>. 
> 
> 
> So I ran the auto-repair
> 
>  > samba_upgradedns --dns-backend=BIND9_DLZ
> Reading domain information
> DNS accounts already exist
> No zone file /var/lib/samba/bind-dns/dns/MYHOME.NURDOG.COM.zone
> DNS records will be automatically created
> DNS partitions already exist
> dns-nureyev account already exists
> Failed to create link /var/lib/samba/private/dns.keytab -> 
> /var/lib/samba/bind-dns/dns.keytab: No such file or directory
> Failed to chown /var/lib/samba/bind-dns to bind gid 25
> Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 25
> Traceback (most recent call last):
>    File "/sbin/samba_upgradedns", line 533, in <module>
>      create_dns_dir(logger, paths)
>    File 
> "/usr/lib64/python3.6/site-packages/samba/provision/sambadns.p
y", line 
> 704, in create_dns_dir
>      os.mkdir(dns_dir, 0o770)
> FileNotFoundError: [Errno 2] No such file or directory: 
> '/var/lib/samba/bind-dns/dns'
> 
> I have been running this domain for quite a while and don't quite 
> understand why this problem would occur. What is somewhat 
> strange is the 
> location of certain files. For example my dns.keytab is located here:
> 
> 
>  > ls /var/lib/samba/private/dns.keytab
> /var/lib/samba/private/dns.keytab
> 
> Does anyone have an idea how to fix the problem? Can I just create 
> /var/lib/samba/bind-dns/ and re-run? Suggestions are 
> appreciated. Thanks.

Yes, you can use : 

install -d /var/lib/samba/bind-dns/ -o root -g bind -m 770 
And rerun it. 

Just dont forget to adjust the bind config files also. 


Greetz, 

Louis

More information about the samba mailing list