[Samba] smbd fails to start after upgrade to version 4.11.6
Roy Eastwood
spindles7 at gmail.com
Wed Jan 29 20:52:30 UTC 2020
On 29 January 2020 20:02 Rowland penny via samba wrote:
>On 29/01/2020 19:43, Roy Eastwood via samba wrote:
>> On 29 January 2020 18:09 Rowland penny wrote:
>>> On 29/01/2020 18:01, Roy Eastwood via samba wrote:
> [..snip..]
>Is this using Raspbian ?
Yes
>Problem with going down the leave then rejoin path is, what if it
>doesn't work, you are no further forward.
>
>I would try and fix it first, can you download and run Louis's script:
>https://github.com/thctlo/samba4/blob/master/samba-collect-debug-info.sh
>Sanitise the output and post the output into a reply to this.
>
>Rowland
OK:
root at pi4b:~/scripts# ./samba-collect-debug-info.sh
Please wait, collecting debug info.
Password for Administrator at SAMDOM.ORG:
grep: : No such file or directory
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
The debug info about your system can be found in this file:
/tmp/samba-debug-info.txt
-------------------- /tmp/samba-debug-info.txt ----------------
Collected config --- 2020-01-29-20:20 -----------
Hostname: pi4b
DNS Domain: samdom.org
FQDN: pi4b.samdom.org
ipaddress: 192.168.2.51
-----------
Kerberos SRV _kerberos._tcp.samdom.org record verified ok, sample output:
Server: 192.168.2.240
Address: 192.168.2.240#53
_kerberos._tcp.samdom.org service = 0 100 88 pi-dc.samdom.org.
_kerberos._tcp.samdom.org service = 0 100 88 tiger-db.samdom.org.
Samba is not being run as a DC or a Unix domain member.
-----------
Checking file: /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
-----------
This computer is running Debian 10.2 armv7l
-----------
running command : ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether dc:a6:32:17:3c:86 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.51/24 brd 192.168.2.255 scope global eth0
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
qlen 1000
link/ether dc:a6:32:17:3c:87 brd ff:ff:ff:ff:ff:ff
-----------
Checking file: /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.2.51 pi4b.samdom.org pi4b
-----------
Checking file: /etc/resolv.conf
search samdom.org
nameserver 192.168.2.240
nameserver 192.168.2.4
-----------
Checking file: /etc/krb5.conf
[libdefaults]
default_realm = samdom.org
dns_lookup_realm = false
dns_lookup_kdc = true
-----------
Checking file: /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files winbind
group: files winbind
shadow: files
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
-----------
Warning, does not exist
-----------
Installed packages:
ii acl 2.2.53-4
armhf access control list - utilities
ii attr 1:2.4.48-4
armhf utilities for manipulating filesystem extended attributes
ii fonts-quicksand 0.2016-2
all sans-serif font with round attributes
ii krb5-config 2.6
all Configuration files for Kerberos Version 5
ii krb5-user 1.17-3
armhf basic programs to authenticate using MIT Kerberos
ii libacl1:armhf 2.2.53-4
armhf access control list - shared library
ii libattr1:armhf 1:2.4.48-4
armhf extended attribute handling - shared library
ii libgssapi-krb5-2:armhf 1.17-3
armhf MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
ii libkrb5-3:armhf 1.17-3
armhf MIT Kerberos runtime libraries
ii libkrb5support0:armhf 1.17-3
armhf MIT Kerberos runtime libraries - Support library
ii libnss-winbind:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf Samba nameservice integration plugins
ii libpam-krb5:armhf 4.8-2
armhf PAM module for MIT Kerberos
ii libpam-winbind:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf Windows domain authentication integration plugin
ii libsmbclient:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf shared library for communication with SMB/CIFS servers
ii libwbclient0:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf Samba winbind client library
ii node-tweetnacl 0.14.5+dfsg-3
all Port of TweetNaCl cryptographic library to JavaScript
ii python3-samba 2:4.11.6+dfsg-0.1raspbian1
armhf Python 3 bindings for Samba
ii samba 2:4.11.6+dfsg-0.1raspbian1
armhf SMB/CIFS file, print, and login server for Unix
ii samba-common 2:4.11.6+dfsg-0.1raspbian1
all common files used by both the Samba server and client
ii samba-common-bin 2:4.11.6+dfsg-0.1raspbian1
armhf Samba common files used by both the server and the client
ii samba-dsdb-modules:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf Samba Directory Services Database
ii samba-libs:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf Samba core libraries
ii samba-vfs-modules:armhf 2:4.11.6+dfsg-0.1raspbian1
armhf Samba Virtual FileSystem plugins
ii smbclient 2:4.11.6+dfsg-0.1raspbian1
armhf command-line SMB/CIFS clients for Unix
ii vlc-plugin-samba:armhf 3.0.8-0+deb10u1+rpt7
armhf Samba plugin for VLC
ii winbind 2:4.11.6+dfsg-0.1raspbian1
armhf service to resolve user and group information from Windows NT
servers
-----------
Louis' script failed to print out smb.conf (even though it exists at
/etc/samba/smb.conf) and user.map, so here they are:
---------- smb.conf -----------
[global]
netbios name = pi4b
security = ADS
workgroup = SAMDOM
realm = SAMDOM.ORG
# disable smb1
client min protocol = smb2_02
server min protocol = smb2_02
log file = /var/log/samba/%m.log
log level = 1
# to prevent "Address family not supported by protocol" messages
(ipv6)
bind interfaces only = yes
interfaces = lo eth0
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind refresh tickets = yes
winbind use default domain = yes
# Default idmap config used for BUILTIN and local accounts/groups
idmap config * : backend = tdb
idmap config * : range = 2000-9999
# idmap config for domain samdom
idmap config SAMDOM:backend = rid
idmap config SAMDOM:range = 10000-99999
# next two lines for testing only - comment-out once working ok
# winbind enum users = yes
# winbind enum groups = yes
template shell = /bin/bash
# template homedir = /srv/samba/users/%U
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
username map = /etc/samba/user.map
[images]
# for backup images made by Macrium Reflect
path = /srv/samba/images
read only = no
acl_xattr:ignore system acl = yes
[downloads]
path = /srv/samba/downloads
read only = no
acl_xattr:ignore system acl = yes
---------------user.map --------------------
!root = SAMDOM\Administrator SAMDOM\administrator Administrator
administrator
Thanks in advance for any clues!
Roy
More information about the samba
mailing list