[Samba] Problem with Bind9 on Samba4

Marcio B. marciobacci at gmail.com
Tue Feb 16 01:32:17 UTC 2021 

Hi,

I have the following problem on my DC Samba4 with Bind9_DLZ:

root at samba4dc-2:~# /etc/init.d/bind9 status
● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor
preset: enabled)
   Active: failed (Result: exit-code) since Mon 2021-02-15 21:59:14 -03;
37s ago
     Docs: man:named(8)
  Process: 394 ExecStart=/usr/sbin/named -f $OPTIONS (code=exited,
status=1/FAILURE)
 Main PID: 394 (code=exited, status=1/FAILURE)

fev 15 21:59:14 samba4dc-2 named[394]: adjusted limit on open files from
524288 to 1048576
fev 15 21:59:14 samba4dc-2 named[394]: found 1 CPU, using 1 worker thread
fev 15 21:59:14 samba4dc-2 named[394]: using 1 UDP listener per interface
fev 15 21:59:14 samba4dc-2 named[394]: using up to 4096 sockets
fev 15 21:59:14 samba4dc-2 named[394]: loading configuration from
'/etc/bind/named.conf'
fev 15 21:59:14 samba4dc-2 named[394]: /etc/bind/named.conf.local:8: open:
/var/lib/samba/bind-dns/named.conf: permission denied
fev 15 21:59:14 samba4dc-2 named[394]: loading configuration: permission
denied
fev 15 21:59:14 samba4dc-2 named[394]: exiting (due to fatal error)
fev 15 21:59:14 samba4dc-2 systemd[1]: bind9.service: Main process exited,
code=exited, status=1/FAILURE
fev 15 21:59:14 samba4dc-2 systemd[1]: bind9.service: Failed with result
'exit-code'.

My permissions look like this:
root at samba4dc-2:/etc/bind# ls -lh
total 52K
-rw-r--r-- 1 root bind 3,9K mai  3  2019 bind.keys
-rw-r--r-- 1 root bind  237 mai  3  2019 db.0
-rw-r--r-- 1 root bind  271 mai  3  2019 db.127
-rw-r--r-- 1 root bind  237 mai  3  2019 db.255
-rw-r--r-- 1 root bind  353 mai  3  2019 db.empty
-rw-r--r-- 1 root bind  270 mai  3  2019 db.local
-rw-r--r-- 1 root bind 3,1K mai  3  2019 db.root
-rw-r--r-- 1 root bind  463 mai  3  2019 named.conf
-rw-r--r-- 1 root bind  490 mai  3  2019 named.conf.default-zones
-rw-r--r-- 1 root bind  211 set  2  2019 named.conf.local
-rw-r--r-- 1 root bind 1,6K set  2  2019 named.conf.options
-rw-r----- 1 bind bind   77 set  2  2019 rndc.key
-rw-r--r-- 1 root bind 1,3K mai  3  2019 zones.rfc1918

root at samba4dc-2:/var/lib/samba/bind-dns# ls -lh
total 20K
drwxrwx--- 3 root bind 4,0K fev 15 22:02 dns
-rw-r----- 2 root bind  882 set  2  2019 dns.keytab
-rw-r--r-- 1 root bind  883 fev 15 22:02 named.conf
-r--r--r-- 1 root bind  311 set  5  2019 named.conf.update
-rw-r--r-- 1 root bind 2,1K fev 15 22:02 named.txt

I performed the following procedure, but it did not resolve:

root at samba4dc-2:~# samba_upgradedns --dns-backend=BIND9_DLZ
Reading domain information
DNS accounts already exist
No zone file /var/lib/samba/bind-dns/dns/EMPRESA.COM.BR.zone
DNS records will be automatically created
DNS partitions already exist
dns-samba4dc-2 account already exists
See /var/lib/samba/bind-dns/named.conf for an example configuration include
file for BIND
and /var/lib/samba/bind-dns/named.txt for further documentation required
for secure DNS updates
Finished upgrading DNS

This is my smb.conf

cat /etc/samba/smb.conf
# Global parameters
[global]
netbios name = SAMBA4DC-2
realm = EMPRESA.COM.BR
workgroup = EMPRESA
log level = 1 auth:5 winbind:5
server role = active directory domain controller
server services = -dns
#dns forwarder = 192.168.1.1 192.168.1.2
#dns update command = /usr/sbin/samba_dnsupdate --use-samba-too
ldap server require strong auth = no
log file = /var/log/samba/auditoria/.%m
#log level = 1 auth_audit:3 #auth_json_audit:3
#log level = 1 passdb:5 auth:10 winbind:2
#log level = 1 full_audit:1
#log level = 2 auth:1@/var/log/auditoria.log

[netlogon]
path = /var/lib/samba/sysvol/empresa.com.br/scripts
read only = No

[sysvol]
path = /var/lib/samba/sysvol
read only = No

Could someone help me?

Regards,

Márcio Bacci

More information about the samba mailing list