[Samba] Debian11 Samba backport and bind9
Stefan Kania
stefan at kania-online.de
Mon Jan 16 19:47:10 UTC 2023
Am 16.01.23 um 20:35 schrieb Ingo Asche via samba:
> Hi Stefan,
>
> I have exact that running: Samba 4.17.4 and bind 9.18 from the
> bullseye-backports.
>
> I my case "samba_dnsupdate --verbose --all-names" runs without any errors.
>
On the first DC it's running like I expacted, but on the second one I'm
having the provlem.
> As like 9.16 I use the "dlz_bind9_18.so" entry in named.conf.
>
> If you need further information to compare just ask.
>
> Regards
> Ingo
> https://github.com/WAdama
>
> Rowland Penny via samba schrieb am 16.01.2023 um 20:05:
>>
>>
>> On 16/01/2023 18:56, Rowland Penny via samba wrote:
>>>
>>>
>>> On 16/01/2023 18:27, Stefan Kania via samba wrote:
>>>>
>>>>
>>>> Am 16.01.23 um 18:31 schrieb Rowland Penny via samba:
>>>>>
>>>>>
>>>>> On 16/01/2023 16:56, Stefan Kania via samba wrote:
>>>>>> Hi to all,
>>>>>> Is there a known problem when using Debian 11 together with the
>>>>>> samba packages from the backports (4.17.4) and the bind9 from the
>>>>>> backports (9.18). With me it comes on each further
>>>>>> Domaincontroller to errors with the "samba_dnsupdate --verbose
>>>>>> --all-names".
>>>>>>
>>>>>> If I install Bind9 in version 9.16 everything works.
>>>>>>
>>>>>> I have the whole thing running in a Vagrant environment and can
>>>>>> provide this for testing purposes.
>>>>>>
>>>>>> Stefan
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> The support for Bind 9.18 went into Samba in May 2022, so unless it
>>>>> was backported, it should only be in 4.17.x
>>>>>
>>>>> From the commit, it was thought that nothing had changed since
>>>>> Bind 9.16
>>>>>
>>>>> Try looking in sambadns.py (around line 1015), it should show 9.18
>>>>>
>>>>> Rowland
>>>>>
>>>>
>>>> As far as i see it 9.18 sould be ok:
>>>> ----------------------
>>>> elif dns_backend == "BIND9_DLZ":
>>>> bind_info = subprocess.Popen(['named -V'], shell=True,
>>>> stdout=subprocess.PIPE,
>>>> stderr=subprocess.STDOUT,
>>>> cwd='.').communicate()[0]
>>>> bind_info = get_string(bind_info)
>>>> bind9_8 = '#'
>>>> bind9_9 = '#'
>>>> bind9_10 = '#'
>>>> bind9_11 = '#'
>>>> bind9_12 = '#'
>>>> bind9_14 = '#'
>>>> bind9_16 = '#'
>>>> bind9_18 = '#'
>>>> if bind_info.upper().find('BIND 9.8') != -1:
>>>> bind9_8 = ''
>>>> elif bind_info.upper().find('BIND 9.9') != -1:
>>>> bind9_9 = ''
>>>> elif bind_info.upper().find('BIND 9.10') != -1:
>>>> bind9_10 = ''
>>>> elif bind_info.upper().find('BIND 9.11') != -1:
>>>> bind9_11 = ''
>>>> elif bind_info.upper().find('BIND 9.12') != -1:
>>>> bind9_12 = ''
>>>> elif bind_info.upper().find('BIND 9.14') != -1:
>>>> bind9_14 = ''
>>>> elif bind_info.upper().find('BIND 9.16') != -1:
>>>> bind9_16 = ''
>>>> elif bind_info.upper().find('BIND 9.18') != -1:
>>>> bind9_18 = ''
>>>> elif bind_info.upper().find('BIND 9.7') != -1:
>>>> raise ProvisioningError("DLZ option incompatible with
>>>> BIND 9.7.")
>>>> elif bind_info.upper().find('BIND_9.13') != -1:
>>>> raise ProvisioningError("Only stable/esv releases of
>>>> BIND are supported.")
>>>> elif bind_info.upper().find('BIND_9.15') != -1:
>>>> raise ProvisioningError("Only stable/esv releases of
>>>> BIND are supported.")
>>>> elif bind_info.upper().find('BIND_9.17') != -1:
>>>> raise ProvisioningError("Only stable/esv releases of
>>>> BIND are supported.")
>>>> else:
>>>> logger.warning("BIND version unknown, please modify %s
>>>> manually." % paths.namedconf)
>>>> setup_file(setup_path("named.conf.dlz"), paths.namedconf, {
>>>> "NAMED_CONF": paths.namedconf,
>>>> "MODULESDIR": samba.param.modules_dir(),
>>>> "BIND9_8": bind9_8,
>>>> "BIND9_9": bind9_9,
>>>> "BIND9_10": bind9_10,
>>>> "BIND9_11": bind9_11,
>>>> "BIND9_12": bind9_12,
>>>> "BIND9_14": bind9_14,
>>>> "BIND9_16": bind9_16,
>>>> "BIND9_18": bind9_18
>>>> })
>>>> -------------
>>>> At the moment I'm testing for my tutorial with Samba 4.17.4 from
>>>> Debian 11 backports and the Bind9 version 9.16.
>>>>
>>>> Tomorrow I will switch to bind9 from the backport again and post the
>>>> error messages.
>>>>
>>>>
>>>>
>>>
>>> I just wanted to ensure that you, somehow, hadn't got the wrong file,
>>> which apparently you haven't
>>>
>>> There may be a problem, does Samba use a DLZ driver or a module ? I
>>> ask this because Bind seems to have removed DLZ drivers from 9.18
>>>
>>> Rowland
>>>
>>
>> Just had a look in dlz_bind9.c and right at the top, there is this:
>>
>> bind9 dlz driver for Samba
>>
>> We could have a major problem.
>>
>> Rowland
>>
>>
>>
>
>
--
Stefan Kania
Landweg 13
25693 St. Michaelisdonn
Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre
Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter
https://www.dgn.de/dgncert/index.html
Download der root-Zertifikate: https://www.dgn.de/dgncert/downloads.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20230116/fe9af07f/OpenPGP_signature.sig>
More information about the samba
mailing list