Rowland Penny
2019-Jan-02 19:35 UTC
[Samba] AD bind DNS broken after 4.7.3 -> 4.9.2 upgrade
On Wed, 02 Jan 2019 20:09:44 +0100 Král Gergely via samba <samba at lists.samba.org> wrote:> 2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt írta: > > Can you try to upgrade to any 4.8 version then to 4.9.4? > > might work, atleast my guess this will have a better chance get > > passed this bug. > > > > I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But! > > > After upgrading the dnsupdate did not work, giving these log messages: > > [2019/01/02 19:18:42.908955, 0] > ../source4/smbd/server.c:466(binary_smbd_main) > samba version 4.8.5-Debian started. > Copyright Andrew Tridgell and the Samba Team 1992-2018 > [2019/01/02 19:18:56.468276, 0] > ../source4/smbd/server.c:638(binary_smbd_main) > binary_smbd_main: samba: using 'standard' process model > [2019/01/02 19:19:00.030904, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - > (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') > [2019/01/02 19:19:00.031193, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: File > "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > 176, in _run > [2019/01/02 19:19:00.031286, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs) > [2019/01/02 19:19:00.031360, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: File > "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in > run [2019/01/02 19:19:00.031595, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: raise e > [2019/01/02 19:19:00.471859, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - > (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') > [2019/01/02 19:19:00.472011, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: File > "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > 176, in _run > [2019/01/02 19:19:00.472084, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs) > [2019/01/02 19:19:00.472238, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: File > "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in > run [2019/01/02 19:19:00.472301, 0] > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > /usr/sbin/samba_dnsupdate: raise e > > and so on... > > After downgrading from 4.9.2 back to 4.7.3 I experienced the same, > and I could fix it by running "samba_upgradedns > --dns-backend=BIND9_DLZ" (at least I guess this fixed it). The > results of this command were basically the same as on the wiki page. > But this time the result was exactly the same as with 4.9.2: > > isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ > Reading domain information > DNS accounts already exist > No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone > DNS records will be automatically created > DNS partitions already exist > dns-isa account already exists > Failed to create link /var/lib/samba/private/dns.keytab -> > /var/lib/samba/bind-dns/dns.keytab: No such file or directory > Failed to chown /var/lib/samba/bind-dns to bind gid 107 > Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107 > Traceback (most recent call last): > File "/usr/sbin/samba_upgradedns", line 533, in <module> > create_dns_dir(logger, paths) > File > "/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py", line > 697, in create_dns_dir os.mkdir(dns_dir, 0770) > OSError: [Errno 2] No such file or directory: > '/var/lib/samba/bind-dns/dns' > > > I started to panic, but since I ran this with samba stopped, I > restarted samba and the error messages are gone! The names are > resolved and the clients are happily updating the records. > > > So to summarize, I do not know how it got fixed and why upgradedns > does not work, but I believe the bug is already included somewhere in > the 4.8 branch. Even if it works. > >OK, this is what I am going to do, I will provision 4.7.12 again, upgrade it to 4.8.8 and if this works, then upgrade it to 4.9.4, expecting this to fail, this will then give us a search vector. Rowland
Rowland Penny
2019-Jan-02 21:43 UTC
[Samba] AD bind DNS broken after 4.7.3 -> 4.9.2 upgrade
On Wed, 2 Jan 2019 19:35:04 +0000 Rowland Penny via samba <samba at lists.samba.org> wrote:> On Wed, 02 Jan 2019 20:09:44 +0100 > Král Gergely via samba <samba at lists.samba.org> wrote: > > > 2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt írta: > > > Can you try to upgrade to any 4.8 version then to 4.9.4? > > > might work, atleast my guess this will have a better chance get > > > passed this bug. > > > > > > > I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But! > > > > > > After upgrading the dnsupdate did not work, giving these log > > messages: > > > > [2019/01/02 19:18:42.908955, 0] > > ../source4/smbd/server.c:466(binary_smbd_main) > > samba version 4.8.5-Debian started. > > Copyright Andrew Tridgell and the Samba Team 1992-2018 > > [2019/01/02 19:18:56.468276, 0] > > ../source4/smbd/server.c:638(binary_smbd_main) > > binary_smbd_main: samba: using 'standard' process model > > [2019/01/02 19:19:00.030904, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - > > (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') > > [2019/01/02 19:19:00.031193, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: File > > "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > > 176, in _run > > [2019/01/02 19:19:00.031286, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs) > > [2019/01/02 19:19:00.031360, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: File > > "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in > > run [2019/01/02 19:19:00.031595, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: raise e > > [2019/01/02 19:19:00.471859, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - > > (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') > > [2019/01/02 19:19:00.472011, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: File > > "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > > 176, in _run > > [2019/01/02 19:19:00.472084, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs) > > [2019/01/02 19:19:00.472238, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: File > > "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in > > run [2019/01/02 19:19:00.472301, 0] > > ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: raise e > > > > and so on... > > > > After downgrading from 4.9.2 back to 4.7.3 I experienced the same, > > and I could fix it by running "samba_upgradedns > > --dns-backend=BIND9_DLZ" (at least I guess this fixed it). The > > results of this command were basically the same as on the wiki page. > > But this time the result was exactly the same as with 4.9.2: > > > > isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ > > Reading domain information > > DNS accounts already exist > > No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone > > DNS records will be automatically created > > DNS partitions already exist > > dns-isa account already exists > > Failed to create link /var/lib/samba/private/dns.keytab -> > > /var/lib/samba/bind-dns/dns.keytab: No such file or directory > > Failed to chown /var/lib/samba/bind-dns to bind gid 107 > > Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107 > > Traceback (most recent call last): > > File "/usr/sbin/samba_upgradedns", line 533, in <module> > > create_dns_dir(logger, paths) > > File > > "/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py", line > > 697, in create_dns_dir os.mkdir(dns_dir, 0770) > > OSError: [Errno 2] No such file or directory: > > '/var/lib/samba/bind-dns/dns' > > > > > > I started to panic, but since I ran this with samba stopped, I > > restarted samba and the error messages are gone! The names are > > resolved and the clients are happily updating the records. > > > > > > So to summarize, I do not know how it got fixed and why upgradedns > > does not work, but I believe the bug is already included somewhere > > in the 4.8 branch. Even if it works. > > > > > > OK, this is what I am going to do, I will provision 4.7.12 again, > upgrade it to 4.8.8 and if this works, then upgrade it to 4.9.4, > expecting this to fail, this will then give us a search vector. > > Rowland >This is weird, provisioned 4.7.12 without problem upgraded to 4.8.8, again without problem Upgraded to 4.9.4, again without problem Yet if you upgrade from 4.7.12 directly to 4.9.4 it errors. I wonder if the new sam.ldb GUID mode introduced at 4.8.0 is the culprit ? Rowland
Viktor Trojanovic
2019-Jan-02 22:37 UTC
[Samba] AD bind DNS broken after 4.7.3 -> 4.9.2 upgrade
> On 2 Jan 2019, at 22:43, Rowland Penny via samba <samba at lists.samba.org> wrote: > > On Wed, 2 Jan 2019 19:35:04 +0000 > Rowland Penny via samba <samba at lists.samba.org> wrote: > >> On Wed, 02 Jan 2019 20:09:44 +0100 >> Král Gergely via samba <samba at lists.samba.org> wrote: >> >>> 2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt írta: >>>> Can you try to upgrade to any 4.8 version then to 4.9.4? >>>> might work, atleast my guess this will have a better chance get >>>> passed this bug. >>>> >>> >>> I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But! >>> >>> >>> After upgrading the dnsupdate did not work, giving these log >>> messages: >>> >>> [2019/01/02 19:18:42.908955, 0] >>> ../source4/smbd/server.c:466(binary_smbd_main) >>> samba version 4.8.5-Debian started. >>> Copyright Andrew Tridgell and the Samba Team 1992-2018 >>> [2019/01/02 19:18:56.468276, 0] >>> ../source4/smbd/server.c:638(binary_smbd_main) >>> binary_smbd_main: samba: using 'standard' process model >>> [2019/01/02 19:19:00.030904, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - >>> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') >>> [2019/01/02 19:19:00.031193, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: File >>> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line >>> 176, in _run >>> [2019/01/02 19:19:00.031286, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs) >>> [2019/01/02 19:19:00.031360, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: File >>> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in >>> run [2019/01/02 19:19:00.031595, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: raise e >>> [2019/01/02 19:19:00.471859, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - >>> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') >>> [2019/01/02 19:19:00.472011, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: File >>> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line >>> 176, in _run >>> [2019/01/02 19:19:00.472084, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs) >>> [2019/01/02 19:19:00.472238, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: File >>> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in >>> run [2019/01/02 19:19:00.472301, 0] >>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) >>> /usr/sbin/samba_dnsupdate: raise e >>> >>> and so on... >>> >>> After downgrading from 4.9.2 back to 4.7.3 I experienced the same, >>> and I could fix it by running "samba_upgradedns >>> --dns-backend=BIND9_DLZ" (at least I guess this fixed it). The >>> results of this command were basically the same as on the wiki page. >>> But this time the result was exactly the same as with 4.9.2: >>> >>> isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ >>> Reading domain information >>> DNS accounts already exist >>> No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone >>> DNS records will be automatically created >>> DNS partitions already exist >>> dns-isa account already exists >>> Failed to create link /var/lib/samba/private/dns.keytab -> >>> /var/lib/samba/bind-dns/dns.keytab: No such file or directory >>> Failed to chown /var/lib/samba/bind-dns to bind gid 107 >>> Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107 >>> Traceback (most recent call last): >>> File "/usr/sbin/samba_upgradedns", line 533, in <module> >>> create_dns_dir(logger, paths) >>> File >>> "/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py", line >>> 697, in create_dns_dir os.mkdir(dns_dir, 0770) >>> OSError: [Errno 2] No such file or directory: >>> '/var/lib/samba/bind-dns/dns' >>> >>> >>> I started to panic, but since I ran this with samba stopped, I >>> restarted samba and the error messages are gone! The names are >>> resolved and the clients are happily updating the records. >>> >>> >>> So to summarize, I do not know how it got fixed and why upgradedns >>> does not work, but I believe the bug is already included somewhere >>> in the 4.8 branch. Even if it works. >>> >>> >> >> OK, this is what I am going to do, I will provision 4.7.12 again, >> upgrade it to 4.8.8 and if this works, then upgrade it to 4.9.4, >> expecting this to fail, this will then give us a search vector. >> >> Rowland >> > > This is weird, provisioned 4.7.12 without problem > upgraded to 4.8.8, again without problem > Upgraded to 4.9.4, again without problem > > Yet if you upgrade from 4.7.12 directly to 4.9.4 it errors. > > I wonder if the new sam.ldb GUID mode introduced at 4.8.0 is the > culprit ? > >Hi Rowland, As I mentioned in my own thread, I have another, almost identical system with 4.9.4 running without issues. The only difference: I upgraded to 4.8.x before upgrading to 4.9.4. So, I can confirm your findings. Viktor