For all,
after I had several problems making samba4 working as it should on
centOs5.5 here is a short guide setting it up to work.
First of all do not install the bind package coming with centos 5.5!!
Install needs for samba
yum install libacl* gnutls* readline* python* gdb* autoconf*
Named installation:
Here is a description on what to do:
http://jason.roysdon.net/2009/10/16/building-bind-9-6-on-rhel5-centos5-for-d
nssec-nsec3-support/
The steps,
yum -y install make gcc rpm-build libtool autoconf openssl-devel
libcap-devel libidn-devel libxml2-devel openldap-devel postgresql-devel
sqlite-devel mysql-devel krb5-devel xmlto
For named to compile correctly you need this 2 packages too:
yum -y install curl*
download.fedora.redhat.com/pub/fedora/epel/5/i386/python-dns-1.7.1-1.el5.noa
rch.rpm
cd /usr/src/redhat/SRPMS
wget -c
ftp://mirrors.kernel.org/pub/fedora/updates/11/SRPMS/bind-9.6.*.src.rpm
wget -c
ftp://mirrors.kernel.org/pub/fedora/updates/11/SRPMS/dnssec-conf-*.src.rpm
cd /usr/src/redhat/SRPMS
wget -c
ftp://mirrors.kernel.org/pub/fedora/updates/12/SRPMS/bind-9.6.*.src.rpm
wget -c
ftp://mirrors.kernel.org/pub/fedora/releases/12/Fedora/source/SRPMS/dnssec-c
onf-*.src.rpm
rpm -ivh --nomd5 bind-9.6.*.src.rpm dnssec-conf-*.src.rpm
cd /usr/src/redhat/SPECS
rpmbuild -ba ./bind.spec
The built bind RPM is now in /usr/src/redhat/RPMS/i386/ or
/usr/src/redhat/RPMS/x86_64/ depending on your Arch.
rpmbuild --ba ./dnssec-conf.spec
The built dnssec-conf RPM is now in /usr/src/redhat/RPMS/noarch/
cd /usr/src/redhat/RPMS/*86*
rpm -Uvh bind-9.6.*.rpm bind-utils-9.6.*.rpm bind-libs-9.6.*.rpm
../noarch/dnssec-conf-1.21-*.noarch.rpm
Now bind is installed Config-File in /etc/named.conf
I disabled in options:
//dnssec-enable yes;
//dnssec-validation yes;
//dnssec-lookaside . trust-anchor dlv.isc.org.;
To make bind work you have to add user named to the group named.
Set the rights to make named work correctly
chmod 770 /etc/named.conf
chmod 770 /etc/named.rfc1912.zones
chown root:named /etc/named.conf
chown /etc/named.rfc1912.zones
chmod -R 770 /var/named
chown -R named:named /var/named
Now download and install samba:
url: http://wiki.samba.org/index.php/Samba4/HOWTO
mkdir samba4
cd samba4
rsync -avz samba.org::ftp/unpacked/samba_4_0_test/ .
cd /source4
./autogen.sh
./configure.devloper
make
make install
Samba4 is now installed in /usr/local/samba
Now you nedd to add the PATH to roots .bash_profile in /root
--> PATH=$PATH:$HOME/bin:/usr/local/samba/bin:/usr/local/samba/sbin
which samba must answer: /usr/local/samba/sbin/samba
Now you must set the lib paths:
echo "/usr/local/samba/lib" > /etc/ld.so.conf.d/samba4.conf
The next things to do( named should have read and write) :
Cd /usr/local/samba/private
Chown named:named krb5.conf
Chown -R named:named /usr/local/samba/private/dns
Chown named:named named.conf
Chown named:named named.conf.update
Chown named:named dns.keytab
Cp krb5.conf /etc # this will overwrite the org. krb5.conf
Cd /etc/sysconfig
Vi named
There add a line at the bootom:
KEYTAB_FILE="/usr/local/samba/private/dns.keytab"
export KEYTAB_FILE
Now you must update your /etc/named.conf ,
Be sure to have em listen on a IP not only 127.0.0.1:
Here ist mine
options {
listen-on port 53 { 127.0.0.1;192.168.134.27; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
forwarders { 192.168.134.253; };##put here your first dns if you
have
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/usr/local/samba/private/named.conf";####samba4 link
include "/etc/named.rfc1912.zones";
Now you have to put in your globals /usr/local/smba/etc/smb.conf
Interfaces=eth0
Now samba -I -M single
And you are done!!!
Samba_dnsupdate --verbose will give you:
[root at node1 etc]# samba_dnsupdate --verbose
Looking for DNS entry A tuebingen.tst.loc 192.168.134.27 as
tuebingen.tst.loc.
Looking for DNS entry A node1.tuebingen.tst.loc 192.168.134.27 as
node1.tuebingen.tst.loc.
Looking for DNS entry CNAME
365d2a9f-bfe6-462d-965e-8622bfefc190._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc as
365d2a9f-bfe6-462d-965e-8622bfefc190._msdcs.tuebingen.tst.loc.
Looking for DNS entry SRV
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 88 as
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc.
Checking 0 100 88 node1.tuebingen.tst.loc. against SRV
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 88
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 389 as
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc.
Checking 0 100 389 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 389
Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 88 as _kerberos._tcp.dc._msdcs.tuebingen.tst.loc.
Checking 0 100 88 node1.tuebingen.tst.loc. against SRV
_kerberos._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88
Looking for DNS entry SRV _ldap._tcp.dc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 389 as _ldap._tcp.dc._msdcs.tuebingen.tst.loc.
Checking 0 100 389 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389
Looking for DNS entry SRV
_ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst
.loc node1.tuebingen.tst.loc 389 as
_ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst
.loc.
Checking 0 100 389 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst
.loc node1.tuebingen.tst.loc 389
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 3268 as
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc.
Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 3268
Looking for DNS entry SRV _ldap._tcp.gc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 3268 as _ldap._tcp.gc._msdcs.tuebingen.tst.loc.
Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268
Looking for DNS entry SRV _ldap._tcp.pdc._msdcs.tuebingen.tst.loc
node1.tuebingen.tst.loc 389 as _ldap._tcp.pdc._msdcs.tuebingen.tst.loc.
Checking 0 100 389 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.pdc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389
Looking for DNS entry SRV
_gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc
node1.tuebingen.tst.loc 3268 as
_gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc.
Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV
_gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc
node1.tuebingen.tst.loc 3268
Looking for DNS entry SRV
_kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc
node1.tuebingen.tst.loc 88 as
_kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc.
Checking 0 100 88 node1.tuebingen.tst.loc. against SRV
_kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc
node1.tuebingen.tst.loc 88
Looking for DNS entry SRV
_ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc
node1.tuebingen.tst.loc 389 as
_ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc.
Checking 0 100 389 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc
node1.tuebingen.tst.loc 389
Looking for DNS entry SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc
3268 as _gc._tcp.tuebingen.tst.loc.
Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV
_gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268
Looking for DNS entry SRV _kerberos._tcp.tuebingen.tst.loc
node1.tuebingen.tst.loc 88 as _kerberos._tcp.tuebingen.tst.loc.
Checking 0 100 88 node1.tuebingen.tst.loc. against SRV
_kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88
Looking for DNS entry SRV _kpasswd._tcp.tuebingen.tst.loc
node1.tuebingen.tst.loc 464 as _kpasswd._tcp.tuebingen.tst.loc.
Checking 0 100 464 node1.tuebingen.tst.loc. against SRV
_kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464
Looking for DNS entry SRV _ldap._tcp.tuebingen.tst.loc
node1.tuebingen.tst.loc 389 as _ldap._tcp.tuebingen.tst.loc.
Checking 0 100 389 node1.tuebingen.tst.loc. against SRV
_ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389
Looking for DNS entry SRV _kerberos._udp.tuebingen.tst.loc
node1.tuebingen.tst.loc 88 as _kerberos._udp.tuebingen.tst.loc.
Checking 0 100 88 node1.tuebingen.tst.loc. against SRV
_kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88
Looking for DNS entry SRV _kpasswd._udp.tuebingen.tst.loc
node1.tuebingen.tst.loc 464 as _kpasswd._udp.tuebingen.tst.loc.
Checking 0 100 464 node1.tuebingen.tst.loc. against SRV
_kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464
No DNS updates needed
Greetings Daniel
-----------------------------------------------
EDV Daniel M?ller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 T?bingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
Nico Kadel-Garcia
2010-Jul-26 12:04 UTC
[Samba] HOWTO centOS 5.5 samba4 dns dynamic update
On Mon, Jul 26, 2010 at 5:34 AM, Daniel M?ller <mueller at tropenklinik.de> wrote:> For all, > > after I had several problems ?making samba4 working as it should on > centOs5.5 here is a short guide setting it up to work. > First of all do not install the bind package coming with centos 5.5!! > > Install needs for sambaLet me slow you down here. While your guide is useful, there are a couple of important things you're not doing. * You're building this as a root user. Never do this: Configure your $HOME/.rpmmacros to set your rpm build directories to include something like this: %_topdir /home/username/rpm * SRPM's can be rebuilt with the command "rpmbuild --rebuild filename.src.rpm", which also cleans up the mess in your BUILD and SOURCES and SPECS subdirectories left behind. * Recent Fedora RPM's remain an issue to grab on the current CentOS and RHEL releases, due to the recent change in checksum tools. Replacing RHEL published components with recent Fedora ones is... a potential compatibility risk. * Instead of manually installing Samba and losing all that RPM component information, Why not review the SRPM's at http://ftp.sernet.de/pub/samba/3.5/rhel/5/? It's a valuable resource for leading edge Samba RPM's, and you can rebuild Samba cleanly from them to install as RPM's, even if you don't care to use the RPM's there directly. That will report all your build requirements as well, and save deducing them manually. And it gets you away from replacing bind. * I love configuring and using "mock" to build my RPM's, to prevent changes in my development machines libraries from skewing my builds of important software like Samba.
Apparently Analagous Threads
- WG: HOWTO centOS 5.5 samba4 dns dynamic update
- HOWTO centOS 5.5 samba4 dns dynamic update/Replication
- WG: HOWTO samba4 centos5.5 named dnsupdate drbd simple failover
- WG: HOWTO samba4 centos5.5 named dnsupdate drbd simple failover
- HOWTO samba4 centos5.5 named dnsupdate drbd simple failover