samba - Dec 2018 - AD bind DNS broken after 4.7.3 -> 4.9.2 upgrade

Can you try to upgrade to any 4.8 version then to 4.9.4? 
might work, atleast my guess this will have a better chance get passed this bug.


Greetz,
Louis


> Op 31 dec. 2018 om 18:35 heeft Král Gergely via samba <samba at
lists.samba.org> het volgende geschreven:
> 
> 2018-12-31 17:29 id??pontban Rowland Penny via samba ezt írta:
> 
>>> 
>> 
>> OK, downgrade again, this is the third report about this problem in
>> about 10 days, see here:
>> 
>> https://lists.samba.org/archive/samba/2018-December/220103.html
>> 
>> https://lists.samba.org/archive/samba/2018-December/220180.html
>> 
> 
> Thank You for the quick response. I read one of them before, but I 
> thought my case is different, because I am not using internal DNS.
> 
> So downgrading then...
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

On Mon, 31 Dec 2018 20:50:43 +0100
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
> Can you try to upgrade to any 4.8 version then to 4.9.4? 
> might work, atleast my guess this will have a better chance get
> passed this bug.
> 
> 
Worth trying, if it works, it will show the problem lies in a higher
version than the 4.8.x version used.

Rowland

2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt
írta:
> Can you try to upgrade to any 4.8 version then to 4.9.4?
> might work, atleast my guess this will have a better chance get passed 
> this bug.
> 
I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But!


After upgrading the dnsupdate did not work, giving these log messages:

[2019/01/02 19:18:42.908955,  0] 
../source4/smbd/server.c:466(binary_smbd_main)
   samba version 4.8.5-Debian started.
   Copyright Andrew Tridgell and the Samba Team 1992-2018
[2019/01/02 19:18:56.468276,  0] 
../source4/smbd/server.c:638(binary_smbd_main)
   binary_smbd_main: samba: using 'standard' process model
[2019/01/02 19:19:00.030904,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - (9711, 
'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
[2019/01/02 19:19:00.031193,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:   File 
"/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176,
in _run
[2019/01/02 19:19:00.031286,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:     return self.run(*args, **kwargs)
[2019/01/02 19:19:00.031360,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:   File 
"/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
run
[2019/01/02 19:19:00.031595,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:     raise e
[2019/01/02 19:19:00.471859,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - (9711, 
'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
[2019/01/02 19:19:00.472011,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:   File 
"/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176,
in _run
[2019/01/02 19:19:00.472084,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:     return self.run(*args, **kwargs)
[2019/01/02 19:19:00.472238,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:   File 
"/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
run
[2019/01/02 19:19:00.472301,  0] 
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
   /usr/sbin/samba_dnsupdate:     raise e

and so on...

After downgrading from 4.9.2 back to 4.7.3 I experienced the same, and I 
could fix it by running "samba_upgradedns --dns-backend=BIND9_DLZ" (at
least I guess this fixed it). The results of this command were basically 
the same as on the wiki page. But this time the result was exactly the 
same as with 4.9.2:

isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ
Reading domain information
DNS accounts already exist
No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone
DNS records will be automatically created
DNS partitions already exist
dns-isa account already exists
Failed to create link /var/lib/samba/private/dns.keytab -> 
/var/lib/samba/bind-dns/dns.keytab: No such file or directory
Failed to chown /var/lib/samba/bind-dns to bind gid 107
Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107
Traceback (most recent call last):
   File "/usr/sbin/samba_upgradedns", line 533, in <module>
     create_dns_dir(logger, paths)
   File
"/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py",
line 697, in create_dns_dir
     os.mkdir(dns_dir, 0770)
OSError: [Errno 2] No such file or directory: 
'/var/lib/samba/bind-dns/dns'


I started to panic, but since I ran this with samba stopped, I restarted 
samba and the error messages are gone! The names are resolved and the 
clients are happily updating the records.


So to summarize, I do not know how it got fixed and why upgradedns does 
not work, but I believe the bug is already included somewhere in the 4.8 
branch. Even if it works.

On Wed, 02 Jan 2019 20:09:44 +0100
Král Gergely via samba <samba at lists.samba.org> wrote:
> 2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt írta:
> > Can you try to upgrade to any 4.8 version then to 4.9.4?
> > might work, atleast my guess this will have a better chance get
> > passed this bug.
> > 
> 
> I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But!
> 
> 
> After upgrading the dnsupdate did not work, giving these log messages:
> 
> [2019/01/02 19:18:42.908955,  0] 
> ../source4/smbd/server.c:466(binary_smbd_main)
>    samba version 4.8.5-Debian started.
>    Copyright Andrew Tridgell and the Samba Team 1992-2018
> [2019/01/02 19:18:56.468276,  0] 
> ../source4/smbd/server.c:638(binary_smbd_main)
>    binary_smbd_main: samba: using 'standard' process model
> [2019/01/02 19:19:00.030904,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> [2019/01/02 19:19:00.031193,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
> 176, in _run
> [2019/01/02 19:19:00.031286,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     return self.run(*args, **kwargs)
> [2019/01/02 19:19:00.031360,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940,
in
> run [2019/01/02 19:19:00.031595,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     raise e
> [2019/01/02 19:19:00.471859,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> [2019/01/02 19:19:00.472011,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
> 176, in _run
> [2019/01/02 19:19:00.472084,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     return self.run(*args, **kwargs)
> [2019/01/02 19:19:00.472238,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:   File 
> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940,
in
> run [2019/01/02 19:19:00.472301,  0] 
> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>    /usr/sbin/samba_dnsupdate:     raise e
> 
> and so on...
> 
> After downgrading from 4.9.2 back to 4.7.3 I experienced the same,
> and I could fix it by running "samba_upgradedns
> --dns-backend=BIND9_DLZ" (at least I guess this fixed it). The
> results of this command were basically the same as on the wiki page.
> But this time the result was exactly the same as with 4.9.2:
> 
> isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ
> Reading domain information
> DNS accounts already exist
> No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone
> DNS records will be automatically created
> DNS partitions already exist
> dns-isa account already exists
> Failed to create link /var/lib/samba/private/dns.keytab -> 
> /var/lib/samba/bind-dns/dns.keytab: No such file or directory
> Failed to chown /var/lib/samba/bind-dns to bind gid 107
> Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107
> Traceback (most recent call last):
>    File "/usr/sbin/samba_upgradedns", line 533, in <module>
>      create_dns_dir(logger, paths)
>    File
> "/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py",
line
> 697, in create_dns_dir os.mkdir(dns_dir, 0770)
> OSError: [Errno 2] No such file or directory: 
> '/var/lib/samba/bind-dns/dns'
> 
> 
> I started to panic, but since I ran this with samba stopped, I
> restarted samba and the error messages are gone! The names are
> resolved and the clients are happily updating the records.
> 
> 
> So to summarize, I do not know how it got fixed and why upgradedns
> does not work, but I believe the bug is already included somewhere in
> the 4.8 branch. Even if it works.
> 
> 
OK, this is what I am going to do, I will provision 4.7.12 again,
upgrade it to 4.8.8 and if this works, then upgrade it to 4.9.4,
expecting this to fail, this will then give us a search vector.

Rowland