On 2017-07-27 15:16, Dario Lesca wrote: > Il giorno gio, 06/07/2017 alle 15.44 +0300, Alexander Bokovoy ha > scritto: >> So, we pushed 4.7.0-RC1 to Rawhide. Also, asn/samba_ad_dc COPR repo >> contains a rebuild for F25 and F26. Feel free to test that. > Today I have start to try f27+samba4.7. > > Download and install Fedora 27 server rawhide > https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Serve > r/x86_64/iso/Fedora-Server-netinst-x86_64-Rawhide-20170724.n.0.iso > > Install samba-dc: > # dnf install samba-client samba-dc samba-winbind attr acl krb5-workstation tdb-tools samba-winbind-clients python > > Install Bind: > # dnf -y install bind bind-utils > > Run samba-tool > # samba-tool domain provision \ > --realm=dom.loc \ > --domain=dom \ > --dns-backend=BIND9_DLZ \ > --use-rfc2307 \ > --server-role=dc \ > --function-level=2008_R2 \ > > I have must remove this option: --use-xattr=yes , there is no more > > Than I have to try configure bind and add into /etc/named.conf this: > > tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab"; > > include "/var/lib/samba/private/named.conf"; > > NOTE: the files to include have the right access: > # ll /var/lib/samba/private/{dns.keytab,named.conf} > -rw-r-----. 1 root named 772 27 lug 13.46 /var/lib/samba/private/dns.keytab > -rw-r--r--. 1 root root 720 27 lug 13.46 /var/lib/samba/private/named.conf > > But the folder is not accessible from bind user: > # ll -ld /var/lib/samba/private/ > drwx------. 6 root root 4096 27 lug 13.46 /var/lib/samba/private/ > > then I have change it with: > # chmod g+rx /var/lib/samba/private/ > # chgrp named /var/lib/samba/private/ > > But when I start bind with: > > # systemctl start named > > I get this error: > > lug 27 14:39:53 server-addc.dom.loc named[2418]: samba_dlz: Failed to connect to /var/lib/samba/private/dns/sam.ldb > lug 27 14:39:53 server-addc.dom.loc named[2418]: dlz_dlopen of 'AD DNS Zone' failed > lug 27 14:39:53 server-addc.dom.loc named[2418]: SDLZ driver failed to load. > lug 27 14:39:53 server-addc.dom.loc named[2418]: DLZ driver failed to load. > lug 27 14:39:53 server-addc.dom.loc named[2418]: loading configuration: failure > lug 27 14:39:53 server-addc.dom.loc named[2418]: exiting (due to fatal error) > lug 27 14:39:53 server-addc.dom.loc systemd[1]: named.service: Control process exited, code=exited status=1 > lug 27 14:39:53 server-addc.dom.loc systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). > lug 27 14:39:53 server-addc.dom.loc systemd[1]: named.service: Unit entered failed state. > lug 27 14:39:53 server-addc.dom.loc systemd[1]: named.service: Failed with result 'exit-code'. > > The sam.ldb is present and accessible by named: > > # ll -d /var/lib/samba/private/dns/sam.ldb > -rw-rw----. 1 root named 3014656 27 lug 13.46 /var/lib/samba/private/dns/sam.ldb > # ll -d /var/lib/samba/private/dns/ > drwxrwx---. 3 root named 38 27 lug 13.46 /var/lib/samba/private/dns/ > # ll -d /var/lib/samba/private/ > drwxr-x---. 8 root named 4096 27 lug 15.10 /var/lib/samba/private/ > > If I start named as root (without systemd ) with this command: > > # /usr/sbin/named -u named -c /etc/named.conf > > All work fine > > Some suggest? > > Many thanks > How does the unit file look like? //Zdenek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
