Web lists-archives.com

Re: [Samba] corrupted db after upgrading to 4.7




On Mon, 6 Nov 2017 11:39:50 +0100 (CET)
Maxence SARTIAUX via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hello.
> 
> To follow-up this issue, since the upgrade, when i do a named reload
> it crash, look like there's duplicated zones.
> 
> Here's the log when i trigger a reload
> 
> 
> nov 05 03:09:02 data.contoso.com named[2807]: received control
> channel command 'reload' nov 05 03:09:02 data.contoso.com
> named[2807]: loading configuration from '/etc/named.conf' nov 05
> 03:09:02 data.contoso.com named[2807]: reading built-in trusted keys
> from file '/etc/named.iscdlv.key' nov 05 03:09:02 data.contoso.com
> named[2807]: initializing GeoIP Country (IPv4) (type 1) DB nov 05
> 03:09:02 data.contoso.com named[2807]: GEO-106FREE 20160607 Build 1
> Copyright (c) 2016 MaxMind nov 05 03:09:02 data.contoso.com
> named[2807]: initializing GeoIP Country (IPv6) (type 12) DB nov 05
> 03:09:02 data.contoso.com named[2807]: GEO-106FREE 20160607 Build 1
> Copy nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv4)
> (type 2) DB not available nov 05 03:09:02 data.contoso.com
> named[2807]: GeoIP City (IPv4) (type 6) DB not available nov 05
> 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv6) (type 30) DB
> not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP
> City (IPv6) (type 31) DB not available nov 05 03:09:02
> data.contoso.com named[2807]: GeoIP Region (type 3) DB not available
> nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Region (type 7)
> DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP
> ISP (type 4) DB not available nov 05 03:09:02 data.contoso.com
> named[2807]: GeoIP Org (type 5) DB not available nov 05 03:09:02
> data.contoso.com named[2807]: GeoIP AS (type 9) DB not available nov
> 05 03:09:02 data.contoso.com named[2807]: GeoIP Domain (type 11) DB
> not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP
> NetSpeed (type 10) DB not available nov 05 03:09:02 data.contoso.com
> named[2807]: using default UDP/IPv4 port range: [1024, 65535] nov 05
> 03:09:02 data.contoso.com named[2807]: using default UDP/IPv6 port
> range: [1024, 65535] nov 05 03:09:02 data.contoso.com named[2807]:
> sizing zone task pool based on 6 zones nov 05 03:09:02
> data.contoso.com named[2807]: Loading 'AD DNS Zone' using driver
> dlopen nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz:
> starting configure nov 05 03:09:02 data.contoso.com named[2807]:
> samba_dlz: Ignoring duplicate zone 'ratchet.com' from
> 'DC=@,DC=ratchet.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com'
> nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring
> duplicate zone '17.172.in-addr.arpa' from
> 'DC=@,DC=17.172.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com'
> nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring
> duplicate zone 'johndoe.com' from
> 'DC=@,DC=johndoe.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com'
> nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring
> duplicate zone 'contoso.com' from
> 'DC=@,DC=contoso.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com'
> nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring
> duplicate zone '_msdcs.contoso.com' from
> 'DC=@,DC=_msdcs.contoso.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=contoso,DC=com'
> nov 05 03:09:02 data.contoso.com named[2807]: using built-in DLV key
> for view _default nov 05 03:09:02 data.contoso.com named[2807]:
> automatic empty zone: 10.IN-ADDR.ARPA nov 05 03:09:02
> data.contoso.com named[2807]: automatic empty zone:
> 16.172.IN-ADDR.ARPA .... nov 05 03:09:02 data.contoso.com
> named[2807]: automatic empty zone: 110.100.IN-ADDR.ARPA nov 05
> 03:09:02 data.contoso.com systemd[1]: named.service: main process
> exited, code=killed, status=6/ABRT nov 05 03:09:02 data.contoso.com
> sh[24531]: kill: échec de changement de d'envoi de signal vers 2807:
> Aucun processus de ce type nov 05 03:09:02 data.contoso.com
> systemd[1]: named.service: control process exited, code=exited
> status=1 nov 05 03:09:02 data.contoso.com sh[24537]: Utilisation :
> nov 05 03:09:02 data.contoso.com sh[24537]: kill [options] <pid|nom>
> [...] nov 05 03:09:02 data.contoso.com sh[24537]: Options : nov 05
> 03:09:02 data.contoso.com sh[24537]: -a, --all              ne pas
> restreindre la conversion de nom en PID aux nov 05 03:09:02
> data.contoso.com sh[24537]: processus avec le même UID que le
> processus actuel nov 05 03:09:02 data.contoso.com sh[24537]: -s,
> --signal <sig>     envoyer le signal indiqué nov 05 03:09:02
> data.contoso.com sh[24537]: -q, --queue <sig>      utiliser
> sigqueue(2) au lieu de kill(2) nov 05 03:09:02 data.contoso.com
> sh[24537]: -p, --pid              afficher les PID sans leur envoyer
> de signal nov 05 03:09:02 data.contoso.com sh[24537]: -l, --list
> [=<signal>] afficher les noms de signal, ou en convertir un en nom
> nov 05 03:09:02 data.contoso.com sh[24537]: -L, --table
> afficher les noms et numéros de signal nov 05 03:09:02
> data.contoso.com sh[24537]: -h, --help     afficher cette aide et
> quitter nov 05 03:09:02 data.contoso.com sh[24537]: -V, --version
> afficher les informations de version et quitter nov 05 03:09:02
> data.contoso.com sh[24537]: Consultez kill(1) pour obtenir des
> précisions complémentaires. nov 05 03:09:02 data.contoso.com
> systemd[1]: named.service: control process exited, code=exited
> status=1 nov 05 03:09:02 data.contoso.com systemd[1]: Reload failed
> for Berkeley Internet Name Domain (DNS). nov 05 03:09:02
> data.contoso.com systemd[1]: Unit named.service entered failed state.
> nov 05 03:09:02 data.contoso.com systemd[1]: named.service failed.
> 
> 
> 
> Is it related to Samba after the same bug ?
> 
> If i remove the samba dlz part in the named config, it's fine.
> 
> Thanks :)
> 
> 
> 
> ----- Mail original -----
> De: "Denis Cardon" <dcardon@xxxxxxxxxxx>
> À: "Maxence Sartiaux" <msartiaux@xxxxxxxxxxxxx>, "Andrew Bartlett"
> <abartlet@xxxxxxxxx> Cc: samba@xxxxxxxxxxxxxxx
> Envoyé: Vendredi 3 Novembre 2017 11:02:18
> Objet: Re: [Samba] corrupted db after upgrading to 4.7
> 
> Hi Maxence,
> 
> > Fyi, i've updated to 4.7.1, the dbcheck still not fix the broken
> > links, is the fix you talk about planned for a future release ?
> >
> > Our customer reported me, some users have issues when their logon
> > server is DC1 but not when it's DC2.
> >
> > On DC1 some users have access to all shares, some doesn't have any
> > access at all.
> 
> actually this last symptom was the one that got us to hack quickly a 
> solution for the issue with orphaned backlink attribute 'memberOf'. 
> You'll probably have to do some cleanup as I pointed out in my last
> mail.
> 
> The bugzilla entry [1] you mentioned and corresponding patch prevents 
> the problem from happening, but I don't think it fixes it.
> 
> Cheers,
> 
> Denis
> 
> [1] https://bugzilla.samba.org/show_bug.cgi?id=13095
> 
> >
> >
> >
> > On 11/02/2017 04:38 PM, Andrew Bartlett wrote:
> >> On Thu, 2017-11-02 at 16:19 +0100, Maxence Sartiaux via samba
> >> wrote:
> >>>
> >> No worries.
> >>
> >> Andrew Bartlett
> >>
> >
> 

Can you post your named conf files.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba