Web lists-archives.com

Re: [Samba] Problem with named.service




Good morning!

After I changed some permissions and owners of some files where Rowland told me, I have the next escenary:

[root@proxy ~]# systemctl status named.service 
● named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
  Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
  Process: 1073 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
 Main PID: 1278 (named)
   CGroup: /system.slice/named.service
           └─1278 /usr/sbin/named -u named -c /etc/named.conf -4

Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone gmu.local
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#62351: update 'gmu.local/IN' denied
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: disallowing update of signer=ADMISIONES1\$\@GMU.LOCAL name=ADMISIONES1.gmu.local ty...insuficient access rights
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#51971/key ADMISIONES1\$\@GMU.LOCAL: updating zone 'gmu.local/NONE': update ...REFUSED)
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone gmu.local
Jun 11 09:06:45 proxy named[1278]: samba_dlz: starting transaction on zone gmu.local
Jun 11 09:06:45 proxy named[1278]: client 172.20.2.23#56645: update 'gmu.local/IN' denied
Jun 11 09:06:45 proxy named[1278]: samba_dlz: cancelling transaction on zone gmu.local




 
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net) 

    El sábado, 9 de junio de 2018 7:53:21 p. m. GMT-4, Fermin Francisco <abcddo@xxxxxxxxx> escribió:  
 
 Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:

[root@pc ~]# ls -l /etc/resolv.conf

-rw-r--r--. 1 root root 78 Jun  7 17:32 /etc/resolv.conf------------------------------------------------------------------------------
[root@pc ~]# ls -l /etc/hosts

-rw-r--r--. 1 root root 193 Dec  4  2017 /etc/hosts
------------------------------------------------------------------------------

[root@pc ~]# ls -l /etc/hostname

-rw-r--r--. 1 root root 6 Mar 15  2017 /etc/hostname
------------------------------------------------------------------------------

[root@pc ~]# ls -l /etc/krb5.conf

-rw-r--r-- 1 root named 275 Jun  7 21:14 /etc/krb5.conf------------------------------------------------------------------------------

[root@pc ~]# ls -l /etc/named.conf

-rw-r----- 1 named named 673 Jun  9 13:00 /etc/named.conf
-----------------------------------------------------------------------------
[root@pc ~]# ls -l /usr/local/samba/etc/smb.conf

-rw-r--r--. 1 root root 481 Jun  9 07:50 /usr/local/samba/etc/smb.conf------------------------------------------------------------------------------

[root@pc ~]# ls -l /usr/local/samba/private/named.conf

-rwx------. 1 named named 738 Jun  9 13:17 /usr/local/samba/private/named.conf------------------------------------------------------------------------------

[root@pc ~]# ls -l /var/named/

total 7276drwxr-x---  7 root  named     4096 Jun  6 17:01 chroot
drwxr-x---  7 root  named     4096 Jun  6 17:01 chroot_sdb
-rw-------  1 named named 59031552 Jun  9 13:17 core.2775
drwxrwx---. 2 named named     4096 Apr 12 14:48 data
-rw-------  1 named named     4619 Jun  9 16:41 _default.tsigkeys
drwxrwx---. 2 named named     4096 Jun  9 10:00 dynamic
drwxrwx---. 2 root  named     4096 Aug 23  2017 dyndb-ldap
-rw-r-----  1 root  named     2281 May 22  2017 named.ca
-rw-r-----  1 root  named      152 Dec 15  2009 named.empty
-rw-r-----  1 root  named      152 Jun 21  2007 named.localhost
-rw-r-----  1 root  named      168 Dec 15  2009 named.loopback
drwxrwx---  2 named named     4096 Apr 12 14:48 slaves
-rw-------  1 named named        0 Jun  6 16:53 tmp-NCmwqgdbNj
-rw-------  1 named named        0 Jun  6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------


[root@pc ~]# ls -l /etc/sysconfig/selinux

lrwxrwxrwx. 1 root root 17 Mar 15  2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------


[root@pc ~]# ls -l /etc/init.d/samba4

-rwxr-xr-x. 1 root root 1150 Mar 15  2017 /etc/init.d/samba4
------------------------------------------------------------------------------


[root@pc ~]# ls -l /usr/local/samba/private/dns.keytab

-rwx------. 1 root named 707 Mar 15  2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------



José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)


José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net) 

    El sábado, 9 de junio de 2018 7:13:24 p. m. AST, Fermin Francisco <abcddo@xxxxxxxxx> escribió:  
 
 Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:

[root@pc ~]# ls -l /etc/resolv.conf-rw-r--r--. 1 root root 78 Jun  7 17:32 /etc/resolv.conf------------------------------------------------------------------------------
[root@pc ~]# ls -l /etc/hosts-rw-r--r--. 1 root root 193 Dec  4  2017 /etc/hosts
------------------------------------------------------------------------------

[root@pc ~]# ls -l /etc/hostname-rw-r--r--. 1 root root 6 Mar 15  2017 /etc/hostname
------------------------------------------------------------------------------

[root@pc ~]# ls -l /etc/krb5.conf-rw-r--r-- 1 root named 275 Jun  7 21:14 /etc/krb5.conf------------------------------------------------------------------------------

[root@pc ~]# ls -l /etc/named.conf-rw-r----- 1 named named 673 Jun  9 13:00 /etc/named.conf
[root@pc ~]# ls -l /usr/local/samba/etc/smb.conf-rw-r--r--. 1 root root 481 Jun  9 07:50 /usr/local/samba/etc/smb.conf------------------------------------------------------------------------------

[root@pc ~]# ls -l /usr/local/samba/private/named.conf-rwx------. 1 named named 738 Jun  9 13:17 /usr/local/samba/private/named.conf------------------------------------------------------------------------------

[root@pc ~]# ls -l /var/named/total 7276drwxr-x---  7 root  named     4096 Jun  6 17:01 chrootdrwxr-x---  7 root  named     4096 Jun  6 17:01 chroot_sdb-rw-------  1 named named 59031552 Jun  9 13:17 core.2775drwxrwx---. 2 named named     4096 Apr 12 14:48 data-rw-------  1 named named     4619 Jun  9 16:41 _default.tsigkeysdrwxrwx---. 2 named named     4096 Jun  9 10:00 dynamicdrwxrwx---. 2 root  named     4096 Aug 23  2017 dyndb-ldap-rw-r-----  1 root  named     2281 May 22  2017 named.ca-rw-r-----  1 root  named      152 Dec 15  2009 named.empty-rw-r-----  1 root  named      152 Jun 21  2007 named.localhost-rw-r-----  1 root  named      168 Dec 15  2009 named.loopbackdrwxrwx---  2 named named     4096 Apr 12 14:48 slaves-rw-------  1 named named        0 Jun  6 16:53 tmp-NCmwqgdbNj-rw-------  1 named named        0 Jun  6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------


[root@pc ~]# ls -l /etc/sysconfig/selinuxlrwxrwxrwx. 1 root root 17 Mar 15  2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------


[root@pc ~]# ls -l /etc/init.d/samba4-rwxr-xr-x. 1 root root 1150 Mar 15  2017 /etc/init.d/samba4
------------------------------------------------------------------------------


[root@pc ~]# ls -l /usr/local/samba/private/dns.keytab-rwx------. 1 root named 707 Mar 15  2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------



José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net) 

    El sábado, 9 de junio de 2018 2:15:50 p. m. AST, Dr. Hansjörg Maurer <hansjoerg.maurer@xxxxxxx> escribió:  
 
 Hi

can you post your /etc/krb5.conf

Regards


Hansjörg




-- 
Dr. Hansjörg Maurer
itsystems Deutschland AG
Erzgießereistr. 22
80335 München
Tel:  +49-89-52 04 68-41
Fax:  +49-89-52 04 68-59
E-Mail: hansjoerg.maurer@xxxxxxx
Web:    http://www.itsd.de


Amtsgericht München HRB 132146
USt-IdNr. DE 812991301
Steuer-Nr. 143/100/81575

Aufsichtsratsvorsitzender:
Stefan Adam
Vorstand:
Dr. Michael Krocka
Dr. Hansjörg Maurer



----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an hansjoerg.maurer@xxxxxxx.

Our system is equipped with an email encryption gateway. If you want email sent to you to be encrypted please send a S/MIME signed email or your PGP public key to hansjoerg.maurer@xxxxxxx.

      
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba