Web lists-archives.com

[Samba] Troubles upgrading jailed DC from 4.8.7 to 4.8.9




Hello.

On several FreeBSD 11.2/amd64 servers, I've got a jail dedicated to running Samba as an AD DC.

Some days ago I upgraded one of them from 4.8.7 to 4.8.9 and suddenly everything stopped working. Since it was a production box, I immediately restored the whole jail from a backup, with no chance to better investigate.



Today, with more time, I tried on another server and again I run into trouble (although I'm not sure the details are exactly the same).

After the upgrade Samba would not start at all, with the following in the logs:
[2019/02/17 18:15:35.200206,  0] ../source4/smbd/server.c:502(binary_smbd_main)
  samba version 4.8.9 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2018
root@dc1:~ # [2019/02/17 18:15:35.379881,  0] ../source4/smbd/server.c:674(binary_smbd_main)
  binary_smbd_main: samba: using 'standard' process model
[2019/02/17 18:15:35.384663,  0] ../source4/nbt_server/interfaces.c:228(nbtd_add_socket)
  Failed to bind to 10.1.2.34:137 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED
[2019/02/17 18:15:35.384752,  0] ../source4/smbd/service_task.c:36(task_server_terminate)
  task_server_terminate: task_server_terminate: [nbtd failed to setup interfaces]
[2019/02/17 18:15:35.396234,  0] ../lib/util/become_daemon.c:138(daemon_ready)
  daemon_ready: STATUS=daemon 'samba' finished starting up and ready to serve connections
[2019/02/17 18:15:35.397963,  0] ../source4/smbd/server.c:288(samba_terminate)
  samba_terminate: samba_terminate of samba 98006: nbtd failed to setup interfaces

10.1.2.34 is the jail's own IP and I'm sure nothing is running on port 137 there.

Relevant part of my smb4.conf

[global]
        allow dns updates=nonsecure
        log level=1
        workgroup = XXXXX
        realm = xxxxx.xxxxxxxx.xx
        netbios name = DC1
        server role = active directory domain controller
        idmap_ldb:use rfc2307 = yes
        dns forwarder=10.1.2.13 10.1.2.15
        interfaces=vlan1 10.1.2.34/24
        bind interfaces only=yes
        ntlm auth=YES

After a web search I found the solution is to add:
>         server services=-nbt

Is this problem expected? Or a regression?
Will this workaround have any side-effect?

 bye & Thanks
	av.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba