Web lists-archives.com

Re: [Samba] self compiled 4.10.3 replication failure.

On Mon, 20 May 2019, Nico Kadel-Garcia wrote:

On Mon, May 20, 2019 at 3:33 PM <me@xxxxxxxxxx> wrote:

On Sat, 18 May 2019, Nico Kadel-Garcia wrote:

On Wed, May 15, 2019 at 4:32 PM Tom Diehl via samba
<samba@xxxxxxxxxxxxxxx> wrote:


I have a new Centos 7.6 VM that I self compiled 4.10.3 and joined it to an
existing samba AD domain that has 2 existing DCs. One of the existing DCs is
running 4.8.7 and the other is running 4.7.7. Everything looks OK except
that when I run samba-tool drs showrepl on the new DC (VDC4) I get the
following output:

"self-compiled" can include a lot of sins, especially if trying to
place it alongside *or* in place of the provided libraries for tevent,
ldb, tdb, and talloc. Let me point you to my git repo,

Well OK maybe I should have said self compiled using the instructions
@ https://wiki.samba.org/index.php/Build_Samba_from_Source#configure and
the package list from https://wiki.samba.org/index.php/Package_Dependencies_Required_to_Build_Samba#Red_Hat_Enterprise_Linux_7_.2F_CentOS_7_.2F_Scientific_Linux_7
substituting python36-devel for python-devel and adding python32-dns
to get the samba-tool dns module to work.
None of the distro samba packages are installed.

TBH, I am guessng about the package list given the change from python2 to python3
as it does not look like the wiki has been updated for 4.10.x.

https:/github.com/nkadel/samba4repo/, with submodules for samba
itself, talloc, tevent, etc., etc. It's built to use the official
upstream tarballs from www.samba.org, not tarballs from *me*, and that
also will give you a good git repo you can use to manage any
compilation options in the ".spec" file.

Is there a way to only build the Centos bits using your git repo? I have no
Fedora machines and so far I have not been successful in getting the above
to build on a Centos 7 VM using the version of Mock supplied by the Centos

Yeah. Comment out the other operating systems in the Makefiles.
Install the dependencies, as  RPMs, in order. The order in the top
level Makefile should get you through the process.

OK, I thought about that but I was wondering if there was an easier way.
Thanks for confirming that.

Hmm. some classic questions include "is SELinux on", and "which
Kerberos did you use, the supported internal Heimdal Kerberos or the
experimental support for MIT kerberos?

SELinux is in permissive and my configure line is simply ./configure so no MIT
here. IMO no one in their right mind would try to use MIT in production.

If you just run "./configure" and then "make install, you can wind up
interleaving RPM based components on top of system components. Some of
the critical libraries are system libraries, used by other components,
and may not have been updated or may show up before your new compiled
versions based the system's LD_LIBRARY_PATH and other factors. I can't
try to debug that without a good look at what you have in place, and
where you put things, deliberately or accidentally. This is precisely
why I publish RPM's, and why for someone who doesn't like to play with
this stuff I'd actually they spend some money and pay for the Sernet,
commercially supported binaries.

Here's where I disagree. When you run ./configure, make and make install
everything gets put into /usr/local/samba by default. It is not installed
over top of any system components.

Not that I recommend this as a standard practice but if you totally screw the
pooch on a build for whatever reason all you have to do is
rm -r /usr/local/samba and you get to start over. I have tested this and know
that it works. :-)

Obviously if you do that to a DC that is joined to a domain, you have more than
that to clean up.


Tom			me@xxxxxxxxxx

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba