Your message dated Sun, 23 Jul 2017 13:45:39 +0200 with message-id <CAFX5sbyYJ5Uz7tts4EeyqCgJ=vfmpgrdpw-_estxdbf0krz...@mail.gmail.com> and subject line Closing has caused the Debian Bug report #721015, regarding samba-ad-dc: documentation fix for named.txt from setup to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 721015: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721015 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: samba-ad-dc Version: 2:4.0.8+dfsg-1 Severity: minor Dear Maintainer, During the setup of a samba4 server the user will read /var/lib/samba/private/named.txt which is installed from /usr/share/samba/setup/named.txt. With this patch the user can paste the chgrp command and ignore the information about what Fedora 9 does: diff --git a/source4/setup/named.txt b/source4/setup/named.txt index d0657dd..a9b14c9 100644 --- a/source4/setup/named.txt +++ b/source4/setup/named.txt @@ -18,13 +18,13 @@ tkey-gssapi-keytab "${DNS_KEYTAB_ABS}"; # 2. Set appropriate ownership and permissions on the ${DNS_KEYTAB} file. # Note that the most distributions have BIND configured to run under a -# non-root user account. For example, Fedora 9 runs BIND as the user -# "named" once the daemon relinquishes its rights. Therefore, the file +# non-root user account. Debian runs BIND as the user +# "bind" once the daemon relinquishes its rights. Therefore, the file # ${DNS_KEYTAB} must be readable by the user that BIND run as. If BIND # is running as a non-root user, the "${DNS_KEYTAB}" file must have its -# permissions altered to allow the daemon to read it. Under Fedora 9, -# execute the following commands: -chgrp named ${DNS_KEYTAB_ABS} +# permissions altered to allow the daemon to read it. +# Execute the following commands: +chgrp bind ${DNS_KEYTAB_ABS} chmod g+r ${DNS_KEYTAB_ABS} # 3. Ensure the BIND zone file(s) that will be dynamically updated are in Thank you. Regards Noël -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.10-2-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---Version: 2:4.2.1+dfsg-1 This was fixed by: commit 0ca9c74f91d5e727d5d37d324d4f1b396e75b1ae Author: Andrew Bartlett <[email protected]> Date: Wed Aug 28 13:35:47 2013 +1200 provision: Rewrite named.txt to be more useful We already chown the dns.keytab file, so remove the suggestion to do that, and instead explain why we can not use chroot (an often-requested feature). First released in 4.2.0. Thanks Andrew! Regards -- Mathieu Parent
--- End Message ---
