On 6 September 2010 04:59, Eric <[email protected]> wrote: > Bind won't start after implementing: > Step 8 Configure DNS --from-- http://wiki.samba.org/index.php/Samba4/HOWTO > > Here are my System Logs: > Sep 5 22:27:12 saturn named[4068]: loading configuration from > '/etc/bind/named.conf' > Sep 5 22:27:12 saturn named[4068]: /usr/local/samba/private/named.conf:14: > open: /usr/local/samba/private/named.conf.update: permission denied > Sep 5 22:27:12 saturn named[4068]: loading configuration: permission denied > Sep 5 22:27:12 saturn named[4068]: exiting (due to fatal error)
It's probably Apparmor blocking access to /usr/local/samba/private/* and /var/tmp/DNS_104. I have this in my /etc/apparmor.d/usr.sbin.named file: # Support for Samba4 /usr/local/samba/private/named.conf.update r, /usr/local/samba/private/dns.keytab kr, /var/tmp/DNS_104 w, Run "invoke-rc.d apparmor reload" after changing that file. I'm not sure if the DNS_104 file will always be called that, but when I tried it, that's what it was called. I'm not sure what it's used for, but something to do with GSSAPI it seems. > I am using Ubuntu Lucid, all packages are uptodate. > > I have installed source4 and source3 with the goal of creating franky I think that the plans for how to merge Samba3 and Samba4 have changed a bit since the original "franky" plan. I've CCed the samba-technical list in case someone there would like to comment on this :) > Here is some extra info: > The first scan is with the include in my named.conf.local the second is > without the include, as you can see BIND starts right back up again no > problem > I have changed group permissions to reflect group "bind" on named.conf and > named.conf.update, because I thought that might be the issue... it did not > seem to work, also group permissions for bind are read only. > -------------------------------------------------------------------- > > nmap -sS -sV -O -T4 -n -v 192.168.1.103 > > 192.168.1.103 > 80/tcp open http Apache httpd 2.2.14 ((Ubuntu)) > 389/tcp open ldap OpenLDAP 2.2.X > 464/tcp open kpasswd5? > 749/tcp open rpcbind > Device type: general purpose > Running: Linux 2.6.X > OS details: Linux 2.6.17 - 2.6.24 > Network Distance: 0 hops > TCP Sequence Prediction: Difficulty=198 (Good luck!) > IP ID Sequence Generation: All zeros > Nmap done: 1 IP address (1 host up) scanned in 33.75 seconds > -------------------------------------------------------------------- > -------------------------------------------------------------------- > -------------------------------------------------------------------- > > nmap -sS -sV -O -T4 -n -v 192.168.1.103 > > 192.168.1.103 > 53/tcp open domain ISC BIND 9.7.0-P1 > 80/tcp open http Apache httpd 2.2.14 ((Ubuntu)) > 135/tcp open msrpc? > 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: SATURN) > 389/tcp open ldap OpenLDAP 2.2.X > 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: SATURN) > 1024/tcp open kdm? > 10000/tcp open http Webmin httpd > Device type: general purpose > Running: Linux 2.6.X > OS details: Linux 2.6.17 - 2.6.24 > Network Distance: 0 hops > TCP Sequence Prediction: Difficulty=201 (Good luck!) > IP ID Sequence Generation: All zeros > Nmap done: 1 IP address (1 host up) scanned in 108.24 seconds > -------------------------------------------------------------------- > > Thanks for any help, > Eric -- Michael Wood <[email protected]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
