# Support for Samba4
/usr/local/samba/private/named.conf.update r,
/usr/local/samba/private/dns.keytab kr,
/var/tmp/DNS_104 w,
Implementing the confuration above allowed me to restart bind
successfully, now I'm just getting:
***rndc: connect failed: 127.0.0.1#953: connection refused***
However, I do not think this a "samba config with DNS issue" anymore as
I was was hastily making changes to DNS to solve the problem, so
everything looks good.
HUGE THANKS!
On 09/06/2010 06:47 AM, Michael Wood wrote:
On 6 September 2010 04:59, Eric<[email protected]> wrote:
Bind won't start after implementing:
Step 8 Configure DNS --from-- http://wiki.samba.org/index.php/Samba4/HOWTO
Here are my System Logs:
Sep 5 22:27:12 saturn named[4068]: loading configuration from
'/etc/bind/named.conf'
Sep 5 22:27:12 saturn named[4068]: /usr/local/samba/private/named.conf:14:
open: /usr/local/samba/private/named.conf.update: permission denied
Sep 5 22:27:12 saturn named[4068]: loading configuration: permission denied
Sep 5 22:27:12 saturn named[4068]: exiting (due to fatal error)
It's probably Apparmor blocking access to /usr/local/samba/private/*
and /var/tmp/DNS_104.
I have this in my /etc/apparmor.d/usr.sbin.named file:
# Support for Samba4
/usr/local/samba/private/named.conf.update r,
/usr/local/samba/private/dns.keytab kr,
/var/tmp/DNS_104 w,
Run "invoke-rc.d apparmor reload" after changing that file. I'm not
sure if the DNS_104 file will always be called that, but when I tried
it, that's what it was called. I'm not sure what it's used for, but
something to do with GSSAPI it seems.
I am using Ubuntu Lucid, all packages are uptodate.
I have installed source4 and source3 with the goal of creating franky
I think that the plans for how to merge Samba3 and Samba4 have changed
a bit since the original "franky" plan.
I've CCed the samba-technical list in case someone there would like to
comment on this :)
Here is some extra info:
The first scan is with the include in my named.conf.local the second is
without the include, as you can see BIND starts right back up again no
problem
I have changed group permissions to reflect group "bind" on named.conf and
named.conf.update, because I thought that might be the issue... it did not
seem to work, also group permissions for bind are read only.
--------------------------------------------------------------------
nmap -sS -sV -O -T4 -n -v 192.168.1.103
192.168.1.103
80/tcp open http Apache httpd 2.2.14 ((Ubuntu))
389/tcp open ldap OpenLDAP 2.2.X
464/tcp open kpasswd5?
749/tcp open rpcbind
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.17 - 2.6.24
Network Distance: 0 hops
TCP Sequence Prediction: Difficulty=198 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap done: 1 IP address (1 host up) scanned in 33.75 seconds
--------------------------------------------------------------------
--------------------------------------------------------------------
--------------------------------------------------------------------
nmap -sS -sV -O -T4 -n -v 192.168.1.103
192.168.1.103
53/tcp open domain ISC BIND 9.7.0-P1
80/tcp open http Apache httpd 2.2.14 ((Ubuntu))
135/tcp open msrpc?
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: SATURN)
389/tcp open ldap OpenLDAP 2.2.X
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: SATURN)
1024/tcp open kdm?
10000/tcp open http Webmin httpd
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.17 - 2.6.24
Network Distance: 0 hops
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap done: 1 IP address (1 host up) scanned in 108.24 seconds
--------------------------------------------------------------------
Thanks for any help,
Eric
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
