Merge into ubuntu/devel : jammy-samba-bind918 : lp:~ahasenack/ubuntu/+source/samba : Git : Code : samba package : Ubuntu

Status:

Merged

Merged at revision:

70e5e938e81d75618f077cb5e906ee9a35859549

Proposed branch:

~ahasenack/ubuntu/+source/samba:jammy-samba-bind918

Merge into:

ubuntu/+source/samba:ubuntu/devel

Diff against target:

159 lines (+118/-2)

5 files modified

debian/changelog (+11/-0)
debian/patches/add-support-for-bind-918-2.patch (+51/-0)
debian/patches/add-support-for-bind-918.patch (+54/-0)
debian/patches/series (+2/-0)
debian/samba-libs.install (+0/-2)

Related bugs:

Bug #1964032: Support bind 9.18

Undecided

Fix Released

Link a bug report

Reviewer	Date Requested	Status
Bryce Harrington (community)	2022-03-25	Approve on 2022-03-25
Canonical Server	2022-03-25	Pending
Review via email: mp+417699@code.qastaging.launchpad.net

Description of the change

The diff won't look ok until my 0ubuntu3 upload is fully built (currently just riscv64 is missing, it takes over 4h), but it should be fine after that.

If it's too bad, then you can diff it against ahasenack/jammy-ctdb-nfs-mvp-fixes, which is what 0ubuntu3 is

I was waiting for upstream's final word on this, but it didn't come yet. I did test this with bind 9.18, and stated as such in the upstream bug.

Samba 4 AD DC provisioning is a bit fragile in the sense that many things need to be just right before the script will complete.

Here is a log of the provisioning I did to test this patch, with bind 9.18.0 (not 9.18.1) installed:

root@dc:~# samba-tool domain provision --domain=EXAMPLE --realm EXAMPLE.FAKE --adminpass='Passw0rd!' --server-role=dc --use-rfc2307 --dns-backend=BIND9_DLZ
INFO 2022-03-07 19:58:25,417 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2105: Looking up IPv4 addresses
INFO 2022-03-07 19:58:25,418 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2122: Looking up IPv6 addresses
WARNING 2022-03-07 19:58:25,418 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2129: No IPv6 address will be assigned
INFO 2022-03-07 19:58:25,608 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2271: Setting up share.ldb
INFO 2022-03-07 19:58:25,724 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2275: Setting up secrets.ldb
INFO 2022-03-07 19:58:25,812 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2280: Setting up the registry
INFO 2022-03-07 19:58:26,143 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2283: Setting up the privileges database
INFO 2022-03-07 19:58:26,311 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2286: Setting up idmap db
INFO 2022-03-07 19:58:26,426 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2293: Setting up SAM db
INFO 2022-03-07 19:58:26,472 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #880: Setting up sam.ldb partitions and settings
INFO 2022-03-07 19:58:26,475 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #892: Setting up sam.ldb rootDSE
INFO 2022-03-07 19:58:26,496 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1305: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs

INFO 2022-03-07 19:58:26,585 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1383: Adding DomainDN: DC=example,DC=fake
INFO 2022-03-07 19:58:26,628 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1415: Adding configuration container
INFO 2022-03-07 19:58:26,681 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1430: Setting up sam.ldb schema
INFO 2022-03-07 19:58:29,077 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1448: Setting up sam.ldb configuration data
INFO 2022-03-07 19:58:29,187 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1489: Setting up display specifiers
INFO 2022-03-07 19:58:30,708 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1497: Modifying display specifiers and extended rights
INFO 2022-03-07 19:58:30,747 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1504: Adding users container
INFO 2022-03-07 19:58:30,749 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1510: Modifying users container
INFO 2022-03-07 19:58:30,750 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1513: Adding computers container
INFO 2022-03-07 19:58:30,753 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1519: Modifying computers container
INFO 2022-03-07 19:58:30,754 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1523: Setting up sam.ldb data
INFO 2022-03-07 19:58:30,858 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1553: Setting up well known security principals
INFO 2022-03-07 19:58:30,907 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1567: Setting up sam.ldb users and groups
INFO 2022-03-07 19:58:30,995 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1575: Setting up self join
check_spn_alias_collision: trying to add SPN 'DNS/dc.example.fake' on 'CN=dns-dc,CN=Users,DC=example,DC=fake' when 'host/dc.example.fake' is on 'CN=DC,OU=Domain Controllers,DC=example,DC=fake
'
Repacking database from v1 to v2 format (first record CN=ms-SPP-Activation-Objects-Container,CN=Schema,CN=Configuration,DC=example,DC=fake)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=411,CN=DisplaySpecifiers,CN=Configuration,DC=example,DC=fake)
Repacking database from v1 to v2 format (first record CN=Distributed COM Users,CN=Builtin,DC=example,DC=fake)
INFO 2022-03-07 19:58:32,169 pid:12798 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1200: Adding DNS accounts
INFO 2022-03-07 19:58:32,224 pid:12798 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1234: Creating CN=MicrosoftDNS,CN=System,DC=example,DC=fake
INFO 2022-03-07 19:58:32,246 pid:12798 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1247: Creating DomainDnsZones and ForestDnsZones partitions
INFO 2022-03-07 19:58:32,348 pid:12798 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1252: Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record DC=ForestDnsZones,DC=example.fake,CN=MicrosoftDNS,DC=DomainDnsZones,DC=example,DC=fake)
Repacking database from v1 to v2 format (first record DC=_ldap._tcp.pdc,DC=_msdcs.example.fake,CN=MicrosoftDNS,DC=ForestDnsZones,DC=example,DC=fake)
INFO 2022-03-07 19:58:32,762 pid:12798 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1334: See /var/lib/samba/bind-dns/named.conf for an example configuration include file for B
IND
INFO 2022-03-07 19:58:32,762 pid:12798 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1336: and /var/lib/samba/bind-dns/named.txt for further documentation required for secure DN
S updates
INFO 2022-03-07 19:58:32,823 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2009: Setting up sam.ldb rootDSE marking as synchronized
INFO 2022-03-07 19:58:32,834 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2014: Fixing provision GUIDs
INFO 2022-03-07 19:58:33,601 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2345: A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/pr
ivate/krb5.conf
INFO 2022-03-07 19:58:33,603 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2347: Merge the contents of this file with your system krb5.conf or replace it with this one
. Do not create a symlink!
INFO 2022-03-07 19:58:33,708 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2079: Setting up fake yp server settings
INFO 2022-03-07 19:58:33,838 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #487: Once the above files are installed, your Samba AD server will be ready to use
INFO 2022-03-07 19:58:33,839 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #492: Server Role: active directory domain controller
INFO 2022-03-07 19:58:33,839 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #493: Hostname: dc
INFO 2022-03-07 19:58:33,840 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #494: NetBIOS Domain: EXAMPLE
INFO 2022-03-07 19:58:33,840 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #495: DNS Domain: example.fake
INFO 2022-03-07 19:58:33,840 pid:12798 /usr/lib/python3/dist-packages/samba/provision/__init__.py #496: DOMAIN SID: S-1-5-21-752986753-809568876-3657250493

When bind is started, it logs for this zone:
Mar 25 18:42:48 dc.example.fake named[1415]: Loading 'AD DNS Zone' using driver dlopen
Mar 25 18:42:48 dc.example.fake named[1415]: samba_dlz: started for DN DC=example,DC=fake
Mar 25 18:42:48 dc.example.fake named[1415]: samba_dlz: starting configure
Mar 25 18:42:48 dc.example.fake named[1415]: samba_dlz: configured writeable zone 'example.fake'
Mar 25 18:42:48 dc.example.fake named[1415]: samba_dlz: configured writeable zone '_msdcs.example.fake'

And it answers queries for computers that joined the domain:
root@dc:~# samba-tool computer list
DC$
MEMBER2$
root@dc:~# host member2.example.fake 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:

member2.example.fake has address 192.168.122.211

And logs, after I turn on query log:
Mar 25 18:45:31 dc.example.fake named[1415]: client @0x7feb2ca30590 127.0.0.1#48281 (member2.example.fake): query: member2.example.fake IN A + (127.0.0.1)
Mar 25 18:45:31 dc.example.fake named[1415]: client @0x7feb2ca30590 127.0.0.1#55542 (member2.example.fake): query: member2.example.fake IN AAAA + (127.0.0.1)
Mar 25 18:45:31 dc.example.fake named[1415]: client @0x7feb2ca30590 127.0.0.1#40791 (member2.example.fake): query: member2.example.fake IN MX + (127.0.0.1)

I have a PPA that does not have the ctdb mvp fixes that I just uploaded:

https://launchpad.net/~ahasenack/+archive/ubuntu/samba-bind918

I'll reupload this right now.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-03-25:

#

Download full text (11.0 KiB)

I repeated the provisioning in my snapshotted vm using the samba packages from this ppa, that were just rebuilt, and bind 9.18.1 from jammy:

root@dc:~# samba-tool domain provision --domain=EXAMPLE --realm EXAMPLE.FAKE --adminpass='Passw0rd!' --server-role=dc --use-rfc2307 --dns-backend=BIND9_DLZ
INFO 2022-03-25 20:00:02,056 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2105: Looking up IPv4 addresses
INFO 2022-03-25 20:00:02,056 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2122: Looking up IPv6 addresses
WARNING 2022-03-25 20:00:02,057 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2129: No IPv6 address will be assigned
INFO 2022-03-25 20:00:02,278 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2271: Setting up share.ldb
INFO 2022-03-25 20:00:02,402 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2275: Setting up secrets.ldb
INFO 2022-03-25 20:00:02,492 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2280: Setting up the registry
INFO 2022-03-25 20:00:02,747 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2283: Setting up the privileges database
INFO 2022-03-25 20:00:02,896 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2286: Setting up idmap db
INFO 2022-03-25 20:00:03,044 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2293: Setting up SAM db
INFO 2022-03-25 20:00:03,113 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #880: Setting up sam.ldb partitions and settings
INFO 2022-03-25 20:00:03,118 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #892: Setting up sam.ldb rootDSE
INFO 2022-03-25 20:00:03,150 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1305: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs

INFO 2022-03-25 20:00:03,291 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1383: Adding DomainDN: DC=example,DC=fake ...

I repeated the provisioning in my snapshotted vm using the samba packages from this ppa, that were just rebuilt, and bind 9.18.1 from jammy:

root@dc:~# samba-tool domain provision --domain=EXAMPLE --realm EXAMPLE.FAKE --adminpass='Passw0rd!' --server-role=dc --use-rfc2307 --dns-backend=BIND9_DLZ                                    
INFO 2022-03-25 20:00:02,056 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2105: Looking up IPv4 addresses                                                               
INFO 2022-03-25 20:00:02,056 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2122: Looking up IPv6 addresses                                                               
WARNING 2022-03-25 20:00:02,057 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2129: No IPv6 address will be assigned                                                     
INFO 2022-03-25 20:00:02,278 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2271: Setting up share.ldb                                                                    
INFO 2022-03-25 20:00:02,402 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2275: Setting up secrets.ldb                                                                  
INFO 2022-03-25 20:00:02,492 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2280: Setting up the registry                                                                 
INFO 2022-03-25 20:00:02,747 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2283: Setting up the privileges database                                                      
INFO 2022-03-25 20:00:02,896 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2286: Setting up idmap db                                                                     
INFO 2022-03-25 20:00:03,044 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2293: Setting up SAM db                                                                       
INFO 2022-03-25 20:00:03,113 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #880: Setting up sam.ldb partitions and settings                                               
INFO 2022-03-25 20:00:03,118 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #892: Setting up sam.ldb rootDSE                                                               
INFO 2022-03-25 20:00:03,150 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1305: Pre-loading the Samba 4 and AD schema                                                   
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs                                                                                                   
                                                                                                                                                                                               
INFO 2022-03-25 20:00:03,291 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1383: Adding DomainDN: DC=example,DC=fake                                                     
INFO 2022-03-25 20:00:03,334 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1415: Adding configuration container                                                          
INFO 2022-03-25 20:00:03,396 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1430: Setting up sam.ldb schema                                                               
INFO 2022-03-25 20:00:05,965 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1448: Setting up sam.ldb configuration data                                                   
INFO 2022-03-25 20:00:06,129 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1489: Setting up display specifiers                                                           
INFO 2022-03-25 20:00:07,865 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1497: Modifying display specifiers and extended rights
INFO 2022-03-25 20:00:07,893 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1504: Adding users container
INFO 2022-03-25 20:00:07,896 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1510: Modifying users container
INFO 2022-03-25 20:00:07,897 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1513: Adding computers container
INFO 2022-03-25 20:00:07,899 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1519: Modifying computers container
INFO 2022-03-25 20:00:07,901 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1523: Setting up sam.ldb data
INFO 2022-03-25 20:00:07,997 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1553: Setting up well known security principals
INFO 2022-03-25 20:00:08,039 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1567: Setting up sam.ldb users and groups
INFO 2022-03-25 20:00:08,172 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #1575: Setting up self join
check_spn_alias_collision: trying to add SPN 'DNS/dc.example.fake' on 'CN=dns-dc,CN=Users,DC=example,DC=fake' when 'host/dc.example.fake' is on 'CN=DC,OU=Domain Controllers,DC=example,DC=fake'
Repacking database from v1 to v2 format (first record CN=Sync-Attributes,CN=Schema,CN=Configuration,DC=example,DC=fake)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=DS-UI-Default-Settings,CN=41F,CN=DisplaySpecifiers,CN=Configuration,DC=example,DC=fake)
Repacking database from v1 to v2 format (first record CN=Policies,CN=System,DC=example,DC=fake) 
INFO 2022-03-25 20:00:09,501 pid:929 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1200: Adding DNS accounts
INFO 2022-03-25 20:00:09,538 pid:929 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1234: Creating CN=MicrosoftDNS,CN=System,DC=example,DC=fake
INFO 2022-03-25 20:00:09,550 pid:929 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1247: Creating DomainDnsZones and ForestDnsZones partitions
INFO 2022-03-25 20:00:09,617 pid:929 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1252: Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record DC=_kpasswd._udp,DC=example.fake,CN=MicrosoftDNS,DC=DomainDnsZones,DC=example,DC=fake)
Repacking database from v1 to v2 format (first record DC=_ldap._tcp.pdc,DC=_msdcs.example.fake,CN=MicrosoftDNS,DC=ForestDnsZones,DC=example,DC=fake)
INFO 2022-03-25 20:00:09,949 pid:929 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1334: See /var/lib/samba/bind-dns/named.conf for an example configuration include file for BIN
D
INFO 2022-03-25 20:00:09,949 pid:929 /usr/lib/python3/dist-packages/samba/provision/sambadns.py #1336: and /var/lib/samba/bind-dns/named.txt for further documentation required for secure DNS 
updates
INFO 2022-03-25 20:00:10,009 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2009: Setting up sam.ldb rootDSE marking as synchronized
INFO 2022-03-25 20:00:10,021 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2014: Fixing provision GUIDs
INFO 2022-03-25 20:00:10,793 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2345: A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/priv
ate/krb5.conf
INFO 2022-03-25 20:00:10,794 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2347: Merge the contents of this file with your system krb5.conf or replace it with this one. 
Do not create a symlink!
INFO 2022-03-25 20:00:10,905 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #2079: Setting up fake yp server settings
INFO 2022-03-25 20:00:11,005 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #487: Once the above files are installed, your Samba AD server will be ready to use
INFO 2022-03-25 20:00:11,006 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #492: Server Role:           active directory domain controller
INFO 2022-03-25 20:00:11,007 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #493: Hostname:              dc
INFO 2022-03-25 20:00:11,008 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #494: NetBIOS Domain:        EXAMPLE
INFO 2022-03-25 20:00:11,009 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #495: DNS Domain:            example.fake
INFO 2022-03-25 20:00:11,010 pid:929 /usr/lib/python3/dist-packages/samba/provision/__init__.py #496: DOMAIN SID:            S-1-5-21-683605166-2336770122-869646749

And the sample bind config in /var/lib/samba/bind-dns/named.conf is correct:
# This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen support.
#
# This file should be included in your main BIND configuration file
#
# For example with
# include "/var/lib/samba/bind-dns/named.conf";

#
# This configures dynamically loadable zones (DLZ) from AD schema
# Uncomment only single database line, depending on your BIND version
#
dlz "AD DNS Zone" {
    # For BIND 9.8.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so";

# For BIND 9.9.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so";

# For BIND 9.10.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_10.so";

# For BIND 9.11.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so";

# For BIND 9.12.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_12.so";

# For BIND 9.14.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_14.so";

# For BIND 9.16.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_16.so";
    #
    # For BIND 9.18.x
     database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_18.so";
};

And the dlz zone was loaded:
Mar 25 20:02:48 dc.example.fake named[1122]: Loading 'AD DNS Zone' using driver dlopen                                                                                                         
Mar 25 20:02:48 dc.example.fake named[1122]: samba_dlz: started for DN DC=example,DC=fake                                                                                                      
Mar 25 20:02:48 dc.example.fake named[1122]: samba_dlz: starting configure                                                                                                                     
Mar 25 20:02:48 dc.example.fake named[1122]: samba_dlz: configured writeable zone 'example.fake'                                                                                               
Mar 25 20:02:48 dc.example.fake named[1122]: samba_dlz: configured writeable zone '_msdcs.example.fake'

And it's resolving:
root@dc:~# hostname -f
dc.example.fake

root@dc:~# dig -t soa @127.0.0.1 example.fake +short
dc.example.fake. hostmaster.example.fake. 1 900 600 86400 3600

root@dc:~# dig -t a @127.0.0.1 dc.example.fake +short
192.168.122.199

Revision history for this message

Bryce Harrington (bryce) wrote on 2022-03-25:

#

Ok, given this MP diff spans two versions, I'll look just at the individual commits:

https://git.launchpad.net/~ahasenack/ubuntu/+source/samba/commit/?id=0745aca69ba9b06c1899ba52bcb42db125516dd1
- Adds one patch from upstream, which adds check for version 9.18
- Looks like it carries forward essentially same settings as for 9.16

https://git.launchpad.net/~ahasenack/ubuntu/+source/samba/commit/?id=124928f7719eea8b42cc4d2b301700bb4736bbe5
- Purely code-cosmetic, IMHO not needed but causes no harm. LGTM

https://git.launchpad.net/~ahasenack/ubuntu/+source/samba/commit/?id=0745aca69ba9b06c1899ba52bcb42db125516dd1
- Continues adding in 9.18 support by replicating what was added for 9.16

https://git.launchpad.net/~ahasenack/ubuntu/+source/samba/commit/?id=70e5e938e81d75618f077cb5e906ee9a35859549
- Changelog entry lists the above 3 changes. LGTM

I don't see anything wrong with any of the changes. I wonder if there might be other such 9.16->9.18 changes required (might be worth looking at git history around the point bind 9.14->9.16 was enabled), but presumably those will make themselves visible.

All LGTM, +1

review: Approve

Revision history for this message

Bryce Harrington (bryce) wrote on 2022-03-25:

#

Btw, I also queued up tests for the PPA. Maybe verify these pass prior to upload:

$ lp-test-ppa ppa:ahasenack/samba-bind918 --release jammy --showpass
Tests for PPA samba-bind918
---- ---- ---- ----
Release: jammy
Sources:
  SRC: samba @ 2:4.15.5~dfsg-0ubuntu4~ppa1 - Published
  SRC: samba @ 2:4.15.5~dfsg-0ubuntu2~ppa3 - Superseded
  SRC: samba @ 2:4.15.5~dfsg-0ubuntu2~ppa2 - Superseded
  SRC: samba @ 2:4.15.5~dfsg-0ubuntu2~ppa1 - Superseded
Triggers on published Sources:
                 samba @ amd64 for samba/2:4.15.5~dfsg-0ubuntu4~ppa1 Trigger @amd64 ♻️ Trigger all proposed @amd64 ♻️ 💍
                 samba @ s390x for samba/2:4.15.5~dfsg-0ubuntu4~ppa1 Trigger @s390x ♻️ Trigger all proposed @s390x ♻️ 💍
                 samba @ ppc64el for samba/2:4.15.5~dfsg-0ubuntu4~ppa1 Trigger @ppc64el ♻️ Trigger all proposed @ppc64el ♻️ 💍
                 samba @ arm64 for samba/2:4.15.5~dfsg-0ubuntu4~ppa1 Trigger @arm64 ♻️ Trigger all proposed @arm64 ♻️ 💍
                 samba @ armhf for samba/2:4.15.5~dfsg-0ubuntu4~ppa1 Trigger @armhf ♻️ Trigger all proposed @armhf ♻️ 💍
                 samba @ riscv64 for samba/2:4.15.5~dfsg-0ubuntu4~ppa1 Trigger @riscv64 ♻️ Trigger all proposed @riscv64 ♻️ 💍
Results from https://autopkgtest.ubuntu.com/results/autopkgtest-jammy-ahasenack-samba-bind918/?format=plain:
    No results published yet
Running:
Waiting:

(FTR, I also got a Traceback with a JSONDecodeError running the above. Weird.)

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-03-25:

#

Now the diff is fine

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-03-25:

#

The arm* tests failed because I didn't enable that arch in the PPA, I just enabled amd64 since the rest takes too long to build, and I didn't expect to have arch build problems due to these patches.

The amd64 tests are fine.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-03-25:

#

Thanks for the review

Uploaded:
$ dput ubuntu ../samba_4.15.5~dfsg-0ubuntu4_source.changes
D: Setting host argument.
Checking signature on .changes
gpg: ../samba_4.15.5~dfsg-0ubuntu4_source.changes: Valid signature from AC983EB5BF6BCBA9
Checking signature on .dsc
gpg: ../samba_4.15.5~dfsg-0ubuntu4.dsc: Valid signature from AC983EB5BF6BCBA9
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading samba_4.15.5~dfsg-0ubuntu4.dsc: done.
  Uploading samba_4.15.5~dfsg-0ubuntu4.debian.tar.xz: done.
  Uploading samba_4.15.5~dfsg-0ubuntu4_source.buildinfo: done.
  Uploading samba_4.15.5~dfsg-0ubuntu4_source.changes: done.
Successfully uploaded packages.

There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.

Ubuntu
samba package

Merge ~ahasenack/ubuntu/+source/samba:jammy-samba-bind918 into ubuntu/+source/samba:ubuntu/devel

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntusamba package

Merge ~ahasenack/ubuntu/+source/samba:jammy-samba-bind918 into ubuntu/+source/samba:ubuntu/devel

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntu
samba package