FS#71603 - Samba and named (bind9) fail to start following ldb upgrade to 2.4.0

Attached to Project: Arch Linux
Opened by Richard Vine (viner) - Saturday, 24 July 2021, 07:15 GMT
Last edited by Felix Yan (felixonmars) - Wednesday, 28 July 2021, 10:08 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Tobias Powalowski (tpowa)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 4
Private No

Details

Description:
Samba and named (bind) fail to start following ldb upgrade from 2.3.0 to 2.4.0 in Active Directory domain controller configuration.

Additional info:
samba 4.14.6-1
bind 9.16.18-1
2.4.0-1

* config and/or log files etc.

Samba setup as Active Directory domain controller using named as per https://wiki.archlinux.org/title/Samba/Active_Directory_domain_controller with BIND9_DLZ as DNS backend.

Samba:
Jul 24 06:28:38 xxxx systemd[1]: Starting Samba AD Daemon...
Jul 24 06:28:38 xxxx samba[568]: [2021/07/24 06:28:38.235858, 0] ../../source4/samba/server.c:644(binary_smbd_main)
Jul 24 06:28:38 xxxx samba[568]: samba version 4.14.6 started.
Jul 24 06:28:38 xxxx samba[568]: Copyright Andrew Tridgell and the Samba Team 1992-2021
Jul 24 06:28:38 xxxx samba[568]: [2021/07/24 06:28:38.236529, 0] ../../lib/util/become_daemon.c:147(daemon_status)
Jul 24 06:28:38 xxxx samba[568]: daemon_status: daemon 'samba' : Starting process...
Jul 24 06:28:38 xxxx samba[568]: [2021/07/24 06:28:38.285309, 0] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
Jul 24 06:28:38 xxxx samba[568]: ldb: WARNING: Module [samba_dsdb] not found - do you need to set LDB_MODULES_PATH?
Jul 24 06:28:38 xxxx samba[568]: [2021/07/24 06:28:38.285534, 0] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
Jul 24 06:28:38 xxxx samba[568]: ldb: Unable to load modules for /var/lib/samba/private/sam.ldb: (null)
Jul 24 06:28:38 xxxx samba[568]: [2021/07/24 06:28:38.285808, 0] ../../lib/util/become_daemon.c:121(exit_daemon)
Jul 24 06:28:38 xxxx samba[568]: exit_daemon: daemon failed to start: Samba failed to prime database, error code 22

Named:
Jul 24 06:29:36 xxxx named[570]: Loading 'AD DNS Zone' using driver dlopen
Jul 24 06:29:36 xxxx named[570]: ldb: module version mismatch in ../../source4/dsdb/samdb/ldb_modules/acl.c : ldb_version=2.4.0 module_version=2.3.0
Jul 24 06:29:36 xxxx named[570]: ldb: failed to initialise module /usr/lib/samba/ldb/acl.so : Unavailable
Jul 24 06:29:36 xxxx named[570]: samba_dlz: ldb: WARNING: Module [samba_dsdb] not found - do you need to set LDB_MODULES_PATH?
Jul 24 06:29:36 xxxx named[570]: samba_dlz: ldb: Unable to load modules for /var/lib/samba/bind-dns/dns/sam.ldb: (null)
Jul 24 06:29:36 xxxx named[570]: samba_dlz: Failed to connect to Failed to connect to /var/lib/samba/bind-dns/dns/sam.ldb: (null): Operations error
Jul 24 06:29:36 xxxx named[570]: samba_dlz: FAILED dlz_create call result=25 #refs=0
Jul 24 06:29:36 xxxx named[570]: dlz_dlopen of 'AD DNS Zone' failed


Steps to reproduce:
pacman system upgrade today which upgraded ldb from 2.3.0 to 2.4.0.

Downgrading ldb from 2.4.0 to 2.3.0 allows both samba and named to start correctly.

Presumably, samba and bind need updating whenever ldb updates as they're still expecting to use older ldb version.

Previous similar issues:
https://bugs.archlinux.org/task/50581
https://bugs.archlinux.org/task/50608
https://bugs.archlinux.org/task/55704
https://bugs.archlinux.org/task/58345
https://bugs.archlinux.org/task/70165

High severity as breaks Samba and Bind in an Active Directory domain controller configuration.
This task depends upon

Closed by  Felix Yan (felixonmars)
Wednesday, 28 July 2021, 10:08 GMT
Reason for closing:  Fixed
Additional comments about closing:  ldb 2:2.3.0-1

Loading...