Discussion:
FreeBSD-10.3p5 - Samba43-4.3.8
(too old to reply)
James B. Byrne via freebsd-questions
2016-06-22 19:42:58 UTC
Permalink
I am installing Samba43 on a BHyve VM using zfs - both host and guest.
I am using vm-bhyve on the host. When I go to provision a new AD-DC
I see this:

# samba-tool domain provision --use-ntvfs --realm=ADOMAIN.EXAMPLE.COM
--domain=ADOMAIN --server-role=dc --dns-backend=SAMBA_INTERNAL
--use-rfc2307
Administrator password will be set randomly!
Looking up IPv4 addresses
. . .
setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
ERROR(runtime): uncaught exception - pytalloc_reference_ex() called
for object type not based on talloc
File
"/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File
"/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py",
line 442, in run
nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
File
"/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 2172, in provision
skip_sysvolacl=skip_sysvolacl)
File
"/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 1864, in provision_fill
attrs=['defaultObjectCategory'])
File "/usr/local/lib/python2.7/site-packages/samba/dbchecker.py",
line 138, in check_database
error_count += self.check_object(object.dn, attrs=attrs)
File "/usr/local/lib/python2.7/site-packages/samba/dbchecker.py",
line 1358, in check_object
normalised =
self.samdb.dsdb_normalise_attributes(self.samdb_schema, attrname,
[val])
File "/usr/local/lib/python2.7/site-packages/samba/samdb.py", line
672, in dsdb_normalise_attributes
return dsdb._dsdb_normalise_attributes(ldb, ldap_display_name,
ldif_elements)

Referring to this message:
https://lists.samba.org/archive/samba-technical/2016-March/112908.html
As far as I'm aware, the only use case for this is that call
in dbcheck (here called by provision). While undesirable, the
failure message is clear (to us, and will quickly find this
thread in google), and is not an abort(), which is what was
happening in the same area for some versions previously.
I further read this:
https://lists.samba.org/archive/samba-technical/2016-March/112923.html
Could you apply the attached patches to your samba-4.3.6
and see if they fix the domain provision?
Provision of domain is OK with talloc-2.16 and samba-4.3.6 with
these patches. Thanks.
This refers to Samba43-4.3.6. It implies that the domain is not
properly provisioned without those patches. The package from ports I
am using is Samba43-4.3.8 and evidently those patches did not make it
into the source tree.

So questions remain. Do I have a working samba installation or not?
How can I tell? I do not want to get deeply into setting this stuff up
only to find that a critical piece of infrastructure either is missing
or does not work properly, if at all.

Any help with or insight into this matter gratefully accepted.

Sincerely,
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne mailto:***@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
Kevin Seidel
2016-06-22 20:34:54 UTC
Permalink
Hi James,

this bug was already reported
(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208837) and is fixed
in samba43-4.3.8_1 and samba43-4.3.9.

Regards,
Kevin
Post by James B. Byrne via freebsd-questions
I am installing Samba43 on a BHyve VM using zfs - both host and guest.
I am using vm-bhyve on the host. When I go to provision a new AD-DC
# samba-tool domain provision --use-ntvfs --realm=ADOMAIN.EXAMPLE.COM
--domain=ADOMAIN --server-role=dc --dns-backend=SAMBA_INTERNAL
--use-rfc2307
Administrator password will be set randomly!
Looking up IPv4 addresses
. . .
setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
ERROR(runtime): uncaught exception - pytalloc_reference_ex() called
for object type not based on talloc
File
"/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File
"/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py",
line 442, in run
nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode)
File
"/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 2172, in provision
skip_sysvolacl=skip_sysvolacl)
File
"/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py",
line 1864, in provision_fill
attrs=['defaultObjectCategory'])
File "/usr/local/lib/python2.7/site-packages/samba/dbchecker.py",
line 138, in check_database
error_count += self.check_object(object.dn, attrs=attrs)
File "/usr/local/lib/python2.7/site-packages/samba/dbchecker.py",
line 1358, in check_object
normalised =
self.samdb.dsdb_normalise_attributes(self.samdb_schema, attrname,
[val])
File "/usr/local/lib/python2.7/site-packages/samba/samdb.py", line
672, in dsdb_normalise_attributes
return dsdb._dsdb_normalise_attributes(ldb, ldap_display_name,
ldif_elements)
https://lists.samba.org/archive/samba-technical/2016-March/112908.html
As far as I'm aware, the only use case for this is that call
in dbcheck (here called by provision). While undesirable, the
failure message is clear (to us, and will quickly find this
thread in google), and is not an abort(), which is what was
happening in the same area for some versions previously.
https://lists.samba.org/archive/samba-technical/2016-March/112923.html
Could you apply the attached patches to your samba-4.3.6
and see if they fix the domain provision?
Provision of domain is OK with talloc-2.16 and samba-4.3.6 with
these patches. Thanks.
This refers to Samba43-4.3.6. It implies that the domain is not
properly provisioned without those patches. The package from ports I
am using is Samba43-4.3.8 and evidently those patches did not make it
into the source tree.
So questions remain. Do I have a working samba installation or not?
How can I tell? I do not want to get deeply into setting this stuff up
only to find that a critical piece of infrastructure either is missing
or does not work properly, if at all.
Any help with or insight into this matter gratefully accepted.
Sincerely,
James B. Byrne via freebsd-questions
2016-06-22 20:56:25 UTC
Permalink
Post by Kevin Seidel
Hi James,
this bug was already reported
(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208837) and is
fixed
in samba43-4.3.8_1 and samba43-4.3.9.
Thank you very much. But is the domain install that I have just
finished damaged or not? If this is just a bunch of warning messages
about a deprecated call but things are just fine regardless then I can
keep going. If it indicates a serious defect impacting the integrity
of the installation then I have to fix it.

If I may impose another question: Are either of these available as a
package?

I have been using pkg exclusively to this point. When I run
freebsd-update fetch it reports nothing newer than what I already have
so I infer these are not packages. Building a port should prove no
hardship but if these are already packaged then I would prefer to use
pkg.

Sincerely,
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne mailto:***@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
Kevin Seidel
2016-06-22 21:23:41 UTC
Permalink
The current install won't work.
You have to run the provisioning again after updating, but then it
should work as expected.

If you are using the 'quarterly' builds you are still stuck with 4.3.8,
but you can track the 'latest' builds for 4.3.9 (or even 4.4.3_1).
Just change the url line in '/etc/pkg/FreeBSD.conf' from 'url:
"pkg+http://pkg.FreeBSD.org/${ABI}/quarterly"' to 'url:
"pkg+http://pkg.FreeBSD.org/${ABI}/latest"' and run 'pkg update'.

The alternative would be to build it from ports.

--
Kevin
Post by James B. Byrne via freebsd-questions
Post by Kevin Seidel
Hi James,
this bug was already reported
(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208837) and is
fixed
in samba43-4.3.8_1 and samba43-4.3.9.
Thank you very much. But is the domain install that I have just
finished damaged or not? If this is just a bunch of warning messages
about a deprecated call but things are just fine regardless then I can
keep going. If it indicates a serious defect impacting the integrity
of the installation then I have to fix it.
If I may impose another question: Are either of these available as a
package?
I have been using pkg exclusively to this point. When I run
freebsd-update fetch it reports nothing newer than what I already have
so I infer these are not packages. Building a port should prove no
hardship but if these are already packaged then I would prefer to use
pkg.
Sincerely,
Loading...