[Pkg-samba-maint] Bug#871655: /usr/sbin/samba_dnsupdate: ERROR: Record already exists on fresh AD with internal DNS setup

Martin Steigerwald martin.steigerwald at teamix.de
Thu Aug 10 12:54:36 UTC 2017 

Package: samba
Version: 2:4.5.8+dfsg-2+deb9u1+b1
Severity: normal

Dear Maintainers,

I setup a fresh Samba 4 AD for a training environment.

Just after successfully running through samba-tool domain provision like
in

	root at ad1:~# samba-tool domain provision
	Realm [DEMOTUXDC.LAB]: 
	Domain [DEMOTUXDC]: 
	Server Role (dc, member, standalone) [dc]: 
	DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]: 
	DNS forwarder IP address (write 'none' to disable forwarding) [10.99.99.1]: 

and unmasking and starting of of samba-ad-dc, systemctl status tells me this:

Aug 10 14:27:49 ad1 samba[778]: [2017/08/10 14:27:49.461343,  0] ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
Aug 10 14:27:49 ad1 samba[778]:   /usr/sbin/samba_dnsupdate: ERROR: Record already exists
Aug 10 14:27:49 ad1 samba[778]: [2017/08/10 14:27:49.472192,  0] ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
Aug 10 14:27:49 ad1 samba[778]:   /usr/sbin/samba_dnsupdate: ERROR: Record already exists
Aug 10 14:27:49 ad1 samba[778]: [2017/08/10 14:27:49.481338,  0] ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
Aug 10 14:27:49 ad1 samba[778]:   /usr/sbin/samba_dnsupdate: ERROR: Record already exists
Aug 10 14:27:49 ad1 samba[778]: [2017/08/10 14:27:49.492597,  0] ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
Aug 10 14:27:49 ad1 samba[778]:   /usr/sbin/samba_dnsupdate: ERROR: Record already exists
Aug 10 14:27:49 ad1 samba[778]: [2017/08/10 14:27:49.501336,  0] ../lib/util/util_runcmd.c:316(samba_runcmd_io_handler)
Aug 10 14:27:49 ad1 samba[778]:   /usr/sbin/samba_dnsupdate: ERROR: Record already exists


Samba appears to be running just fine nonetheless, but I wonder whether
this is a real issue. Please note that I had several runs of that command
as the initial ones had errors due to wrong parameters. As far as I
understand it should be safe to run this script mutiple times.


It appears to be that /usr/sbin/samba_dnsupdate tries to apply

/var/lib/samba/private/dns_update_list

to

/var/lib/samba/private/dns_update_list

and finds some records that already exist in there.


To verify this and furtherly debug the issue I tried:

root at ad1:/var/lib/samba/private# systemctl stop samba-ad-dc
root at ad1:/var/lib/samba/private# cp -p dns_update_cache /var/tmp
root at ad1:/var/lib/samba/private# truncate -s 0 dns_update_cache
root at ad1:/var/lib/samba/private# systemctl start samba-ad-dc

and got the same errors.

Nevertheless the dnsupdate python script rebuild dns_update_cache to
exactly the same contents as before:

root at ad1:/var/lib/samba/private# cmp dns_update_cache /var/tmp/dns_update_cache 
root at ad1:/var/lib/samba/private# ls -l dns_update_cache 
-rw------- 1 root root 1866 Aug 10 14:47 dns_update_cache

It appears to me that it tries to write the same record twice,
although it appears to have a check which records it still needs
to update. And at the same time the source file does not seem
to have obvious duplicate records:

root at ad1:/var/lib/samba/private# sort dns_update_cache | uniq -d
root at ad1:/var/lib/samba/private#


The error message itself is in:

root at ad1:/usr/lib/python2.7/dist-packages/samba# LANG=C grep -ir "Record already exists" .
./netcmd/dns.py:            raise CommandError('Record already exists')
Binary file ./netcmd/dns.pyc matches


Any advice? I think it is not nice to have such error message right
after setting up an AD, even if it happens to be a false positive.

I can forward this bug upstream if it is of any help to you.

Thanks,
Martin

-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages samba depends on:
ii  adduser              3.115
ii  dpkg                 1.18.24
ii  init-system-helpers  1.48
ii  libbsd0              0.8.3-1
ii  libc6                2.24-11+deb9u1
ii  libldb1              2:1.1.27-1+b1
ii  libpam-modules       1.1.8-3.6
ii  libpam-runtime       1.1.8-3.6
ii  libpopt0             1.16-10+b2
ii  libpython2.7         2.7.13-2
ii  libtalloc2           2.1.8-1
ii  libtdb1              1.3.11-2
ii  libtevent0           0.9.31-1
ii  libwbclient0         2:4.5.8+dfsg-2+deb9u1+b1
ii  lsb-base             9.20161125
ii  procps               2:3.3.12-3
ii  python               2.7.13-2
ii  python-dnspython     1.15.0-1
ii  python-samba         2:4.5.8+dfsg-2+deb9u1+b1
ii  python2.7            2.7.13-2
ii  samba-common         2:4.5.8+dfsg-2+deb9u1
ii  samba-common-bin     2:4.5.8+dfsg-2+deb9u1+b1
ii  samba-libs           2:4.5.8+dfsg-2+deb9u1+b1
ii  tdb-tools            1.3.11-2
ii  update-inetd         4.44

Versions of packages samba recommends:
ii  attr                1:2.4.47-2+b2
ii  logrotate           3.11.0-0.1
ii  samba-dsdb-modules  2:4.5.8+dfsg-2+deb9u1+b1
ii  samba-vfs-modules   2:4.5.8+dfsg-2+deb9u1+b1

Versions of packages samba suggests:
pn  bind9          <none>
pn  bind9utils     <none>
pn  ctdb           <none>
pn  ldb-tools      <none>
pn  ntp | chrony   <none>
pn  smbldap-tools  <none>
pn  ufw            <none>
pn  winbind        <none>

-- no debconf information

More information about the Pkg-samba-maint mailing list