[Pkg-samba-maint] Bug#927747: Bug#927747: bind9_dlz backend is entirely broken in Debian
Steinar H. Gunderson
sesse at debian.org
Tue Apr 23 21:34:36 BST 2019
On Tue, Apr 23, 2019 at 10:24:54PM +0200, Mathieu Parent wrote:
> There are several issues here. Trying a summary.
> 1. We need to patch bind9 apparmor profile (this is the cloned bug)
> 2. The /var/lib/samba/bind-dns directory is created on domain
> provision. Nothing to do here?
It's not created on upgrade from stretch, though? You don't re-provision your
domain when upgrading Samba, yet upgrading should be allowed.
> 2. bind9 conf "include" should be updated. As the conffile is not
> owned by samba all we can do is printing a message in samba preinst
> (if include "/usr/local/samba/private/named.conf" is found in
> /etc/named/named.conf or /etc/bind/named.conf.local)
> 3.Patching "named.conf" template to load the correct bind9 module (i.e 9.11)
I _think_ samba_dnsupgradedns writes a new config fragment.
> 4. Run "samba_upgradedns --dns-backend=BIND9_DLZ", but when?
I would assume in postinst (assuming we detect its use).
/* Steinar */
More information about the Pkg-samba-maint