On several FreeBSD 11.2/amd64 servers, I've got a jail dedicated to running Samba as an AD DC. Some days ago I upgraded one of them from 4.8.7 to 4.8.9 and suddenly everything stopped working. Since it was a production box, I immediately restored the whole jail from a backup, with no chance to better investigate. Today, with more time, I tried on another server and again I run into trouble (although I'm not sure the details are exactly the same). After the upgrade Samba would not start at all, with the following in the logs: > [2019/02/17 18:15:35.200206, 0] ../source4/smbd/server.c:502(binary_smbd_main) > samba version 4.8.9 started. > Copyright Andrew Tridgell and the Samba Team 1992-2018 > root@dc1:~ # [2019/02/17 18:15:35.379881, 0] ../source4/smbd/server.c:674(binary_smbd_main) > binary_smbd_main: samba: using 'standard' process model > [2019/02/17 18:15:35.384663, 0] ../source4/nbt_server/interfaces.c:228(nbtd_add_socket) > Failed to bind to 10.1.2.34:137 - NT_STATUS_ADDRESS_ALREADY_ASSOCIATED > [2019/02/17 18:15:35.384752, 0] ../source4/smbd/service_task.c:36(task_server_terminate) > task_server_terminate: task_server_terminate: [nbtd failed to setup interfaces] > [2019/02/17 18:15:35.396234, 0] ../lib/util/become_daemon.c:138(daemon_ready) > daemon_ready: STATUS=daemon 'samba' finished starting up and ready to serve connections > [2019/02/17 18:15:35.397963, 0] ../source4/smbd/server.c:288(samba_terminate) > samba_terminate: samba_terminate of samba 98006: nbtd failed to setup interfaces 10.1.2.34 is the jail's own IP and I'm sure nothing is running on port 137 there. Relevant part of my smb4.conf > [global] > allow dns updates=nonsecure > log level=1 > workgroup = XXXXX > realm = xxxxx.xxxxxxxx.xx > netbios name = DC1 > server role = active directory domain controller > idmap_ldb:use rfc2307 = yes > dns forwarder=10.1.2.13 10.1.2.15 > interfaces=vlan1 10.1.2.34/24 > bind interfaces only=yes > ntlm auth=YES After a web search I found a workaround: adding > server services=-nbt will let Samba start. Jailed non-DC instances don't seem to be affected.
problems with a jailed setup are not a samba bug bug a problem of the specific jail setup.