Bug 13792 - Jailed DC fails to start
Summary: Jailed DC fails to start
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.8.9
Hardware: All FreeBSD
: P5 regression (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
Depends on:
Reported: 2019-02-18 11:09 UTC by Andrea Venturoli
Modified: 2020-03-15 21:05 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Andrea Venturoli 2019-02-18 11:09:38 UTC
On several FreeBSD 11.2/amd64 servers, I've got a jail dedicated to running Samba as an AD DC.

Some days ago I upgraded one of them from 4.8.7 to 4.8.9 and suddenly everything stopped working.
Since it was a production box, I immediately restored the whole jail from a backup, with no chance to better investigate.

Today, with more time, I tried on another server and again I run into trouble (although I'm not sure the details are exactly the same).

After the upgrade Samba would not start at all, with the following in the logs:
> [2019/02/17 18:15:35.200206,  0] ../source4/smbd/server.c:502(binary_smbd_main)
>   samba version 4.8.9 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2018
> root@dc1:~ # [2019/02/17 18:15:35.379881,  0] ../source4/smbd/server.c:674(binary_smbd_main)
>   binary_smbd_main: samba: using 'standard' process model
> [2019/02/17 18:15:35.384663,  0] ../source4/nbt_server/interfaces.c:228(nbtd_add_socket)
> [2019/02/17 18:15:35.384752,  0] ../source4/smbd/service_task.c:36(task_server_terminate)
>   task_server_terminate: task_server_terminate: [nbtd failed to setup interfaces]
> [2019/02/17 18:15:35.396234,  0] ../lib/util/become_daemon.c:138(daemon_ready)
>   daemon_ready: STATUS=daemon 'samba' finished starting up and ready to serve connections
> [2019/02/17 18:15:35.397963,  0] ../source4/smbd/server.c:288(samba_terminate)
>   samba_terminate: samba_terminate of samba 98006: nbtd failed to setup interfaces is the jail's own IP and I'm sure nothing is running on port 137 there.

Relevant part of my smb4.conf

> [global]
>         allow dns updates=nonsecure
>         log level=1
>         workgroup = XXXXX
>         realm = xxxxx.xxxxxxxx.xx
>         netbios name = DC1
>         server role = active directory domain controller
>         idmap_ldb:use rfc2307 = yes
>         dns forwarder=
>         interfaces=vlan1
>         bind interfaces only=yes
>         ntlm auth=YES

After a web search I found a workaround: adding
>         server services=-nbt 
will let Samba start.

Jailed non-DC instances don't seem to be affected.
Comment 1 Björn Jacke 2020-03-15 21:05:35 UTC
problems with a jailed setup are not a samba bug bug a problem of the specific jail setup.