Hello and thanks for taking time to look at this bug.
I have just setup a VM to test this and upgraded to zesty, all of
xenial, yakkety AND zesty behave the same and present this bug.
To test it quickly if you need to reproduce, I have only setup an AD with
"samba-tool domain provision", adjusted named configuration (include samba
generated files for named) and then do a "
rndc zonestatus ad.dns.zone", a "rndc reload", and again a "rndc zonestatus
ad.dns.zone".
On zesty I also had an apparmor permission denied on start because named
couldn't file_mmap the dlz module (.so)
mars 07 12:38:51 l00p2 kernel: audit: type=1400
audit(1488886731.112:59): apparmor="DENIED" operation="file_mmap"
profile="/usr/sbin/named" name="/usr/lib/x86_64-linux-
gnu/samba/bind9/dlz_bind9_10.so" pid=3149 comm="named"
requested_mask="m" denied_mask="m" fsuid=120 ouid=0
(while adding "/usr/lib{,32,64}/**/*.so* mr," in
/etc/apparmor.d/usr.sbin.named I could start named again, maybe I should
file a different bug report)
I am adding my complete /etc/apparmor.d/usr.sbin.named if you need to
reproduce since it also contains other lines according to Samba official
Bind9_DLZ integration guide.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1670450
Title:
samba4 bind dlz module stops working on rndc reload
To manage notifications about this bug go to:
https://bugs.launchpad.net/samba/+bug/1670450/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
