Univention Bugzilla – Bug 48497
ddns update fails, wrong permissions for /var/lib/samba/private/dns.keytab
Last modified: 2019-01-21 13:33:02 CET
kinit -t /var/lib/samba/private/dns.keytab dns-master echo -e 'server master.test.local\nprereq yxdomain test.local\n' | nsupdate -g dns_tkey_negotiategss: TKEY is unacceptable strace named [pid 10798] access("/etc/krb5.conf", R_OK) = 0 [pid 10798] stat("/etc/krb5.conf", {st_mode=S_IFREG|0644, st_size=1894, ...}) = 0 [pid 10798] getrandom("\353O\307v\23n\22\205\202\206\340\365iN\236v\364\211\317:\20h\0360\23\224\273sK\361\33\367O\245\377\374P\n+H\211\336w\35\362\317\326F\t\225o\203\333\252\25\363\224|1l\6\355\362\213", 64, 0) = 64 [pid 10798] getpid() = 10783 [pid 10798] open("/var/lib/samba/private/dns.keytab", O_RDONLY) = -1 EACCES (Permission denied) [pid 10798] sendmsg(26, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\0VT\316\200\200\0\1\0\1\0\0\0\0\01072202794\nsig-master\4test\5local\0\0\371\0\377\300\f\0\371\0\377\0\0\0\0\0\32\10gss-tsig\0\0\0\0\0\0\0\0\0\0\3\0\21\0\0\0\0", iov_len=88}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 88 [pid 10798] recvmsg(26, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="", iov_len=2}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 0 [pid 10798] futex(0x7f4698de607c, FUTEX_WAKE_OP_PRIVATE, 1, 1, 0x7f4698de6078, FUTEX_OP_SET<<28|0<<12|FUTEX_OP_CMP_GT<<24|0x1 <unfinished ...> [pid 10799] <... futex resumed> ) = 0 [pid 10799] futex(0x7f4698de6028, FUTEX_WAIT_PRIVATE, 2, NULL <unfinished ...> [pid 10798] <... futex resumed> ) = 1 [pid 10798] futex(0x7f4698de6028, FUTEX_WAKE_PRIVATE, 1 <unfinished ...> [pid 10799] <... futex resumed> ) = 0 [pid 10799] futex(0x7f4698de6028, FUTEX_WAKE_PRIVATE, 1) = 0 [pid 10799] futex(0x7f4698de607c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 517, {tv_sec=1548071342, tv_nsec=69003000}, 0xffffffff <unfinished ...> [pid 10798] <... futex resumed> ) = 1 [pid 10798] write(6, "\27\0\0\0\375\377\377\377", 8 <unfinished ...> [pid 10800] <... epoll_wait resumed> [{EPOLLIN, {u32=5, u64=5}}], 64, -1) = 1 [pid 10800] read(5, "\27\0\0\0\375\377\377\377", 8) = 8 [pid 10800] epoll_ctl(7, EPOLL_CTL_ADD, 23, {EPOLLIN, {u32=23, u64=23}}) = 0 !!! /var/lib/samba/private/dns.keytab", O_RDONLY) = -1 EACCES (Permission denied !!! -> ls -la /var/lib/samba/private/dns.keytab -rw------- 1 proxy root 732 Jan 21 12:13 /var/lib/samba/private/dns.keytab Workaround; chown root /var/lib/samba/private/dns.keytab
This happened in the branch tests (ucs master + s4connector)
added workaround in run_workarounds_before_starting_the_tests
*** This bug has been marked as a duplicate of bug 47955 ***
fixed with 9baae8dfcb1df2843c2ba542c5b8e404871ccbe9