Univention Bugzilla – Bug 51210
Update to UCS 4.4-0 fails with Samba/AD failed due to DLZ bind9 error
Last modified: 2020-05-15 16:44:18 CEST
Currently the update to UCS 4.4 seems to abort, looks like a regression by Bug #51121 https://jenkins.knut.univention.de:8181/job/UCS-4.4/job/UCS-4.4-4/job/AutotestUpgrade/51/ Quoting Felix: > univention-upgrade --noninteractive --ignoreterm --ignoressh --updateto 4.4-0 > 00:24:35 The connection to the repository server failed: Configuration error: host is unresolvable. Please check the repository configuration and the network connection. > 00:24:35 + rv=3 syslog: ============================================================= Mai 04 10:30:04 master071 named[19784]: samba_dlz: FAILED dlz_create call result=25 #refs=0 Mai 04 10:30:04 master071 named[19784]: dlz_dlopen of 'samba4.zone' failed Mai 04 10:30:04 master071 named[19784]: SDLZ driver failed to load. Mai 04 10:30:04 master071 named[19784]: DLZ driver failed to load. Mai 04 10:30:04 master071 named[19784]: loading configuration: failure Mai 04 10:30:04 master071 named[19784]: exiting (due to fatal error) Mai 04 10:30:04 master071 systemd[1]: bind9.service: Main process exited, code=exited, status=1/FAILURE Mai 04 10:30:05 master071 samba4[19785]: rndc: connect failed: 127.0.0.1#953: connection refused Mai 04 10:30:06 master071 samba4[19785]: rndc: connect failed: 127.0.0.1#953: connection refused Mai 04 10:30:07 master071 samba4[19785]: rndc: connect failed: 127.0.0.1#953: connection refused =============================================================
seems that during the update to 4.4-0 errata samba-dsdb-modules got removed: Starting univention-upgrade. Current UCS version is 4.4-0 errata0 Checking for local repository: none Checking for package updates: found updater.log The following packages will be REMOVED: samba-dsdb-modules The following packages will be installed: python-univention-namespace,python-setproctitle,linux-image-4.9.0-9-amd64,linux-image-4.9.0-9-amd64-signed The following packages will be upgraded: and so samba is unable to start log.samba [2020/05/04 11:30:30.000633, 0, pid=29072] ../../source4/smbd/server.c:587(binary_smbd_main) samba version 4.10.1-Univention started. Copyright Andrew Tridgell and the Samba Team 1992-2019 ldb: WARNING: module version mismatch in ../modules/univention_ldb_log.c : ldb_version=1.5.7 module_version=1.5.4 ldb: WARNING: module version mismatch in ../modules/univention_samaccountname_ldap_check.c : ldb_version=1.5.7 module_version=1.5.4 [2020/05/04 11:30:30.158667, 0, pid=29073] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: WARNING: Module [samba_dsdb] not found - do you need to set LDB_MODULES_PATH? [2020/05/04 11:30:30.158693, 0, pid=29073] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug) ldb: Unable to load modules for /var/lib/samba/private/sam.ldb: (null) [2020/05/04 11:30:30.158879, 0, pid=29073] ../../lib/util/become_daemon.c:122(exit_daemon) exit_daemon: daemon failed to start: Samba failed to prime database, error code 22 i guess "broken" named is just a consequence of this problem.
samba-dsdb-modules : Hängt ab von: libldb1 (< 2:1.5.5~) aber 2:1.5.7-1A~4.3.0.202004231326 soll installiert werden
My customer updated from 4.4-2 errata319 'Current UCS version is 4.4-2 errata319' and the package is already removed in this Version!
(In reply to Christina Scheinig from comment #3) > My customer updated from 4.4-2 errata319 > 'Current UCS version is 4.4-2 errata319' and the package is already removed > in this Version! during update to 4.4-3 Starting 2 pkgProblemResolver with broken count: 1 Investigating (0) samba-dsdb-modules:amd64 < 2:4.10.1-1A~4.4.0.201908281834 @ii mK Ib > Broken samba-dsdb-modules:amd64 Hängt ab von on samba-libs:amd64 < 2:4.10.1-1A~4.4.0.201908281834 -> 2:4.10.1-1A~4.4.0.201912031949 @ii umU > (= 2:4.10.1-1A~4.4.0.201908281834) Considering samba-libs:amd64 24 as a solution to samba-dsdb-modules:amd64 3 Removing samba-dsdb-modules:amd64 rather than change samba-libs:amd64 Done but i cant see a relation to this bug, somebody should check this (update from 4.4-2 to 4.4-3 with the 4.3-5-errata scope)
the ldb/samba update in 4.3-5 is also the reason for the "ticket" problem libldb1: Installiert: 2:1.5.4-1A~4.4.0.201903211536 Installationskandidat: 2:1.5.7-1A~4.3.0.202004231326 Versionstabelle: 2:1.5.7-1A~4.3.0.202004231326 500 500 http://updates.knut.univention.de/4.3/maintained/component 4.3-5-errata/amd64/ Packages *** 2:1.5.4-1A~4.4.0.201903211536 500 500 http://updates.knut.univention.de/4.4/maintained 4.4-1/amd64/ Packages 100 /var/lib/dpkg/status 2:1.5.4-1A~4.3.0.201905151329 500 500 http://updates.knut.univention.de/4.3/maintained 4.3-5/amd64/ Packages Test: 4.4-2 with 4.3-5-errata -> apt-get -s dist-upgrade Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen.... Fertig Paketaktualisierung (Upgrade) wird berechnet... Fertig Die folgenden Pakete wurden automatisch installiert und werden nicht mehr benötigt: libgpgme11 python-backports.ssl-match-hostname python-cached-property python-docker python-dockerpty python-dockerpycreds python-docopt python-funcsigs python-functools32 python-jsonschema python-mock python-pbr python-texttable python-websocket Verwenden Sie »apt autoremove«, um sie zu entfernen. Die folgenden Pakete werden ENTFERNT: samba-dsdb-modules (In reply to Felix Botner from comment #4) > (In reply to Christina Scheinig from comment #3) > > My customer updated from 4.4-2 errata319 > > 'Current UCS version is 4.4-2 errata319' and the package is already removed > > in this Version! > > during update to 4.4-3 > > Starting 2 pkgProblemResolver with broken count: 1 > Investigating (0) samba-dsdb-modules:amd64 < 2:4.10.1-1A~4.4.0.201908281834 > @ii mK Ib > > Broken samba-dsdb-modules:amd64 Hängt ab von on samba-libs:amd64 < > 2:4.10.1-1A~4.4.0.201908281834 -> 2:4.10.1-1A~4.4.0.201912031949 @ii umU > > (= 2:4.10.1-1A~4.4.0.201908281834) > Considering samba-libs:amd64 24 as a solution to samba-dsdb-modules:amd64 3 > Removing samba-dsdb-modules:amd64 rather than change samba-libs:amd64 > Done > > but i cant see a relation to this bug, somebody should check this (update > from 4.4-2 to 4.4-3 with the 4.3-5-errata scope) the ldb/samba update in 4.3-5 is also the reason for the "ticket" problem libldb1: Installiert: 2:1.5.4-1A~4.4.0.201903211536 Installationskandidat: 2:1.5.7-1A~4.3.0.202004231326 Versionstabelle: 2:1.5.7-1A~4.3.0.202004231326 500 500 http://updates.knut.univention.de/4.3/maintained/component 4.3-5-errata/amd64/ Packages *** 2:1.5.4-1A~4.4.0.201903211536 500 500 http://updates.knut.univention.de/4.4/maintained 4.4-1/amd64/ Packages 100 /var/lib/dpkg/status 2:1.5.4-1A~4.3.0.201905151329 500 500 http://updates.knut.univention.de/4.3/maintained 4.3-5/amd64/ Packages Test: 4.4-2 with 4.3-5-errata -> apt-get -s dist-upgrade Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen.... Fertig Paketaktualisierung (Upgrade) wird berechnet... Fertig Die folgenden Pakete wurden automatisch installiert und werden nicht mehr benötigt: libgpgme11 python-backports.ssl-match-hostname python-cached-property python-docker python-dockerpty python-dockerpycreds python-docopt python-funcsigs python-functools32 python-jsonschema python-mock python-pbr python-texttable python-websocket Verwenden Sie »apt autoremove«, um sie zu entfernen. Die folgenden Pakete werden ENTFERNT: samba-dsdb-modules
The problem seems to be caused by the new libldb1 package version 1.5.7 in errata4.3-5, which is newer than the version shipped in UCS 4.4-0. The package samba-dsdb-modules in 4.4-0 has a versioned dependency on ldb version 1.5.4, so the conflict resolver of apt-get decides to uninstall samba-dsdb-modules. * We have removed those binary packages from the repositories, which have been published via Bug 51122. This avoids update issues for customers that are on UCS 4.4-x but have the errata4.3-5 component still active in /etc/apt/sources.list.d/20_ucs-online-component.list * We have adjusted the UCS 4.4-0 preup.sh script to check if the one of the problem causing binary package versions is installed (samba or libldb1). If that is the case, the update aborts and points to https://help.univention.com/t/14992 . We'll add a description for downgrading the critical packages to continue with a smooth update. * We adjusted the errata pages (e.g. http://errata.software-univention.de/ucs/4.3/670.html ) to point out that the errata update has been reverted. We still need to decide how to proceede with those. We have the classic version number issue here, where errata4.3-5 has newer package versions than 4.4-0. Maybe we can adjust the package version numbers to stay below the threshold.
OK - 4.4-2 with 4.3-5-errata with libldb1 2:1.5.4-1A~4.4.0.20190321153 samba 2:4.10.1-1A~4.4.0.2019102215 samba-dsdb-modules is not removed during the update the "1.5.7" version of the libldb1 package is removed -> apt-cache policy libldb1 libldb1: Installiert: 2:1.5.4-1A~4.4.0.201903211536 Installationskandidat: 2:1.5.4-1A~4.4.0.201903211536 Versionstabelle: *** 2:1.5.4-1A~4.4.0.201903211536 500 500 http://updates.knut.univention.de/4.4/maintained 4.4-1/amd64/Packages 100 /var/lib/dpkg/status 2:1.5.4-1A~4.3.0.201905151329 500 500 http://updates.knut.univention.de/4.3/maintained 4.3-5/amd64/Packages TODO - update from 4.3-5 (with 4.3-5-errata) to 4.4-0
Fail - http://errata.software-univention.de/ucs/4.3/670.html - what has been changed here? OK - https://help.univention.com/t/14992 OK - update from 4.3.5 (with samba from 4.3-5 errata, 2:4.10.1-1A~4.3.0.202001141253) to 4.4-0 OK - samba/ldb packages have been removed/replaced in 4.3-5-errata TODO - jenkins test tomorrow
(In reply to Felix Botner from comment #8) > Fail - http://errata.software-univention.de/ucs/4.3/670.html - There are two notes on the errata detail pages informing of the removal, linking to the help/sdb article. "This errata update has been removed, for more information see this article."
(In reply to Erik Damrose from comment #9) > (In reply to Felix Botner from comment #8) > > Fail - http://errata.software-univention.de/ucs/4.3/670.html - > > There are two notes on the errata detail pages informing of the removal, > linking to the help/sdb article. > > "This errata update has been removed, for more information see this article." ;-) now i saw it too