Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1023606: samba: IPv6 only samba-tool gpo listall does not work, can't find DC
18 views
Skip to first unread message
Matthew Grant
Nov 7, 2022, 9:40:05 AM11/7/22
to
Package: samba
Version: 4.16.5
Severity: important
Tags: patch upstream ipv6
X-Debbugs-Cc: ma...@mattgrant.net.nz
This is reported upstream as Samba bug https://bugzilla.samba.org/show_bug.cgi?id=15226
Bug in central Samba DNS resolution code in IPv6 only environment. This one probably also
affects domain sign up and join code, as well as samba-tool gpo
funcionality.
finddcs() does not resolve SRV records when there are only AAAA records in the DNS for the AD DC servers.
Patch attached. Please merge with Debian Samba packages.
-- System Information:
Debian Release: 11.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.15.75-amd64-mag-lts (SMP w/4 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages samba depends on:
ii adduser 3.118
ii dpkg 1.20.12
ii init-system-helpers 1.60
ii libbsd0 0.11.3-1
ii libc6 2.31-13+deb11u5
ii libcups2 2.3.3op2-3+deb11u2
ii libgnutls30 3.7.1-5+deb11u2
ii libldap-2.4-2 2.4.57+dfsg-3+deb11u1
hi libldb2 2:2.4.1+mag-1
ii libpam-modules 1.4.0-9+deb11u1
ii libpam-runtime 1.4.0-9+deb11u1
ii libpopt0 1.18-2
pn libpython3.7 <none>
ii libpython3.9 3.9.2-1
ii libtalloc2 2.3.3+mag-1~0mag0
ii libtasn1-6 4.16.0-2
ii libtdb1 1.4.6+mag-1
ii libtevent0 0.11.0+mag-1~0mag0
ii libwbclient0 2:4.16.5+mag-2
ii lsb-base 11.1.0
ii procps 2:3.3.17-5
ii python3 3.9.2-3
ii python3-dnspython 2.0.0-1
pn python3-samba <none>
pn samba-common <none>
pn samba-common-bin <none>
pn samba-libs <none>
ii tdb-tools 1.4.6+mag-1
Versions of packages samba recommends:
ii attr 1:2.4.48-6
ii logrotate 3.18.0-2+deb11u1
ii python3-markdown 3.3.4-1
pn samba-dsdb-modules <none>
pn samba-vfs-modules <none>
Versions of packages samba suggests:
pn bind9 <none>
ii bind9-utils [bind9utils] 1:9.16.33-1~deb11u1
ii bind9utils 1:9.16.33-1~deb11u1
ii chrony 4.0-8+deb11u2
pn ctdb <none>
ii ldb-tools 2:2.5.2+samba4.16.5+mag-2
ii smbldap-tools 0.9.11-2
pn ufw <none>
pn winbind <none>
Version: 4.16.5
Severity: important
Tags: patch upstream ipv6
X-Debbugs-Cc: ma...@mattgrant.net.nz
This is reported upstream as Samba bug https://bugzilla.samba.org/show_bug.cgi?id=15226
Bug in central Samba DNS resolution code in IPv6 only environment. This one probably also
affects domain sign up and join code, as well as samba-tool gpo
funcionality.
finddcs() does not resolve SRV records when there are only AAAA records in the DNS for the AD DC servers.
Patch attached. Please merge with Debian Samba packages.
-- System Information:
Debian Release: 11.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.15.75-amd64-mag-lts (SMP w/4 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages samba depends on:
ii adduser 3.118
ii dpkg 1.20.12
ii init-system-helpers 1.60
ii libbsd0 0.11.3-1
ii libc6 2.31-13+deb11u5
ii libcups2 2.3.3op2-3+deb11u2
ii libgnutls30 3.7.1-5+deb11u2
ii libldap-2.4-2 2.4.57+dfsg-3+deb11u1
hi libldb2 2:2.4.1+mag-1
ii libpam-modules 1.4.0-9+deb11u1
ii libpam-runtime 1.4.0-9+deb11u1
ii libpopt0 1.18-2
pn libpython3.7 <none>
ii libpython3.9 3.9.2-1
ii libtalloc2 2.3.3+mag-1~0mag0
ii libtasn1-6 4.16.0-2
ii libtdb1 1.4.6+mag-1
ii libtevent0 0.11.0+mag-1~0mag0
ii libwbclient0 2:4.16.5+mag-2
ii lsb-base 11.1.0
ii procps 2:3.3.17-5
ii python3 3.9.2-3
ii python3-dnspython 2.0.0-1
pn python3-samba <none>
pn samba-common <none>
pn samba-common-bin <none>
pn samba-libs <none>
ii tdb-tools 1.4.6+mag-1
Versions of packages samba recommends:
ii attr 1:2.4.48-6
ii logrotate 3.18.0-2+deb11u1
ii python3-markdown 3.3.4-1
pn samba-dsdb-modules <none>
pn samba-vfs-modules <none>
Versions of packages samba suggests:
pn bind9 <none>
ii bind9-utils [bind9utils] 1:9.16.33-1~deb11u1
ii bind9utils 1:9.16.33-1~deb11u1
ii chrony 4.0-8+deb11u2
pn ctdb <none>
ii ldb-tools 2:2.5.2+samba4.16.5+mag-2
ii smbldap-tools 0.9.11-2
pn ufw <none>
pn winbind <none>
Michael Tokarev
Nov 7, 2022, 1:30:03 PM11/7/22
to
Control: severity -1 normal
07.11.2022 17:30, Matthew Grant wrote:
> Package: samba
> Version: 4.16.5
> Severity: important
> Tags: patch upstream ipv6
> X-Debbugs-Cc: ma...@mattgrant.net.nz
>
> This is reported upstream as Samba bug https://bugzilla.samba.org/show_bug.cgi?id=15226
>
> Bug in central Samba DNS resolution code in IPv6 only environment. This one probably also
> affects domain sign up and join code, as well as samba-tool gpo
> funcionality.
>
> finddcs() does not resolve SRV records when there are only AAAA records in the DNS for the AD DC servers.
Thank you for the work.
Lowering severity since this is usually easy to work around by using an ipv4 network,
at least temporarily in rfc1918 address space.
> Patch attached. Please merge with Debian Samba packages.
Thank you but definitely not: I've been already blamed by
adding even simplest patches to debian which are not applied
upstream - the ones which does not affect functionality in
any way. Your does affect, so per upstream, it must be applied
upstream first.
Thanks,
/mjt
07.11.2022 17:30, Matthew Grant wrote:
> Package: samba
> Version: 4.16.5
> Severity: important
> Tags: patch upstream ipv6
> X-Debbugs-Cc: ma...@mattgrant.net.nz
>
> This is reported upstream as Samba bug https://bugzilla.samba.org/show_bug.cgi?id=15226
>
> Bug in central Samba DNS resolution code in IPv6 only environment. This one probably also
> affects domain sign up and join code, as well as samba-tool gpo
> funcionality.
>
> finddcs() does not resolve SRV records when there are only AAAA records in the DNS for the AD DC servers.
Lowering severity since this is usually easy to work around by using an ipv4 network,
at least temporarily in rfc1918 address space.
> Patch attached. Please merge with Debian Samba packages.
adding even simplest patches to debian which are not applied
upstream - the ones which does not affect functionality in
any way. Your does affect, so per upstream, it must be applied
upstream first.
Thanks,
/mjt
Michael Tokarev
Nov 7, 2022, 1:40:04 PM11/7/22
to
07.11.2022 21:18, Michael Tokarev wrote:
..
But it was undoubtfully unwelcome.
I'm sorry for that.
/mjt
..
> Thank you but definitely not: I've been already blamed by
> adding even simplest patches to debian which are not applied
> upstream - the ones which does not affect functionality in
> any way.
I stand correct here. There were no blames, that was a lie.
> adding even simplest patches to debian which are not applied
> upstream - the ones which does not affect functionality in
> any way.
But it was undoubtfully unwelcome.
I'm sorry for that.
/mjt
0 new messages