Bug 255415
| Summary: | net/samba412: "samba-tool domain provision --dns-backend=BIND9_DLZ" create wrong named.conf for DLZ | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | shellingfield | ||||
| Component: | Individual Port(s) | Assignee: | Timur I. Bakeyev <timur> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | Flags: | bugzilla:
maintainer-feedback?
(timur) |
||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Well spotted! Not sure, how this re-occured again... Fixed back in the new version. Thank you! A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=3887986f673b9aa45588ab13e18544654ba5218a commit 3887986f673b9aa45588ab13e18544654ba5218a Author: Timur I. Bakeyev <timur@FreeBSD.org> AuthorDate: 2021-05-04 00:16:47 +0000 Commit: Timur I. Bakeyev <timur@FreeBSD.org> CommitDate: 2021-05-04 00:26:52 +0000 PR: 255415 254033 252385 Security: CVE-2021-20254 Updated net/samba412 and net/samba413 to fix CVE-2021-20254. Also fixed: * Incorrect include line for the bind backend(255415) * Broken pkg-plist with NO_PYTHON(254033) * Broken URL parsing in LDAP client(252385) net/samba412/Makefile | 4 +- net/samba412/distinfo | 6 +- net/samba412/files/patch-bind | 2 +- net/samba412/files/patch-linuxisms (new) | 68 +++ net/samba412/pkg-plist | 702 +++++++++++++++---------------- net/samba413/Makefile | 4 +- net/samba413/distinfo | 6 +- net/samba413/files/patch-bind | 2 +- net/samba413/files/patch-linuxisms (new) | 91 ++++ 9 files changed, 522 insertions(+), 363 deletions(-) A commit in branch 2021Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ce849e898a7eb12a44a7cc872362485d8b8d5165 commit ce849e898a7eb12a44a7cc872362485d8b8d5165 Author: Timur I. Bakeyev <timur@FreeBSD.org> AuthorDate: 2021-05-04 00:16:47 +0000 Commit: Juraj Lutter <otis@FreeBSD.org> CommitDate: 2021-05-28 09:52:47 +0000 net/samba41[23]: Update to 4.12.15 Updated net/samba412 and net/samba413 to fix CVE-2021-20254. Also fixed: * Incorrect include line for the bind backend(255415) * Broken pkg-plist with NO_PYTHON(254033) * Broken URL parsing in LDAP client(252385) PR: 255415 254033 252385 Security: CVE-2021-20254 (cherry picked from commit 3887986f673b9aa45588ab13e18544654ba5218a) net/samba412/Makefile | 2 +- net/samba412/distinfo | 6 +- net/samba412/files/patch-bind | 2 +- net/samba412/files/patch-linuxisms (new) | 68 +++ net/samba412/pkg-plist | 702 +++++++++++++++---------------- net/samba413/Makefile | 2 +- net/samba413/distinfo | 6 +- net/samba413/files/patch-bind | 2 +- net/samba413/files/patch-linuxisms (new) | 91 ++++ 9 files changed, 520 insertions(+), 361 deletions(-) |
Created attachment 224437 [details] Patch for files/patch-bind on fresh installed 12.2-RELEASE(-p6) and net/samba412-4.12.14, after provisioning Samba AD DC w/ BIND9_DLZ, /var/db/samba4/bind-dns/named.conf whould be created. however including this named.conf for dlz, dns/bind916 said # /usr/local/etc/rc.d/named start /var/db/samba4/bind-dns/named.conf:35: expected string near '/' /usr/local/etc/rc.d/named: ERROR: named-checkconf for /usr/local/etc/namedb/named.conf failed generated named.conf is like database /usr/local/lib/samba4/modules/bind9/dlz_bind9_16.so"; but this should be database "dlopen /usr/local/lib/samba4/modules/bind9/dlz_bind9_16.so"; and then named would start well. maybe commit 0664fec9b05912d1c1f0f051831ef2c997d8fa2a (ports r550234) for files/patch-bind cause this problem. reverting this could fix for me. Regards,