Date: Wed, 1 Nov 2017 16:01:18 +0100 From: Andrea Venturoli <ml@netfence.it> To: freebsd-net@freebsd.org Subject: Help provisioning a Samba AD in a jail on ZFS Message-ID: <57dc8e1e-6e38-456d-f70d-291d6bf68bb8@netfence.it>
next in thread | raw e-mail | index | archive | help
Hello.
As per subject, I'm building a new box which must host a jail running a
Samba AD, but I have trouble provisioning it.
Currently I'm trying samba44.
I read a lot of material and I think I understand the problem: it seems
the "samba-tool provision" script is incompatible with NFSv4ACL used by ZFS.
AFAICT this issue has been raised, the Samba team has acknowledged a
patch should be made, but so far nothing happened.
So I'm looking into workarounds:
a) someone suggest installing samba43, provision, then upgrade to
samba44. In fact this is some path I went through a couple of times in
the past (on UFS, however). Alas samba43 is no longer there.
b) I think I might get around this by provisioning with the deprecated
NTVFS, then switch to S3FS.
Unfortunately samba44 does not build NTVFS anymore, unless the DEVELOPER
option is used; but if the DEVELOPER option is used compilation (on
Poudriere) fails with:
> ../source4/lib/socket/socket_ip.c:864:12: error: comparison of array 'addr.__u6_addr.__u6_addr8' equal to a null pointer is always false [-Werror,-Wtautological-pointer-compare]
> if (addr.s6_addr == 0) {
> ~~~~~^~~~~~~ ~
> /usr/include/netinet6/in6.h:103:29: note: expanded from macro 's6_addr'
> #define s6_addr __u6_addr.__u6_addr8
> ^
> 1 error generated.
c) I tried creating a ZVOL, formatting it with UFS, mounting it with
ACLs inside the jail, but still provisioning says I have no ACL support.
d) I know samba46 is incompatible with jails (at least as AD DC), but
didn't try samba45. AFAICT, however, nothing should have improved WRT to
my problem.
So, after spending a couple of days on this and before spending another
week trying every path, I tought I'd ask...
Should I temporarily revive samba43?
Can samba44 with NTVFS compilation error be fixed?
Should I try samba45 or is it just a waste of time?
Would creating a jail on another (UFS) box and then moving
/var/db/samba4 and smb4.conf here work?
I'm open to any other suggestion as long as the objective (AD in a jail
on ZFS) is met in the end.
bye & Thanks
av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57dc8e1e-6e38-456d-f70d-291d6bf68bb8>