For the kerberos variables, edit /etc/login.conf and replace the line which reads
with
and save the file, then execute
The dns_update_list file should be writable by the BIND9 user, don't you agree? Perhaps
Debugging with truss is quite simple, for example, try
Code:
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
Code:
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K,KEYTAB_FILE=/var/db/samba4/private/dns.keytab,KRB5_KTNAME=/var/db/samba4/private/dns.keytab:\
cap_mkdb /etc/login.conf
, you'll have to logout then login again (restart the named service).The dns_update_list file should be writable by the BIND9 user, don't you agree? Perhaps
samba_upgradedns --dns-backend=BIND9_DLZ
should set those permissions correctly.Debugging with truss is quite simple, for example, try
truss -o output.log -p pid_of_named_process
. After that, in another terminal, run /usr/local/samba/sbin/samba_dnsupdate --verbose --all-names
, then stop truss ^C
and take a look at the output.log, or tail that file while running truss, your call.