f



Re: BIND 9.4.x vs 9.6.x - pid-file check and creation

In message <200901260742.n0Q7gJqN029792@mail46.nsc.no>, Jan Arild =?iso-8859-1?
Q?Lindstr=F8m?= writes:
> 
> Hi,
> 
> I was going to upgrade from BIND 9.4.3 to BIND 9.6.0-P1, but run into a =
> 
> strange "bug" in BIND 9.6.0-P1.
> 
> Exact same config for 9.4.3 and 9.6.0-P1, only added "new" to files that =
> 
> are written to (namednew.log, confignew.log and namednew.pid).
> 
> OS: Solaris 10.
> 
> Using:
>         pid-file "/var/run/named/namednew.pid";
> 
> .. result in the following:
> 
> namednew.log:
> 26-Jan-2009 08:14:22.723 general: couldn't mkdir /var/run/named/namednew.pi=
> d': Permission denied
> 26-Jan-2009 08:14:22.728 general: exiting (due to early fatal error)

	The log message should say couldn't mkdir /var/run/named.
	The wrong path is being logged.

	You either need to create /var/run/named with appropriate
	permissions so that named can write to it or change /var/run's
	permissions so that named can create /var/run/named.

	Named will continue if mkdir(/var/run/named) returns EEXISTS.
 
	Mark

        /*
         * Make the containing directory if it doesn't exist.
         */
        slash = strrchr(pidfile, '/');
        if (slash != NULL && slash != pidfile) {
                *slash = '\0';
                mode = S_IRUSR | S_IWUSR | S_IXUSR;     /* u=rwx */
                mode |= S_IRGRP | S_IXGRP;              /* g=rx */
                mode |= S_IROTH | S_IXOTH;              /* o=rx */
                n = mkdir(pidfile, mode);
                if (n == -1 && errno != EEXIST) {
                        isc__strerror(errno, strbuf, sizeof(strbuf));
                        (*report)("couldn't mkdir %s': %s", filename,
                                  strbuf);
                        free(pidfile);
                        pidfile = NULL;
                        return;
                }
                *slash = '/';
        }

> BIND 9.6.0-P1 truss.out:
> --CUT--
> 25123/65:       stat("/dev/urandom", 0xFFFFFFFF79D0FA00)        =3D 0
> 25123/65:       open("/dev/urandom", O_RDONLY|O_NONBLOCK)       =3D 9
> 25123/65:       fcntl(9, F_GETFL)                               =3D 8320
> 25123/65:       fcntl(9, F_SETFL, FOFFMAX|FNONBLOCK)            =3D 0
> 25123/65:       setgid(21)                                      =3D 0
> 25123/65:       setuid(21)                                      =3D 0
> 25123/65:       access(".", W_OK)                               =3D 0
> 25123/65:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 06=
> 66) =3D 10
> 25123/65:       lseek(10, 0, SEEK_END)                          =3D 332
> 25123/65:       close(10)                                       =3D 0
> 25123/65:       open("/var/log/confignew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> 25123/65:       lseek(10, 0, SEEK_END)                          =3D 0
> 25123/65:       close(10)                                       =3D 0
> 25123/65:       mkdir("/var/run/named", 0755)                   Err#13 EACC=
> ES [ALL]
> 25123/65:       stat("/var/log/namednew.log", 0xFFFFFFFF79D0F3C0) =3D 0
> 25123/65:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 06=
> 66) =3D 10
> 25123/65:       lseek(10, 0, SEEK_END)                          =3D 332
> 25123/65:       fstat(10, 0xFFFFFFFF79D0E540)                   =3D 0
> 25123/65:       fstat(10, 0xFFFFFFFF79D0E410)                   =3D 0
> 25123/65:       ioctl(10, TCGETA, 0xFFFFFFFF79D0E47C)           Err#25 ENOT=
> TY
> 25123/65:       write(10, 0x10502E754, 97)                      =3D 97
> 25123/65:          2 6 - J a n - 2 0 0 9   0 8 : 1 4 : 2 2 . 7 2 3   g e n =
> e r a l
> 25123/65:          :   c o u l d n ' t   m k d i r   / v a r / r u n / n a =
> m e d /
> 25123/65:          n a m e d n e w . p i d ' :   P e r m i s s i o n   d e =
> n i e d
> 25123/65:         \n
> 25123/65:       write(10, 0x10502E754, 69)                      =3D 69
> 25123/65:          2 6 - J a n - 2 0 0 9   0 8 : 1 4 : 2 2 . 7 2 8   g e n =
> e r a l
> 25123/65:          :   e x i t i n g   ( d u e   t o   e a r l y   f a t a =
> l   e r
> 25123/65:          r o r )\n
> 25123/65:       _exit(1)
> 
> It fails because it tries to just create the /var/run/named directory inste=
> ad
> of cheking if the directory exist and if it can write to it. =
> 
> 
> ns12(root) named 515# ls -la /var/run/named
> total 40
> drwxr-s---    4 named    named         307 Jan 26 06:51 ./
> drwxr-xr-x    7 root     sys          1285 Jan 26 00:52 ../
> -rw-r--r--    1 named    named           6 Jan 26 06:41 named.pid
> 
> So /var/run/named exists and is fully writable by user named.
> 
> User "named" should of course not be able to crate diretories below
> "/var/run". Especially since many other things on Solaris 10 uses that
> directory also.
> 
> 
> If I use:
> 	pid-file "/var/run/named/named/namednew.pid";
> 
> ... everything works fine, since it now can run mkdir without getting "EACC=
> ES". =
> 
> Instead it gets "EEXIST" and is OK with that.
> 
> BIND 9.6.0-P1 truss.out:
> --CUT--
> 25404/65:       stat("/dev/urandom", 0xFFFFFFFF79D0FA00)        =3D 0
> 25404/65:       open("/dev/urandom", O_RDONLY|O_NONBLOCK)       =3D 9
> 25404/65:       fcntl(9, F_GETFL)                               =3D 8320
> 25404/65:       fcntl(9, F_SETFL, FOFFMAX|FNONBLOCK)            =3D 0
> 25404/65:       setgid(21)                                      =3D 0
> 25404/65:       setuid(21)                                      =3D 0
> 25404/65:       access(".", W_OK)                               =3D 0
> 25404/65:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 06=
> 66) =3D 10
> 25404/65:       lseek(10, 0, SEEK_END)                          =3D 498
> 25404/65:       close(10)                                       =3D 0
> 25404/65:       open("/var/log/confignew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> 25404/65:       lseek(10, 0, SEEK_END)                          =3D 0
> 25404/65:       close(10)                                       =3D 0
> 25404/65:       mkdir("/var/run/named/named", 0755)             Err#17 EEXI=
> ST
> 25404/65:       stat("/var/run/named/named/namednew.pid", 0xFFFFFFFF79D0F98=
> 0) Err#2 ENOENT
> 25404/65:       unlink("/var/run/named/named/namednew.pid")     Err#2 ENOENT
> 25404/65:       open("/var/run/named/named/namednew.pid", O_WRONLY|O_CREAT|=
> O_EXCL, 0644) =3D 10
> 25404/65:       fcntl(10, F_GETFD, 0x000001A4)                  =3D 0
> 25404/65:       getpid()                                        =3D 25404 [=
> 25403]
> 25404/65:       fstat(10, 0xFFFFFFFF79D0E9D0)                   =3D 0
> 25404/65:       fstat(10, 0xFFFFFFFF79D0E8A0)                   =3D 0
> 25404/65:       ioctl(10, TCGETA, 0xFFFFFFFF79D0E90C)           Err#25 ENOT=
> TY
> 25404/65:       write(10, " 2 5 4 0 4\n", 6)                    =3D 6
> 25404/65:       close(10)                                       =3D 0
> --CUT--
> 
> 
> Trussing 9.4.3 I see that it does it differently:
> 
> --CUT--
> 25730/10:       access(".", W_OK)                               =3D 0
> 25730/10:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 06=
> 66) =3D 10
> 25730/10:       lseek(10, 0, SEEK_END)                          =3D 2625
> 25730/10:       close(10)                                       =3D 0
> 25730/10:       open("/var/log/confignew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> 25730/10:       lseek(10, 0, SEEK_END)                          =3D 0
> 25730/10:       close(10)                                       =3D 0
> 25730/10:       stat("/var/run/named/namednew.pid", 0xFFFFFFFF7D90F660) Err=
> #2 ENOENT
> 25730/10:       unlink("/var/run/named/namednew.pid")           Err#2 ENOENT
> 25730/10:       open("/var/run/named/namednew.pid", O_WRONLY|O_CREAT|O_EXCL=
> , 0644) =3D 10
> 25730/10:       fcntl(10, F_GETFD, 0x000001A4)                  =3D 0
> 25730/10:       getpid()                                        =3D 25730 [=
> 25729]
> 25730/10:       fstat(10, 0xFFFFFFFF7D90E6B0)                   =3D 0
> 25730/10:       fstat(10, 0xFFFFFFFF7D90E580)                   =3D 0
> 25730/10:       ioctl(10, TCGETA, 0xFFFFFFFF7D90E5EC)           Err#25 ENOT=
> TY
> 25730/10:       write(10, " 2 5 7 3 0\n", 6)                    =3D 6
> --CUT--
> 
> 
> It seems that someone has "shorted" the code to create and/or check the pid=
> -file.
> 
> Maybe that "shortcut" will work on Linux, but it for sure does not work on =
> Solaris 10.
> 
> Having to use .../named/named/... in the pid-file option is of course possi=
> ble, but I =
> 
> guess that it is not the way it is supposed to be...(?)...
> 
> Help? Ideas?
> 
> Regards
> Jan Arild Lindstr=F8m
> 
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
0
Mark
1/26/2009 8:33:00 AM
comp.protocols.dns.bind 16245 articles. 1 followers. Post Follow

0 Replies
537 Views

Similar Articles

[PageSpeed] 5

Reply:

Similar Artilces:

bind 9.4 and bind 9.5 works in BSD/OS 4.3.X
Found the answer and any early OS should adapt the following: Check to see if you have an /etc/login.conf file If so check for any parameter that has openfiles-cur Set to 1024 or higher and that should get bind 9.4 + working . -- Member - Liberal International This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.myspace.com/502748630 Merry Christmas 2009 and Happy New Year 2010 ...

Re: nsupdate strangeness v 9.2.3 vs. 9.3.x / 9.4.x
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Greetings, > > The setting behind: > > My DNS server runs server software isc-bind with version 9.4.x (the most > recent version). > > My dial up host runs bind v 9.2.3 and the nsupdate program coming with it. > When trying to use the 9.4.x (or 9.3.x) distribution and the nsupdate > program coming with it, I am experiencing the following problem for quite a > while now. When I try to update my zone entry > > nsupdate -d -k $KEY > >server $SERVER > >zone $ZON...

Re: Where is the log file of BIND 9.x.x located on Solaris10?
> Where is the log file of BIND 9.x.x located on Solaris10? The default logging is done to syslog. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org ...

Re: BIND 9.4.x and check-names
Pklzbid0IGl0IHRpbWUgdG8gdXBncmFkZT8NCg0KWWVzLCBpdCBpcy4gSW4gZmFjdCwgYWRkaW5n IHRoZXNlIHN0YXRlbWVudHMgdG8gdGhlIG9wdGlvbnMgY2xhdXNlIGlzIGluIHByZXBhcmF0aW9u IGZvciBvdXIgbWlncmF0aW9uIHRvIGEgbGF0ZXIgdmVyc2lvbi4gDQpJdCBzZWVtcyBmcm9tIG15 IHRlc3RpbmcgdGhhdCB3aGlsZSBCSU5EIDkuNCB3YXMgdmVyeSBwYXNzaXZlIGFib3V0IHRoZXNl IHR5cGUgb2YgcmVjb3JkcywgYW5kIHdvdWxkIGxvYWQgYSB6b25lIGRlc3BpdGUgImlsbGVnYWwg Y2hhcnMiLCBsYXRlciB2ZXJzaW9ucyBvZiBCSU5EIHdvdWxkIGFjdHVhbGx5IGZhaWwgdG8gc3Rh cnQuIFRoaXMgaXMgYSBmdW5kYW1lbnRhbCBkaWZmZXJlbmNlIGJldHdlZW4gQklORCA5LjQgYW5k IDkuNy4zLCBmb3IgZXhhbXBsZS4NCkkgYW0gZGVhbGluZyB3aXRoIG...

RE: Can I use bind 8.x conf files with bind 9.2.3?
Hi Bill Larson, Many thanks for your response. Actually I didn't find any step by step guide for the installation and configuration of BIND 9. I have managed to install and configure Bind 9 with basic configuration but still a lot more to do. If you can help me in this I shall be very thank full to you. I use to get the following error for a zone file which is running fine with bind 8. Also I have included the zone file and named.conf, so that you can have a look not only on this error but also suggest me how is my named.conf. Sorry for the long email. --------------- Error wh...

nsupdate strangeness v 9.2.3 vs. 9.3.x / 9.4.x
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, The setting behind: My DNS server runs server software isc-bind with version 9.4.x (the most recent version). My dial up host runs bind v 9.2.3 and the nsupdate program coming with it. When trying to use the 9.4.x (or 9.3.x) distribution and the nsupdate program coming with it, I am experiencing the following problem for quite a while now. When I try to update my zone entry nsupdate -d -k $KEY >server $SERVER >zone $ZONE >update add @ $TTL2 A $IPADDR >send I allways get the error message client x...

Re: Can I use bind 8.x conf files with bind 9.2.3? #2
> Hi Bill Larson, > > Many thanks for your response. Actually I didn't find any step by step > guide for the installation and configuration of BIND 9. I have managed > to install and configure Bind 9 with basic configuration but still a lot > more to do. If you can help me in this I shall be very thank full to > you. I use to get the following error for a zone file which is running > fine with bind 8. Also I have included the zone file and named.conf, so > that you can have a look not only on this error but also suggest me how > is my named.conf. S...

RE: Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS
Hi Sorry for the misunderstanding I was not looking for support, I was just asking from people, who have been in the same situation that I am in now What influenced their decision to choose what ever they chose to go with -----Original Message----- From: bind-users-bounce@isc.org [mailto:bind-users-bounce@isc.org] On Behalf Of phn@icke-reklam.ipsec.nu Sent: 11 October 2004 21:21 To: comp-protocols-dns-bind@isc.org Subject: Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS Mokwena Motseto <MotsetM@sapo.co.za> wrote: > Hi > We are currently running BIND 4...

New Versions of BIND are available (9.9.4, 9.8.6, and 9.6-ESV-R10)
New versions of BIND are now available from http://www.isc.org/downloads See the messages in bind-announce announcing BIND 9.9.4, 9.8.6, and 9.6-ESV-R10 or read the release notes in the ISC Knowledge Base ( https://kb.isc.org/category/81/0/10/Software-Products/BIND9/Release-Notes/ ) for more info on the features, changes, and bug fixes included in the new releases. ...

Re: bind 9.6.0-P1's nsupdate dumps core on NetBSD/i386 4.x
In message <p05200f70c5d52b51dba3@[130.102.20.138]>, Ray Phillips writes: > I've built bind 9.6.0-P1 on NetBSD/i386 machines (versions 3.1, 4.0, > 4.0.1 and 5.0_RC2) and discovered that nsupdate dumps core on the 4.x > ones. > > The build process was just: > > % sh -c './configure --disable-threads > configure.log 2>&1' > % sh -c 'make > make.log 2>&1' > % su > Password: > # sh -c 'make install > make-install.log 2>&1' > # > > I've also tried without --disable-thr...

Re: bind 9.6.0-P1's nsupdate dumps core on NetBSD/i386 4.x #2
In message <p05200f72c5d61071b990@[130.102.20.138]>, Ray Phillips writes: > > You need to call gdb correctly. > > > > gdb /usr/local/bin/nsupdate nsupdate.core > > Thanks Mark. > > Sorry, I (obviously) don't have much of a clue about using gdb. Looks like you have hit this bug. 2547. [bug] openssl_link.c:mem_realloc() could reference an out-of-range area of the source buffer. New public function isc_mem_reallocate() was introduced to address this bug...

Where is the log file of BIND 9.x.x located on Solaris10?
Where is the log file of BIND 9.x.x located on Solaris10? Steve Bby wrote: > Where is the log file of BIND 9.x.x located on Solaris10? ...

BIND 9.7.2-P3, 9.6.2-P3, 9.6-ESV-R3 and 9.4-ESV-R4 are now available
We've published four releases that contain various security and bug fixes. The detailed Security Advisories are located at: http://www.isc.org/advisories Guidance as to recommended upgrades are available at: http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories BIND 9.7.2-P3 Release Note http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.txt BIND 9.6.2-P3 Release Note http://ftp.isc.org/isc/bind9/9.6.2-P3/RELEASE-NOTES-BIND-9.6.2-P3.txt BIND 9.6-ESV-R3 Release Note http://ftp.isc.org/isc/bind9/9.6-ESV-R3/RELEASE-NOTES-BIND-9.6-...

BIND 9.4.x and check-names
--_000_9496BCDD18FE8B49BB984508D9C40CBE0457BC37D9EXCNYSM95BABP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Good Morning, I recently implemented a change in our DNS environment with the intention o= f suppressing the log events related to AD-integrated zones, and their Non-= RFC compliant nature. In the global configuration I added the following statements: check-names slave ignore; check-names master ignore; Flushed & reloaded. However, I still see these entries appear in the logs. Could someone please= chime ...

Re: Bug... 4.x, 8.x ,9.x
At 12:52 AM 10/14/2004, Techie wrote: >As it says in the readme1st.txt file in the zip distro of Bind 9.3, drop >the bug rep's in here. > >Well here it goes. > > >1) The installer provides an option to Start service after finishing >install. Why? There are no config files done since they have to be built by >hand so hy even provide the option. It seems redundant. INstead there >should be a list on what files are required and what you need to add as >basic values. Then it would be more Windows friendly. When you are upgrading the version of BIN...

Web resources about - Re: BIND 9.4.x vs 9.6.x - pid-file check and creation - comp.protocols.dns.bind

Resources last updated: 2/13/2016 8:13:41 AM