f



Re: BIND 9.4.x vs 9.6.x - pid-file check and creation #2

In message <200901260800.n0Q80lkH017744@mail49.nsc.no>, Jan Arild =?iso-8859-1?
Q?Lindstr=F8m?= writes:
> 
> Hi,
> 
> just to clarify that Solaris really is different from Linux:
> 
>         ns12(root) / 503# su - named
>         Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
>         -bash-3.00$ ls -la /var/run/named/
>         total 80
>         drwxr-s---   4 named    named        307 Jan 26 08:22 .
>         drwxr-xr-x   7 root     sys         1285 Jan 26 00:52 ..
>         -rw-r--r--   1 named    named          6 Jan 26 06:41 named.pid
>         -bash-3.00$ mkdir /var/run/named
>         mkdir: Failed to make directory "/var/run/named"; Permission denied
> 
>         dns-nms(root) ~ 1003# su - named
>         -bash-3.1$ uname -sr
>         Linux 2.6.18-53.1.13.el5
>         (reverse-i-search)`': =
> 
>         -bash-3.1$ ls -la /var/run/named/
>         total 20
>         drwxr-s---  3 named named 4096 Jan 26 08:48 .
>         drwxr-sr-x 24 root  root    4096 Jan 26 08:22 ..
>         -rw-r--r--  1 named named    6 Jan 26 08:48 named.pid
>         -bash-3.1$ mkdir /var/run/named
>         mkdir: cannot create directory `/var/run/named': File exists
> 
> That is, when the diretory exists and is fully writable on Solaris 10, you =
> still get
> "Permission denied", while you on Linux get "File exists". =
> 
> 
> I'd say Solaris 10 first checks if the user have permissions to create the =
> directory =
> 
> before it checks if it exists.
> 
> So I would say the code for creating the pid-file has been changed between =
> 9.4.3 =
> 
> and 9.6.0-P1, and that a bug has been introduced on Solaris.

	It was changed as part of this change.

2486.   [func]          The default locations for named.pid and lwresd.pid
                        are now /var/run/named/named.pid and
                        /var/run/lwresd/lwresd.pid respectively.

                        This allows the owner of the containing directory
                        to be set, for "named -u" support, and allows there
                        to be a permanent symbolic link in the path, for
                        "named -t" support.  [RT #18306]

> Regards
> Jan Arild Lindstr=F8m
> 
> 
> 
> At 08:42 26/01/2009, Jan Arild Lindstr=F8m wrote:
> 
> >Hi,
> >
> >I was going to upgrade from BIND 9.4.3 to BIND 9.6.0-P1, but run into a =
> 
> >strange "bug" in BIND 9.6.0-P1.
> >
> >Exact same config for 9.4.3 and 9.6.0-P1, only added "new" to files that =
> 
> >are written to (namednew.log, confignew.log and namednew.pid).
> >
> >OS: Solaris 10.
> >
> >Using:
> >        pid-file "/var/run/named/namednew.pid";
> >
> >.. result in the following:
> >
> >namednew.log:
> >26-Jan-2009 08:14:22.723 general: couldn't mkdir /var/run/named/namednew.p=
> id': Permission denied
> >26-Jan-2009 08:14:22.728 general: exiting (due to early fatal error)
> >
> >BIND 9.6.0-P1 truss.out:
> >--CUT--
> >25123/65:       stat("/dev/urandom", 0xFFFFFFFF79D0FA00)        =3D 0
> >25123/65:       open("/dev/urandom", O_RDONLY|O_NONBLOCK)       =3D 9
> >25123/65:       fcntl(9, F_GETFL)                               =3D 8320
> >25123/65:       fcntl(9, F_SETFL, FOFFMAX|FNONBLOCK)            =3D 0
> >25123/65:       setgid(21)                                      =3D 0
> >25123/65:       setuid(21)                                      =3D 0
> >25123/65:       access(".", W_OK)                               =3D 0
> >25123/65:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> >25123/65:       lseek(10, 0, SEEK_END)                          =3D 332
> >25123/65:       close(10)                                       =3D 0
> >25123/65:       open("/var/log/confignew.log", O_WRONLY|O_APPEND|O_CREAT, =
> 0666) =3D 10
> >25123/65:       lseek(10, 0, SEEK_END)                          =3D 0
> >25123/65:       close(10)                                       =3D 0
> >25123/65:       mkdir("/var/run/named", 0755)                   Err#13 EAC=
> CES [ALL]
> >25123/65:       stat("/var/log/namednew.log", 0xFFFFFFFF79D0F3C0) =3D 0
> >25123/65:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> >25123/65:       lseek(10, 0, SEEK_END)                          =3D 332
> >25123/65:       fstat(10, 0xFFFFFFFF79D0E540)                   =3D 0
> >25123/65:       fstat(10, 0xFFFFFFFF79D0E410)                   =3D 0
> >25123/65:       ioctl(10, TCGETA, 0xFFFFFFFF79D0E47C)           Err#25 ENO=
> TTY
> >25123/65:       write(10, 0x10502E754, 97)                      =3D 97
> >25123/65:          2 6 - J a n - 2 0 0 9   0 8 : 1 4 : 2 2 . 7 2 3   g e n=
>  e r a l
> >25123/65:          :   c o u l d n ' t   m k d i r   / v a r / r u n / n a=
>  m e d /
> >25123/65:          n a m e d n e w . p i d ' :   P e r m i s s i o n   d e=
>  n i e d
> >25123/65:         \n
> >25123/65:       write(10, 0x10502E754, 69)                      =3D 69
> >25123/65:          2 6 - J a n - 2 0 0 9   0 8 : 1 4 : 2 2 . 7 2 8   g e n=
>  e r a l
> >25123/65:          :   e x i t i n g   ( d u e   t o   e a r l y   f a t a=
>  l   e r
> >25123/65:          r o r )\n
> >25123/65:       _exit(1)
> >
> >It fails because it tries to just create the /var/run/named directory inst=
> ead
> >of cheking if the directory exist and if it can write to it. =
> 
> >
> >ns12(root) named 515# ls -la /var/run/named
> >total 40
> >drwxr-s---    4 named    named         307 Jan 26 06:51 ./
> >drwxr-xr-x    7 root     sys          1285 Jan 26 00:52 ../
> >-rw-r--r--    1 named    named           6 Jan 26 06:41 named.pid
> >
> >So /var/run/named exists and is fully writable by user named.
> >
> >User "named" should of course not be able to crate diretories below
> >"/var/run". Especially since many other things on Solaris 10 uses that
> >directory also.
> >
> >
> >If I use:
> >        pid-file "/var/run/named/named/namednew.pid";
> >
> >... everything works fine, since it now can run mkdir without getting "EAC=
> CES". =
> 
> >Instead it gets "EEXIST" and is OK with that.
> >
> >BIND 9.6.0-P1 truss.out:
> >--CUT--
> >25404/65:       stat("/dev/urandom", 0xFFFFFFFF79D0FA00)        =3D 0
> >25404/65:       open("/dev/urandom", O_RDONLY|O_NONBLOCK)       =3D 9
> >25404/65:       fcntl(9, F_GETFL)                               =3D 8320
> >25404/65:       fcntl(9, F_SETFL, FOFFMAX|FNONBLOCK)            =3D 0
> >25404/65:       setgid(21)                                      =3D 0
> >25404/65:       setuid(21)                                      =3D 0
> >25404/65:       access(".", W_OK)                               =3D 0
> >25404/65:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> >25404/65:       lseek(10, 0, SEEK_END)                          =3D 498
> >25404/65:       close(10)                                       =3D 0
> >25404/65:       open("/var/log/confignew.log", O_WRONLY|O_APPEND|O_CREAT, =
> 0666) =3D 10
> >25404/65:       lseek(10, 0, SEEK_END)                          =3D 0
> >25404/65:       close(10)                                       =3D 0
> >25404/65:       mkdir("/var/run/named/named", 0755)             Err#17 EEX=
> IST
> >25404/65:       stat("/var/run/named/named/namednew.pid", 0xFFFFFFFF79D0F9=
> 80) Err#2 ENOENT
> >25404/65:       unlink("/var/run/named/named/namednew.pid")     Err#2 ENOE=
> NT
> >25404/65:       open("/var/run/named/named/namednew.pid", O_WRONLY|O_CREAT=
> |O_EXCL, 0644) =3D 10
> >25404/65:       fcntl(10, F_GETFD, 0x000001A4)                  =3D 0
> >25404/65:       getpid()                                        =3D 25404 =
> [25403]
> >25404/65:       fstat(10, 0xFFFFFFFF79D0E9D0)                   =3D 0
> >25404/65:       fstat(10, 0xFFFFFFFF79D0E8A0)                   =3D 0
> >25404/65:       ioctl(10, TCGETA, 0xFFFFFFFF79D0E90C)           Err#25 ENO=
> TTY
> >25404/65:       write(10, " 2 5 4 0 4\n", 6)                    =3D 6
> >25404/65:       close(10)                                       =3D 0
> >--CUT--
> >
> >
> >Trussing 9.4.3 I see that it does it differently:
> >
> >--CUT--
> >25730/10:       access(".", W_OK)                               =3D 0
> >25730/10:       open("/var/log/namednew.log", O_WRONLY|O_APPEND|O_CREAT, 0=
> 666) =3D 10
> >25730/10:       lseek(10, 0, SEEK_END)                          =3D 2625
> >25730/10:       close(10)                                       =3D 0
> >25730/10:       open("/var/log/confignew.log", O_WRONLY|O_APPEND|O_CREAT, =
> 0666) =3D 10
> >25730/10:       lseek(10, 0, SEEK_END)                          =3D 0
> >25730/10:       close(10)                                       =3D 0
> >25730/10:       stat("/var/run/named/namednew.pid", 0xFFFFFFFF7D90F660) Er=
> r#2 ENOENT
> >25730/10:       unlink("/var/run/named/namednew.pid")           Err#2 ENOE=
> NT
> >25730/10:       open("/var/run/named/namednew.pid", O_WRONLY|O_CREAT|O_EXC=
> L, 0644) =3D 10
> >25730/10:       fcntl(10, F_GETFD, 0x000001A4)                  =3D 0
> >25730/10:       getpid()                                        =3D 25730 =
> [25729]
> >25730/10:       fstat(10, 0xFFFFFFFF7D90E6B0)                   =3D 0
> >25730/10:       fstat(10, 0xFFFFFFFF7D90E580)                   =3D 0
> >25730/10:       ioctl(10, TCGETA, 0xFFFFFFFF7D90E5EC)           Err#25 ENO=
> TTY
> >25730/10:       write(10, " 2 5 7 3 0\n", 6)                    =3D 6
> >--CUT--
> >
> >
> >It seems that someone has "shorted" the code to create and/or check the pi=
> d-file.
> >
> >Maybe that "shortcut" will work on Linux, but it for sure does not work on=
>  Solaris 10.
> >
> >Having to use .../named/named/... in the pid-file option is of course poss=
> ible, but I =
> 
> >guess that it is not the way it is supposed to be...(?)...
> >
> >Help? Ideas?
> >
> >Regards
> >Jan Arild Lindstr=F8m
> >
> >_______________________________________________
> >bind-users mailing list
> >bind-users@lists.isc.org
> >https://lists.isc.org/mailman/listinfo/bind-users
> 
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
0
Mark
1/26/2009 9:29:00 AM
comp.protocols.dns.bind 16245 articles. 1 followers. Post Follow

0 Replies
477 Views

Similar Articles

[PageSpeed] 20

Reply:

Similar Artilces:

Re: nsupdate strangeness v 9.2.3 vs. 9.3.x / 9.4.x
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Greetings, > > The setting behind: > > My DNS server runs server software isc-bind with version 9.4.x (the most > recent version). > > My dial up host runs bind v 9.2.3 and the nsupdate program coming with it. > When trying to use the 9.4.x (or 9.3.x) distribution and the nsupdate > program coming with it, I am experiencing the following problem for quite a > while now. When I try to update my zone entry > > nsupdate -d -k $KEY > >server $SERVER > >zone $ZON...

Re: Can I use bind 8.x conf files with bind 9.2.3? #2
> Hi Bill Larson, > > Many thanks for your response. Actually I didn't find any step by step > guide for the installation and configuration of BIND 9. I have managed > to install and configure Bind 9 with basic configuration but still a lot > more to do. If you can help me in this I shall be very thank full to > you. I use to get the following error for a zone file which is running > fine with bind 8. Also I have included the zone file and named.conf, so > that you can have a look not only on this error but also suggest me how > is my named.conf. S...

RE: Can I use bind 8.x conf files with bind 9.2.3?
Hi Bill Larson, Many thanks for your response. Actually I didn't find any step by step guide for the installation and configuration of BIND 9. I have managed to install and configure Bind 9 with basic configuration but still a lot more to do. If you can help me in this I shall be very thank full to you. I use to get the following error for a zone file which is running fine with bind 8. Also I have included the zone file and named.conf, so that you can have a look not only on this error but also suggest me how is my named.conf. Sorry for the long email. --------------- Error wh...

BIND 9.7.2-P3, 9.6.2-P3, 9.6-ESV-R3 and 9.4-ESV-R4 are now available
We've published four releases that contain various security and bug fixes. The detailed Security Advisories are located at: http://www.isc.org/advisories Guidance as to recommended upgrades are available at: http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories BIND 9.7.2-P3 Release Note http://ftp.isc.org/isc/bind9/9.7.2-P3/RELEASE-NOTES-BIND-9.7.2-P3.txt BIND 9.6.2-P3 Release Note http://ftp.isc.org/isc/bind9/9.6.2-P3/RELEASE-NOTES-BIND-9.6.2-P3.txt BIND 9.6-ESV-R3 Release Note http://ftp.isc.org/isc/bind9/9.6-ESV-R3/RELEASE-NOTES-BIND-9.6-...

nsupdate strangeness v 9.2.3 vs. 9.3.x / 9.4.x
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, The setting behind: My DNS server runs server software isc-bind with version 9.4.x (the most recent version). My dial up host runs bind v 9.2.3 and the nsupdate program coming with it. When trying to use the 9.4.x (or 9.3.x) distribution and the nsupdate program coming with it, I am experiencing the following problem for quite a while now. When I try to update my zone entry nsupdate -d -k $KEY >server $SERVER >zone $ZONE >update add @ $TTL2 A $IPADDR >send I allways get the error message client x...

bind 9.4 and bind 9.5 works in BSD/OS 4.3.X
Found the answer and any early OS should adapt the following: Check to see if you have an /etc/login.conf file If so check for any parameter that has openfiles-cur Set to 1024 or higher and that should get bind 9.4 + working . -- Member - Liberal International This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.myspace.com/502748630 Merry Christmas 2009 and Happy New Year 2010 ...

Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS #2
Mokwena Motseto <MotsetM@sapo.co.za> wrote: >> Do you know of any problems I might encounter if I migrate to Microsoft >> DNS I don't what version it is, or if it has versions at all phn@icke-reklam.ipsec.nu replied: > You won't get support from this forum :-) Sorry to disappoint Peter, but there have been discussions of the interaction between MS W2k (or W2k+3) DNS Server and BIND in the on this list (and on its now-defunct sister list bind9-users@isc.org). Check the list archives. Discussions of BIND interoperability with other DNS software is n...

RE: Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS
Hi Sorry for the misunderstanding I was not looking for support, I was just asking from people, who have been in the same situation that I am in now What influenced their decision to choose what ever they chose to go with -----Original Message----- From: bind-users-bounce@isc.org [mailto:bind-users-bounce@isc.org] On Behalf Of phn@icke-reklam.ipsec.nu Sent: 11 October 2004 21:21 To: comp-protocols-dns-bind@isc.org Subject: Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS Mokwena Motseto <MotsetM@sapo.co.za> wrote: > Hi > We are currently running BIND 4...

Re: Can I have a HPUX bind 4.9.7 slaved to a Solaris bind 9.2.2 master ?
>>>>> "Terry" == Terry Pike <terry.j.pike@gsk.com> writes: Terry> I have a HPUX bind 4.9.7 master server that I want to Terry> convert to a slave server. I want to create a new master Terry> on Solaris bind 9.2.2. Terry> Question: will the V4.9.7 server accept zone transfers from Terry> V9.2.2 ?? Of course. Why shouldn't it? The zone transfer protocol hasn't changed. However BIND9 by default tries a more efficient data transfer scheme that long-dead stuff like BIND4 doesn't understand. This behaviour ...

Re: Performance of Bind 9.2.3 vs BIND 4.8.3 #2
>>>>> "nishant" == nishant <nishant80@gmail.com> writes: nishant> But still i need to show that 'performance' wise BIND 9 nishant> is better than BIND 4. My previous posting did that. nishant> Can u please help me in deciding what kind of tests nishant> should i really be doing to show that BIND 9 'performs' nishant> better (or much better, as you say) than BIND 4? Look, stop wasting your time on this pointless make-work exercise. BIND4 is DEAD. Nobody should be running it. Consult the list arch...

Re: bind 9.6.0-P1's nsupdate dumps core on NetBSD/i386 4.x #2
In message <p05200f72c5d61071b990@[130.102.20.138]>, Ray Phillips writes: > > You need to call gdb correctly. > > > > gdb /usr/local/bin/nsupdate nsupdate.core > > Thanks Mark. > > Sorry, I (obviously) don't have much of a clue about using gdb. Looks like you have hit this bug. 2547. [bug] openssl_link.c:mem_realloc() could reference an out-of-range area of the source buffer. New public function isc_mem_reallocate() was introduced to address this bug...

Bind 9.2.4 slaving problem [bind 9.2.1 and bind 8.3.3]
Greetings. I have a master name server running BIND 9.2.1 [Debian Woody - server not available on the Internet] and a slave server running bind 9.2.4 [Debian Sarge - not currently available on the Internet] and two others running bind 8.3.3 [Debian Woody - on the Internet]. The 9.2.1 is a master for all the others to slave from. I have an entry in a zone defined on the master as the following: > $ORIGIN example.com. > spamhaus-datafeed IN NS local-rbl-a > spamhaus-datafeed IN NS local-rbl-b When I issue the following command: #> host -t nx spam...

Re: Where is the log file of BIND 9.x.x located on Solaris10?
> Where is the log file of BIND 9.x.x located on Solaris10? The default logging is done to syslog. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org ...

Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS
bind-users-bounce@isc.org wrote on 10/11/2004 11:27:26 AM: [clip...] > > Do you know of any problems I might encounter if I migrate to BIND ver 9 > (latest) You should not have any problems. However, you should read all the docs that come with BIND 9. If you start with the "README" file you will find this statement: "If you are upgrading from BIND 8, please read the migration notes in doc/misc/migration. If you are upgrading from BIND 4, read doc/misc/migration-4to9." I highly recommend going through all of the docs before m...

Re: BIND 9.4.x and check-names
Pklzbid0IGl0IHRpbWUgdG8gdXBncmFkZT8NCg0KWWVzLCBpdCBpcy4gSW4gZmFjdCwgYWRkaW5n IHRoZXNlIHN0YXRlbWVudHMgdG8gdGhlIG9wdGlvbnMgY2xhdXNlIGlzIGluIHByZXBhcmF0aW9u IGZvciBvdXIgbWlncmF0aW9uIHRvIGEgbGF0ZXIgdmVyc2lvbi4gDQpJdCBzZWVtcyBmcm9tIG15 IHRlc3RpbmcgdGhhdCB3aGlsZSBCSU5EIDkuNCB3YXMgdmVyeSBwYXNzaXZlIGFib3V0IHRoZXNl IHR5cGUgb2YgcmVjb3JkcywgYW5kIHdvdWxkIGxvYWQgYSB6b25lIGRlc3BpdGUgImlsbGVnYWwg Y2hhcnMiLCBsYXRlciB2ZXJzaW9ucyBvZiBCSU5EIHdvdWxkIGFjdHVhbGx5IGZhaWwgdG8gc3Rh cnQuIFRoaXMgaXMgYSBmdW5kYW1lbnRhbCBkaWZmZXJlbmNlIGJldHdlZW4gQklORCA5LjQgYW5k IDkuNy4zLCBmb3IgZXhhbXBsZS4NCkkgYW0gZGVhbGluZyB3aXRoIG...

Web resources about - Re: BIND 9.4.x vs 9.6.x - pid-file check and creation #2 - comp.protocols.dns.bind

Resources last updated: 2/13/2016 8:12:54 AM