[Bug 716745] New: yast2 failed to get DNS server up
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c0 Summary: yast2 failed to get DNS server up Classification: openSUSE Product: openSUSE 12.1 Version: Milestone 5 Platform: x86-64 OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: melchiaros@aol.com QAContact: jsrain@suse.com Found By: --- Blocker: --- Created an attachment (id=449865) --> (http://bugzilla.novell.com/attachment.cgi?id=449865) the logs User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0) Gecko/20100101 Firefox/6.0 I´ve tried to get up a nameserver with yast2. It failed with an error message on finishing that tells that there are problems to start name. The message is a bit cryptic to me, so have a look at the screenshot I attach. The configuration was: 1.forwared settings : 157.157.120.177 2.DNS-Zones as default by yast2 (which may be the problem) -> example.com and the long lines of 0.0.0.... .ip6.arpa 3.Open Port in firewall 4.On:Start Now and when booting. Reproducible: Always Steps to Reproduce: 1.See above 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c1 --- Comment #1 from melchiaros melchiaros <melchiaros@aol.com> 2011-09-08 17:11:16 UTC --- Created an attachment (id=449866) --> (http://bugzilla.novell.com/attachment.cgi?id=449866) the error message -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c2 --- Comment #2 from melchiaros melchiaros <melchiaros@aol.com> 2011-09-08 17:13:54 UTC --- Created an attachment (id=449867) --> (http://bugzilla.novell.com/attachment.cgi?id=449867) filelist -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c zj jia <zjjia@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zjjia@suse.com AssignedTo|bnc-team-screening@forge.pr |locilka@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c3 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |melchiaros@aol.com Severity|Normal |Major --- Comment #3 from Lukas Ocilka <locilka@suse.com> 2011-10-13 12:50:04 UTC --- Could you attach /etc/named.conf and /etc/named.conf.yast2-save -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c4 melchiaros melchiaros <melchiaros@aol.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|melchiaros@aol.com | --- Comment #4 from melchiaros melchiaros <melchiaros@aol.com> 2011-10-15 15:48:08 UTC --- Not possible. The VM is gone. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c5 Lukas Ocilka <locilka@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |ug@suse.com --- Comment #5 from Lukas Ocilka <locilka@suse.com> 2011-10-26 08:53:13 UTC --- Uwe, any idea what's wrong here? Oct 26 10:50:17 linux-i58a named[2972]: starting BIND 9.8.1 -t /var/lib/named -u named Oct 26 10:50:17 linux-i58a named[2972]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' 'CFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -DNO_VERSION_DATE -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib64' Oct 26 10:50:17 linux-i58a named[2972]: adjusted limit on open files from 4096 to 1048576 Oct 26 10:50:17 linux-i58a named[2972]: found 1 CPU, using 1 worker thread Oct 26 10:50:17 linux-i58a named[2972]: using up to 4096 sockets --- ? here ? --- Oct 26 10:50:17 linux-i58a named[2972]: initializing DST: openssl failure Oct 26 10:50:17 linux-i58a named[2972]: exiting (due to fatal error) Oct 26 10:50:17 linux-i58a named[2926]: Starting name server BIND ..failed --- ? here ? --- Oct 26 10:50:17 linux-i58a systemd[1]: named.service: control process exited, code=exited status=1 Oct 26 10:50:17 linux-i58a systemd[1]: Unit named.service entered failed state. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c7 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED CC| |ug@suse.com InfoProvider|ug@suse.com | Resolution| |FIXED --- Comment #7 from Uwe Gansert <ug@suse.com> 2011-10-26 09:16:48 UTC --- thanks. Fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c8 --- Comment #8 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-10-26 12:00:08 CEST --- This is an autogenerated message for OBS integration: This bug (716745) was mentioned in https://build.opensuse.org/request/show/89350 Factory / bind -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c9 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |schuetzm@gmx.net --- Comment #9 from Uwe Gansert <ug@suse.com> 2011-10-26 13:43:33 UTC --- *** Bug 726453 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=726453 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c10 Graham Anderson <graham@andtech.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED CC| |graham@andtech.eu Resolution|FIXED | Severity|Major |Critical --- Comment #10 from Graham Anderson <graham@andtech.eu> 2011-11-16 12:02:10 UTC --- I just hit this after upgrading an 11.4 to 12.1, will attach /etc/named.conf and /etc/named.conf.yast2-save Note, that /etc/init.d/named *has* the changes specified in the patch attached to Bug 726453 and I can confirm the ssl engine libs are copied to /var/lib/named nova:~ # tree /var/lib/named/lib64 /var/lib/named/lib64 └── engines ├── lib4758cca.so ├── libaep.so ├── libatalla.so ├── libcapi.so ├── libchil.so ├── libcswift.so ├── libgmp.so ├── libgost.so ├── libnuron.so ├── libpadlock.so ├── libsureware.so └── libubsec.so Information for package bind: Repository: openSUSE-12.1-Oss Name: bind Version: 9.8.1-4.2.2 Nov 16 13:01:42 nova named[26347]: starting BIND 9.8.1 -t /var/lib/named -u named Nov 16 13:01:42 nova named[26347]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' 'CFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -DNO_VERSION_DATE -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib64' Nov 16 13:01:42 nova named[26347]: adjusted limit on open files from 4096 to 1048576 Nov 16 13:01:42 nova named[26347]: found 4 CPUs, using 4 worker threads Nov 16 13:01:42 nova named[26347]: using up to 4096 sockets Nov 16 13:01:42 nova named[26347]: initializing DST: openssl failure Nov 16 13:01:42 nova named[26347]: exiting (due to fatal error) Nov 16 13:01:42 nova named[26288]: Starting name server BIND ..failed Nov 16 13:01:42 nova systemd[1]: named.service: control process exited, code=exited status=1 Nov 16 13:01:42 nova systemd[1]: Unit named.service entered failed state. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c11 --- Comment #11 from Graham Anderson <graham@andtech.eu> 2011-11-16 12:09:11 UTC --- Created an attachment (id=462354) --> (http://bugzilla.novell.com/attachment.cgi?id=462354) named.conf -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c12 --- Comment #12 from Graham Anderson <graham@andtech.eu> 2011-11-16 12:09:52 UTC --- Created an attachment (id=462355) --> (http://bugzilla.novell.com/attachment.cgi?id=462355) named.conf.yast2-save -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c13 --- Comment #13 from Graham Anderson <graham@andtech.eu> 2011-11-16 12:14:25 UTC --- Created an attachment (id=462356) --> (http://bugzilla.novell.com/attachment.cgi?id=462356) strace output of "/etc/init.d/named start" -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c Graham Anderson <graham@andtech.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|Milestone 5 |Final -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c14 --- Comment #14 from Graham Anderson <graham@andtech.eu> 2011-11-16 12:41:41 UTC --- This seems to be systemd related, bind starts fine if the system is booted with init=/sbin/sysvinit -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c16 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |NEEDINFO InfoProvider| |graham@andtech.eu --- Comment #16 from Uwe Gansert <ug@suse.com> 2011-11-17 10:31:59 UTC --- I can not reproduce this here. bind starts fine with systemd on my testinstallation. Can you reproduce that every boot? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c17 Philippe Condé <conde.philippe@skynet.be> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |conde.philippe@skynet.be --- Comment #17 from Philippe Condé <conde.philippe@skynet.be> 2011-11-17 19:36:34 UTC --- I have the same problem with Opensuse 12.1 X86-64 Log messages Nov 17 19:02:54 hpprol named[17659]: initializing DST: openssl failure Nov 17 19:02:54 hpprol named[17659]: exiting (due to fatal error) Nov 17 19:02:54 hpprol named[17599]: Starting name server BIND ..failed the libraries /var/lib/named/lib/engines and /var/lib/named/lib64/engines are filled with lib4758cca.so libaep.so libatalla.so libcapi.so libchil.so libcswift.so libgmp.so libgost.so libnuron.so libpadlock.so libsureware.so libubsec.so This occurs with systemd at each reboot. Starting with Yast give the same errors version installed bind-chrootenv-9.8.1-4.2.2.x86_64 bind-9.8.1-4.2.2.x86_64 openssl-1.0.0e-34.1.2.x86_64 Hardware is a HP proliant ML350 this bind configuration worked correctly in opensus11.4 Anything more that i can check? Regards Philippe -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c18 --- Comment #18 from Alberto Molina Serna <alberto.molina@exevi.com> 2011-11-18 12:08:57 UTC --- Created an attachment (id=462879) --> (http://bugzilla.novell.com/attachment.cgi?id=462879) /etc/named.conf (amolinas) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c19 Alberto Molina Serna <alberto.molina@exevi.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alberto.molina@exevi.com --- Comment #19 from Alberto Molina Serna <alberto.molina@exevi.com> 2011-11-18 12:09:32 UTC --- I have experienced the same problem after upgrading from 11.4 to 12.1, and unfortunately it has become a critical problem for us. Everything is setup according to the information provided here: the libs under engine are copied to the proper places and /ete/init.d/named is the correct version with the patch applied. The error messages in /var/log/messages are exactly the same as the posted ones. So I will post my config files just in case this provides more information. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c20 --- Comment #20 from Uwe Gansert <ug@suse.com> 2011-11-18 12:16:45 UTC --- can you please try to remove those /var/lib/named/lib/engines and /var/lib/named/lib64/engines directory? They should be recreated. Still the same after that? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c21 --- Comment #21 from Alberto Molina Serna <alberto.molina@exevi.com> 2011-11-18 12:42:24 UTC --- I have removed the directories and they are recreated, but I still get the same error. I have seen that there is a structure of var/lib/named **inside** /var/lib/named, i.e., these all four directories do exist: /var/lib/named/lib/engines /var/lib/named/lib64/engines /var/lib/named/var/lib/named/lib/engines /var/lib/named/var/lib/named/lib64/engines I will upload a complete list of files and directories under /var/lib/named. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c22 --- Comment #22 from Alberto Molina Serna <alberto.molina@exevi.com> 2011-11-18 12:43:12 UTC --- Created an attachment (id=462895) --> (http://bugzilla.novell.com/attachment.cgi?id=462895) List of files and dirs under /var/lib/named -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c23 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- InfoProvider|graham@andtech.eu |alberto.molina@exevi.com --- Comment #23 from Uwe Gansert <ug@suse.com> 2011-11-18 13:25:01 UTC --- Graham found out that init=/sbin/sysvinit solves that for him, so it seems to be systemd related. Can you confirm that for you? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c24 --- Comment #24 from Philippe Condé <conde.philippe@skynet.be> 2011-11-18 14:01:26 UTC --- (In reply to comment #23)
Graham found out that init=/sbin/sysvinit solves that for him, so it seems to be systemd related. Can you confirm that for you?
I added the option init=/sbin/sysvinit in yast and rebooted but the error remains in /var/log/messages "Nov 18 14:46:41 hpprol named[3322]: starting BIND 9.8.1 -t /var/lib/named -u named Nov 18 14:46:41 hpprol named[3322]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' 'CFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -DNO_VERSION_DATE -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib64' Nov 18 14:46:41 hpprol named[3322]: adjusted limit on open files from 8192 to 1048576 Nov 18 14:46:41 hpprol named[3322]: found 4 CPUs, using 4 worker threads Nov 18 14:46:41 hpprol named[3322]: using up to 4096 sockets Nov 18 14:46:41 hpprol named[3322]: initializing DST: openssl failure Nov 18 14:46:41 hpprol named[3322]: exiting (due to fatal error) " Trying manual start of bind via Yast gives the same error Regards Philippe -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c25 --- Comment #25 from Alberto Molina <alberto.molina@exevi.com> 2011-11-18 17:00:48 UTC --- I have done some curious finding. My systems have been upgraded from 11.4 to 12.1, and then I experienced the problems described here. Now I have bind running, but I cannot reboot the servers. If we do this: 1. Remove bind and chrooted bind with zypper. 2. Reboot (if you don't this you cannot delete /var/lib/named/proc). 3. Remove completely /var/lib/named, and every /etc file related to bind except /etc/named.conf and /etc/sysconfig/named and /etc/named.d/named.conf.local (this is the file I include according to /etc/sysconfig/named). You can delete all of these files, but then you need to restore them from a backup. 4. Install bind using zypper. 5. Start bind using "renamed start". Then everything works fine. Now, if we reboot the system bind fails to start again with the same error described here, and the previous sequence has to be repeated. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c26 --- Comment #26 from Graham Anderson <graham@andtech.eu> 2011-11-19 02:57:39 UTC --- (In reply to comment #23)
Graham found out that init=/sbin/sysvinit solves that for him, so it seems to be systemd related. Can you confirm that for you?
I will reboot the name server later this weekend with systemd enabled to establish if the problem re-occurs. It probably won't be before Sunday though. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c27 --- Comment #27 from Graham Anderson <graham@andtech.eu> 2011-11-19 03:19:39 UTC --- Just a thought, but could the bug be in /etc/rc.status? seems to be where exec of bind is either handled directly (with sysvinit) or handed off to systemd. Given that for us there's no native systemd unit script for bind, is there something we are not doing to enable a clean chroot? http://0pointer.de/blog/projects/changing-roots.html Perhaps Kay or Lennart could chip in here... I cant add CC to this report. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c28 qvacfcajdjw@mailinator.com M8R-2yr72d@mailinator.com <M8R-2yr72d@mailinator.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |REOPENED InfoProvider|alberto.molina@exevi.com | --- Comment #28 from qvacfcajdjw@mailinator.com M8R-2yr72d@mailinator.com <M8R-2yr72d@mailinator.com> 2011-11-19 11:41:02 UTC --- Hi, I've found the problem: it's nothing to do with systemd, it's AppArmour. Modify the AppArmour profile for /usr/sbin/named to have "mrwlpx" permissions on /var/lib/named/lib/** (and if running x86_64, /var/lib/named/lib64/**). Please note that "mrwlpx" is perhaps too permissive, I doubt it needs write access to the libraries. Needless to say, disabling AppArmour also works. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c29 Marcel Hoogeveen <marcel.hoogeveen@anacreon.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |marcel.hoogeveen@anacreon.o | |rg --- Comment #29 from Marcel Hoogeveen <marcel.hoogeveen@anacreon.org> 2011-11-19 14:38:18 UTC --- (In reply to comment #28)
Hi,
I've found the problem: it's nothing to do with systemd, it's AppArmour.
Modify the AppArmour profile for /usr/sbin/named to have "mrwlpx" permissions on /var/lib/named/lib/** (and if running x86_64, /var/lib/named/lib64/**).
Please note that "mrwlpx" is perhaps too permissive, I doubt it needs write access to the libraries.
Needless to say, disabling AppArmour also works.
Did a upgrade from 11.3 to 11.4 to 12.1 today. Confirm this solution. Running systemv as systemd does not boot at all. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c30 --- Comment #30 from Philippe Condé <conde.philippe@skynet.be> 2011-11-19 14:42:51 UTC --- (In reply to comment #28)
Hi,
I've found the problem: it's nothing to do with systemd, it's AppArmour.
Modify the AppArmour profile for /usr/sbin/named to have "mrwlpx" permissions on /var/lib/named/lib/** (and if running x86_64, /var/lib/named/lib64/**).
Updated via Yast the apparmor profile for named and after reboot named started without problem and seems running correctly Thanks Philippe -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c31 --- Comment #31 from Alberto Molina <alberto.molina@exevi.com> 2011-11-21 08:35:01 UTC --- Confirmed that the solution of updating the AppArmor profile does work. In fact, as suggested in comment #28, "mrlpx" privileges are enough to get it working. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c34 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED InfoProvider|maintenance@opensuse.org | Resolution| |FIXED --- Comment #34 from Uwe Gansert <ug@suse.com> 2011-11-23 08:59:55 UTC --- thanks for digging into that and finding out the apparmor issue. I tested on a small system without apparmor, so I did not see the bug. I submitted a maintenance update. The repo on http://download.opensuse.org/repositories/network/ is already updated thanks again. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c35 --- Comment #35 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-11-23 10:00:35 CET --- This is an autogenerated message for OBS integration: This bug (716745) was mentioned in https://build.opensuse.org/request/show/93201 12.1 / bind -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=716745 https://bugzilla.novell.com/show_bug.cgi?id=716745#c36 --- Comment #36 from Swamp Workflow Management <swamp@suse.de> 2013-04-10 22:05:51 UTC --- openSUSE-SU-2013:0666-1: An update that solves four vulnerabilities and has 5 fixes is now available. Category: security (moderate) Bug References: 710430,715881,716745,718441,738156,743758,772946,792926,811876 CVE References: CVE-2011-1907,CVE-2012-3868,CVE-2012-5688,CVE-2013-2266 Sources used: openSUSE 11.4 (src): bind-9.9.2P2-45.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com