[Bug 733086] New: After update bind (with dnssec), processor load 100%
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c0 Summary: After update bind (with dnssec), processor load 100% Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: x86-64 OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: neocube216@gmail.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 I have opensuse 11.3 with newest package bind-9.7.4P1-0.2.1 and bind-libs-9.7.4P1-0.2.1. In my /etc/named.conf is section managed-keys (for DNSSEC). In monitor 'top' is load processor over 100%. If deleted section managed-keys, problem is removed. Finally, I made downgrade to bind-libs-9.7.3-1.4.1.x86_64.rpm and bind-9.7.3-1.4.1.x86_64.rpm and problem is also eliminated. In my opinion problem is in bind-libs-9.7.4P1-0.2.1 and section managed-keys. Reproducible: Always Steps to Reproduce: 1.update bind,bind-libs to 9.7.4P1-0.2.1 2.activate DNSSEC, section managed-keys 3.show top -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c zj jia <zjjia@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zjjia@suse.com AssignedTo|bnc-team-screening@forge.pr |ug@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c1 George Yozi <neocube216@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |neocube216@gmail.com --- Comment #1 from George Yozi <neocube216@gmail.com> 2011-12-01 17:48:07 UTC --- I have this some problem with openSUSE 12.1 and package bind-9.8.1P1-4.4.1.x86_64. Here is my changes in /etc/named.conf: options { ... dnssec-enable yes; dnssec-validation yes; } managed-keys { "." initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq QxA+Uk1ihz0="; }; -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c2 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |neocube216@gmail.com --- Comment #2 from Uwe Gansert <ug@suse.com> 2011-12-02 09:47:00 UTC --- does it help if you add: managed-keys-directory "/var/lib/named/dyn/"; to the options in your named.conf file? the /var/lib/named directory is not writeable by named and it tries to create the keys/jnl file. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c3 --- Comment #3 from Michal Kubeček <mkubecek@suse.com> 2011-12-02 10:12:52 UTC --- Just a note: I've been told that 9.7.3-P3 with backported last security fix doesn't have this problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c4 George Yozi <neocube216@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|neocube216@gmail.com | --- Comment #4 from George Yozi <neocube216@gmail.com> 2011-12-02 12:56:51 UTC --- (In reply to comment #2)
does it help if you add:
managed-keys-directory "/var/lib/named/dyn/";
to the options in your named.conf file? the /var/lib/named directory is not writeable by named and it tries to create the keys/jnl file.
When I added managed-keys-directory "/var/lib/named/dyn/"; to option section, problem is removed. This also applies to openSUSE 12.1. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733086 https://bugzilla.novell.com/show_bug.cgi?id=733086#c5 Uwe Gansert <ug@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #5 from Uwe Gansert <ug@suse.com> 2011-12-02 13:14:35 UTC --- okay, then please add that option :) bind must be able to write into the managed-keys-directory, that's the reason for the problem you saw. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com