Bug 475202

Summary: named crashes on incorrect usage of rndc reload command
Product: Red Hat Enterprise Linux 4 Reporter: Jonathan Sulman <jsulman>
Component: bindAssignee: Adam Tkac <atkac>
Status: CLOSED ERRATA QA Contact: Martin Cermak <mcermak>
Severity: medium Docs Contact:
Priority: urgent    
Version: 4.9CC: bhamrick, bojan, jeffschroeder, johnny, jscotka, jsulman, masevac, mprpic, ovasik, pasteur, psklenar, riek, rvokal, tao
Target Milestone: rcKeywords: EasyFix, Patch, ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
"rndc" is a command line utility that allows the named daemon to be administered locally or remotely. named exited due to an assertion failure when it received a command via rdnc telling it to reload a subdomain of its authoritative domain. With this update, when named receives such a command via rdnc, it logs an error message to the system log and ignores the command.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2011-02-16 14:04:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 485811, 552578    
Attachments:
Description Flags
proposed patch none

Description Jonathan Sulman 2008-12-08 14:32:09 UTC 
+++ This bug was initially created as a clone of Bug #457533 +++

Description of problem:
named crashes (process terminates) on incorrect usage of the rndc reload 
command


Version-Release number of selected component (if applicable):
bind-utils-9.3.4-6.0.2.P1.el5_2.x86_64
bind-9.3.4-6.0.2.P1.el5_2.x86_64
bind-libs-9.3.4-6.0.2.P1.el5_2.x86_64

How reproducible:
every time

Steps to Reproduce:
Server A is the master of a dom.tld zone
Server B is a slave of the dom.tld zone

On server B type: rndc reload hostname.dom.tld
(the correct syntax would have been: rndc reload dom.tld)

The commandline now gives:
[root@yyyy ~]# rndc reload hostname.dom.tld
rndc: connection to remote host closed
This may indicate that the remote server is using an older version of 
the command protocol, this host is not authorized to connect,
or the key is invalid.

The /var/log/messages log gives the following messages:
Aug  1 13:44:01 infiltrator named[8108]: view.c:1135: INSIST(result == 0 || 
result == 23) failed
Aug  1 13:44:01 infiltrator named[8108]: exiting (due to assertion failure)

After this the named process terminates.
 
Expected results:
Error messages from RNDC but no crashes of named

--- Additional comment from atkac on 2008-08-04 12:01:01 EDT ---

Right you are, thanks for report.

--- Additional comment from jsulman on 2008-12-05 11:24:37 EDT ---

I have verified this bug on Red Hat Enterprise Linux ES release 4 (Nahant Update 7), running bind-9.2.4-30.el4.

--- Additional comment from atkac on 2008-12-08 07:02:59 EDT ---

(In reply to comment #5)
> I have verified this bug on Red Hat Enterprise Linux ES release 4 (Nahant
> Update 7), running bind-9.2.4-30.el4.

Right you are. If you are interested in RHEL4 fix please clone this bug for RHEL4 ("Clone This Bug" in top right corner of this page)
Comment 1 Adam Tkac 2009-02-02 13:03:39 UTC 
*** Bug 483552 has been marked as a duplicate of this bug. ***
Comment 3 Adam Tkac 2009-03-11 10:27:17 UTC 
*** Bug 489660 has been marked as a duplicate of this bug. ***
Comment 5 Adam Tkac 2009-08-06 07:11:40 UTC 
*** Bug 515843 has been marked as a duplicate of this bug. ***
Comment 6 Adam Tkac 2009-09-01 13:32:15 UTC 
*** Bug 520596 has been marked as a duplicate of this bug. ***
Comment 7 Bojan Smojver 2009-09-28 23:34:45 UTC 
So, is there a package we can download for RHEL 4 that fixes this?
Comment 8 Bojan Smojver 2009-09-30 02:35:59 UTC 
(In reply to comment #7)
> So, is there a package we can download for RHEL 4 that fixes this?  

Anyone?
Comment 9 Adam Tkac 2009-09-30 08:08:03 UTC 
(In reply to comment #8)
> (In reply to comment #7)
> > So, is there a package we can download for RHEL 4 that fixes this?  
> 
> Anyone?  

There is no updated package available, yet. Fix for this issue will be released as part of RHEL 4.9 update because this is definitely not a critical issue which should be addressed now.
Comment 10 Bojan Smojver 2009-09-30 08:20:09 UTC 
Keywords say EasyFix, Patch. Can you attach the patch?
Comment 11 Adam Tkac 2009-09-30 10:13:48 UTC 
Created attachment 363164 [details]
proposed patch
Comment 12 Bojan Smojver 2009-09-30 22:45:14 UTC 
Thank you.
Comment 13 Bojan Smojver 2009-10-01 01:57:01 UTC 
(In reply to comment #11)
> Created an attachment (id=363164) [details]
> proposed patch  

Any chance we can see this fastracked?

When bind dies due to invalid commands, DNS goes down - not a very good result.
Comment 24 Martin Prpič 2010-06-11 12:32:49 UTC 
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.

New Contents:
* "rndc" is a command line utility that allows the named daemon to be administered locally or remotely. named exited due to an assertion failure when it received a command via rdnc telling it to reload a subdomain of its authoritative domain. With this update, when named receives such a command via rdnc, it logs an error message to the system log and ignores the command.
Comment 25 Douglas Silas 2010-06-14 07:07:12 UTC 
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.

Diffed Contents:
@@ -1 +1 @@
-* "rndc" is a command line utility that allows the named daemon to be administered locally or remotely. named exited due to an assertion failure when it received a command via rdnc telling it to reload a subdomain of its authoritative domain. With this update, when named receives such a command via rdnc, it logs an error message to the system log and ignores the command.+"rndc" is a command line utility that allows the named daemon to be administered locally or remotely. named exited due to an assertion failure when it received a command via rdnc telling it to reload a subdomain of its authoritative domain. With this update, when named receives such a command via rdnc, it logs an error message to the system log and ignores the command.
Comment 28 errata-xmlrpc 2011-02-16 14:04:47 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0223.html