Bug 595025
Summary: | bind blocks dnssec-conf from installation, but it needs the files | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | H. Peter Anvin <hpa> |
Component: | bind | Assignee: | Adam Tkac <atkac> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 13 | CC: | atkac, daw-redhatbugzilla, eddie, jgarzik, ovasik, pwouters |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | bind-9.7.1-1.fc13 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-07-07 17:54:38 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
H. Peter Anvin
2010-05-22 22:49:49 UTC
I'm not sure how this issue might have happened, bind package contains a trigger which should handle exactly this situation and remove the lines (no longer needed) from named.conf. Do you manage your configuration directly in /var/named/chroot/etc directory? Or do you manage it in /etc and let named init script to `mount --bind` needed files to chroot? *** Bug 596029 has been marked as a duplicate of this bug. *** In my case, /etc/named.conf is a symbolic link to /var/named/chroot/etc/named.conf and the other files and subdirectories in /etc/ that are used by bind are symbolic links to the corresponding locations under /var/named/chroot/etc. I remember creating some of the links myself to work around issues during a previous upgrade, but I think the link from /etc/named.conf is a symbolic link to /var/named/chroot/etc/named.conf was the default during a previous fedora release. Is the preferred method for using the same config files with chroot and without chroot to remove the config files from /var/named/chroot/ and allow them to be automatically mounted from /etc/ and /var/named? I don't know. I didn't manage my configuration directly; I was assuming the init scripts would do the mount -bind or whatever for me. In my case, /etc/named.conf was not a symlink to /var/named/chroot/etc/named.conf, but was a regular file. I wasn't sure what was the proper/preferred way to set things up. Since reporting the bug, I've uninstalled bind-chroot and gone back to non-chrooted operation, since I couldn't figure out how to get it working short of manually copying files every time I made a change to them. So I might not be the most helpful person in continuing to troubleshoot this. Sorry. (I think I did try a "yum reinstall bind-chroot" and "yum reinstall bind", to no apparent effect.) I maintain my configuration explicitly. Every script that clobbers my configuration file I consider very explicitly a bug. Now I face the same problem that after the upgrade from FC12 to FC13 I suddenly have a /etc/named.conf which is different from /var/named/chroot/etc/named.conf. Can somebody please explain why this change? What is now the default place for the named.conf? This is what I have installed: bind-chroot-9.7.0-10.P2.fc13.i686 bind-9.7.0-10.P2.fc13.i686 bind-utils-9.7.0-10.P2.fc13.i686 bind-libs-9.7.0-10.P2.fc13.i686 Should /etc/named.conf not be symbolic link to /var/named/chroot/etc/named.conf? This is making it very confusing, please clear it up. Regards, Eddie. Currently the preferred way is to have all configuration files in non-chroot directories (/etc and /var/named/). All files are then mounted (mount --bind) to proper /var/named/chroot/ locations when you use chroot. However you are right that update should not break working configuration. Main problem is that we dropped dnssec-conf package from distribution so named.conf must be adjusted a little. Current code in bind package only modifies /etc/named.conf but doesn't modify /var/named/chroot/etc/named.conf. This is a bug which will be solved in the next update. Possibly this bug is related to bug# 608362 ? Fedora 12 bind upgrades are breaking working bind configurations, due to missing dnssec files. (In reply to comment #8) > Possibly this bug is related to bug# 608362 ? > > Fedora 12 bind upgrades are breaking working bind configurations, due to > missing dnssec files. Although bug #608362 might look same as this one, it is actually different issue, check bug #606478. I extended the trigger which handles transition from dnssec-conf, now it looks into both /etc/named.conf and /var/named/chroot/etc/named.conf locations. This improvement should solve this kind of problems. bind-9.7.1-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/bind-9.7.1-1.fc13 bind-9.7.1-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update bind'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/bind-9.7.1-1.fc13 bind-9.7.1-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. |