Bug 923113
Summary: | Potential crash during startup/reload if global configuration options are set | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Petr Spacek <pspacek> |
Component: | bind-dyndb-ldap | Assignee: | Petr Spacek <pspacek> |
Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 6.4 | CC: | chhudson, dpal, lmiksik, mkosek, ovasik, pspacek |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
The bind-dyndb-ldap plug-in processed settings too early, which led to the daemon terminating unexpectedly with a segmentation fault during startup or reload. The bind-dyndb-ldap plug-in has been fixed to process its options later, and so, no longer crashes during startup or reload.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-11-21 12:11:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 883504, 928429 |
Description
Petr Spacek
2013-03-19 09:01:11 UTC
Workaround: Remove all global configuration options from LDAP. IPA command: $ ipa dnsconfig-mod --forwarder='' --forward-policy='' --allow-sync-ptr='' --zone-refresh='' Global forwarders and zone refresh parameters can be configured per-server in /etc/named.conf. Zone refresh was superseded by persistent search in IPA version 3.0 and higher and should not be enabled. 'Sync PTR' feature can be configured per server in /etc/named.conf and also per-zone in LDAP (via ipa dnszone-mod). BIND will crash if following conditions are met at the same time: * Persistent search is enabled (default from IPA 3.0) * Configuration of PTR synchronization feature has different value in global configuration and in local /etc/named.conf. I.e. PTR synchronization is globally enabled and locally disabled or vice versa. Simpler workaround: * Configure PTR synchronization in /etc/named.conf or per-zone as described in comment #1. * Remove configuration for PTR synchronization from global configuration: $ ipa dnsconfig-mod --allow-sync-ptr='' OR * Disable persistent search. This issue is fixed by http://rhn.redhat.com/errata/RHBA-2013-0739.html . Why is the status still MODIFIED? (In reply to comment #15) > This issue is fixed by http://rhn.redhat.com/errata/RHBA-2013-0739.html . > Why is the status still MODIFIED? Because the bug was not added to the list of bugs fixed in an errata? If this is the case, we should close this bug&fill fixed in field. Ah, I see it now, this Bugzilla is for 6.5 - but I still think that Fixed In Version should be filled. Tested using: ipa-server-3.0.0-33.el6.x86_64 bind-dyndb-ldap-2.3-4.el6.x86_64 # ipa dnsconfig-mod --allow-sync-ptr=TRUE Allow PTR sync: TRUE # service named restart Stopping named: .[ OK ] Starting named: [ OK ] Not seeing the behaviour reported above. From https://bugzilla.redhat.com/show_bug.cgi?id=928429#c10, verifying Sanity Only. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1636.html |