Bug 1294731 - named-chroot.service does not verify against chroot
Summary: named-chroot.service does not verify against chroot
Keywords:
Status: CLOSED DUPLICATE of bug 1278082
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: bind
Version: 7.2
Hardware: All
OS: Linux
unspecified
high
Target Milestone: rc
: ---
Assignee: Tomáš Hozza
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-12-30 03:41 UTC by Steven Haigh
Modified: 2016-01-04 08:45 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-01-04 08:45:24 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Steven Haigh 2015-12-30 03:41:04 UTC
Description of problem:
bind-9.9.4-29.el7_2.1.x86_64 has a change that removed the -t option from named-chroot.service. As such, named-checkconf fails, and bind fails to start.

Version-Release number of selected component (if applicable):
bind-9.9.4-29.el7_2.1.x86_64

The faulty systemd unit seems to be: /usr/lib/systemd/system/named-chroot.service

It does a sanity check - but doesn't make it relative to the chroot:
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zone files is disabled"; fi'

If you add the chroot directive in there (which it probably should have anyway), then all works:
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z -t /var/named/chroot /etc/named.conf; else echo "Checking of zone files is disabled"; fi' 

While I don't have an RHEL reference, this is the change on the CentOS git import:
https://git.centos.org/blobdiff/!rpms!bind.git/d56ed2d3a2736a07a09c268f3b2607cca8f1b6ca/SOURCES!named-chroot.service

Comment 2 Tomáš Hozza 2016-01-04 08:45:24 UTC

*** This bug has been marked as a duplicate of bug 1278082 ***


Note You need to log in before you can comment on or make changes to this bug.