Bug 130981 - Missing -t (chroot) option for named-checkconf in init.d/named script
Summary: Missing -t (chroot) option for named-checkconf in init.d/named script
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: bind
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jason Vas Dias
QA Contact: Ben Levenson
URL:
Whiteboard:
: 131553 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-08-26 14:07 UTC by Felipe Alfaro Solana
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version: bind-9.2.4rc7-10
Clone Of:
Environment:
Last Closed: 2004-08-26 14:24:44 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Patch to fix missing chroot check in init.d/named (571 bytes, patch)
2004-08-26 14:08 UTC, Felipe Alfaro Solana 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2004:567 0 normal SHIPPED_LIVE Updated bind packages 2004-12-21 05:00:00 UTC

Description Felipe Alfaro Solana 2004-08-26 14:07:17 UTC 
Description of problem:
the call to "/usr/sbin/named-checkconf" inside "/etc/init.d/named
misses option "-t ${ROOTDIR}" if "named" has been configured to be run
in a chroot-ed environment (that is, the ROOTDIR variable has been
defined in file "/etc/sysconfig/named").

Let's say the user has set the ROOTDIR variable in
"/etc/sysconfig/named" to ROOTDIR="/var/named". The init.d script will
invoke "/usr/sbin/named-checkconf" which, in turn, will look for
"named.conf" in "/etc" instead of "${ROOTDIR}/etc".

NOTE: This is a trivial fix: if ${ROOTDIR} is defined, invoke
/usr/sbin/named-checkconf with "-t ${ROOTDIR}".

A patch against "/etc/init.d/named" is attached to this bugreport to
fix this.

Version-Release number of selected component (if applicable):
bind-9.2.4rc7-8

How reproducible:
Always

Steps to Reproduce:
1. Edit "/etc/sysconfig/named".
2. Add the following line: ROOTDIR="/var/named"
3. Move all bind config and data files to ${ROOTDIR} (i.e. move
/etc/named.conf to /var/named/etc/named.conf")
4. Do "/etc/init.d/named" start
5. Step 4 will fail since named-checkconf will look for
"/etc/named.conf" instead of "/var/named/etc/named.conf".
  
Actual results:
The call to "/usr/sbin/named-checkconf" in "/etc/init.d/named" does
not take into account if "named" is to be run chroot-ed (i.e., whether
the ROOTDIR variable is defined).

Expected results:
The call to "/usr/sbin/named-checkconf" in "/etc/init.d/named" should
take into account if named is to be run chroot-ed (i.e., whether the
ROOTDIR variable is defined).

Additional info:
Comment 1 Felipe Alfaro Solana 2004-08-26 14:08:07 UTC 
Created attachment 103117 [details]
Patch to fix missing chroot check in init.d/named
Comment 2 Jason Vas Dias 2004-08-26 14:24:44 UTC 
You are right. However, use of the bind-chroot package to install 
the chroot named environment would have circumvented this bug.
When the bind-chroot package gets installed, /etc/named.conf is 
made a link to /var/named/chroot/etc/named.conf, so 
named-checkconf will still check the right file, unless 
you remove /etc/named.conf - but still, for the next 
version (bind-9.2.4rc7-10) will invoke named-checkconf with -t
if $ROOTDIR is defined.
Comment 3 Jason Vas Dias 2004-09-02 14:43:52 UTC 
*** Bug 131553 has been marked as a duplicate of this bug. ***
Comment 4 Milan Kerslager 2004-09-09 14:41:23 UTC 
You may look at bug #131803 to see further fixing and new testing
packages. Just wrote to track the developmet proces.
Comment 5 John Flanagan 2004-12-21 19:49:56 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2004-567.html
Note You need to log in before you can comment on or make changes to this bug.