Bug 130981 - Missing -t (chroot) option for named-checkconf in init.d/named script
Summary: Missing -t (chroot) option for named-checkconf in init.d/named script
Alias: None
Product: Fedora
Classification: Fedora
Component: bind   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Jason Vas Dias
QA Contact: Ben Levenson
: 131553 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2004-08-26 14:07 UTC by Felipe Alfaro Solana
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version: bind-9.2.4rc7-10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-08-26 14:24:44 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch to fix missing chroot check in init.d/named (571 bytes, patch)
2004-08-26 14:08 UTC, Felipe Alfaro Solana
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2004:567 normal SHIPPED_LIVE Updated bind packages 2004-12-21 05:00:00 UTC

Description Felipe Alfaro Solana 2004-08-26 14:07:17 UTC
Description of problem:
the call to "/usr/sbin/named-checkconf" inside "/etc/init.d/named
misses option "-t ${ROOTDIR}" if "named" has been configured to be run
in a chroot-ed environment (that is, the ROOTDIR variable has been
defined in file "/etc/sysconfig/named").

Let's say the user has set the ROOTDIR variable in
"/etc/sysconfig/named" to ROOTDIR="/var/named". The init.d script will
invoke "/usr/sbin/named-checkconf" which, in turn, will look for
"named.conf" in "/etc" instead of "${ROOTDIR}/etc".

NOTE: This is a trivial fix: if ${ROOTDIR} is defined, invoke
/usr/sbin/named-checkconf with "-t ${ROOTDIR}".

A patch against "/etc/init.d/named" is attached to this bugreport to
fix this.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Edit "/etc/sysconfig/named".
2. Add the following line: ROOTDIR="/var/named"
3. Move all bind config and data files to ${ROOTDIR} (i.e. move
/etc/named.conf to /var/named/etc/named.conf")
4. Do "/etc/init.d/named" start
5. Step 4 will fail since named-checkconf will look for
"/etc/named.conf" instead of "/var/named/etc/named.conf".
Actual results:
The call to "/usr/sbin/named-checkconf" in "/etc/init.d/named" does
not take into account if "named" is to be run chroot-ed (i.e., whether
the ROOTDIR variable is defined).

Expected results:
The call to "/usr/sbin/named-checkconf" in "/etc/init.d/named" should
take into account if named is to be run chroot-ed (i.e., whether the
ROOTDIR variable is defined).

Additional info:

Comment 1 Felipe Alfaro Solana 2004-08-26 14:08:07 UTC
Created attachment 103117 [details]
Patch to fix missing chroot check in init.d/named

Comment 2 Jason Vas Dias 2004-08-26 14:24:44 UTC
You are right. However, use of the bind-chroot package to install 
the chroot named environment would have circumvented this bug.
When the bind-chroot package gets installed, /etc/named.conf is 
made a link to /var/named/chroot/etc/named.conf, so 
named-checkconf will still check the right file, unless 
you remove /etc/named.conf - but still, for the next 
version (bind-9.2.4rc7-10) will invoke named-checkconf with -t
if $ROOTDIR is defined.

Comment 3 Jason Vas Dias 2004-09-02 14:43:52 UTC
*** Bug 131553 has been marked as a duplicate of this bug. ***

Comment 4 Milan Kerslager 2004-09-09 14:41:23 UTC
You may look at bug #131803 to see further fixing and new testing
packages. Just wrote to track the developmet proces.

Comment 5 John Flanagan 2004-12-21 19:49:56 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.