Bug 177001 - caching-nameserver can change named.conf into a symlink to itself
caching-nameserver can change named.conf into a symlink to itself
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: caching-nameserver (Show other bugs)
3
All Linux
medium Severity high
: ---
: ---
Assigned To: Jason Vas Dias
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-01-05 00:25 EST by David Keegel
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-07 11:30:14 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Keegel 2006-01-05 00:25:28 EST
From Bugzilla Helper:
User-Agent: Opera/7.51 (X11; Linux i686; U)  [en]

Description of problem:
The postinstall scriptlet for caching-nameserver contains code which will 
destroy /etc/named.conf (and 7 other config files in /var/named) when it 
is upgraded/installed, by changing each file into symlink to itself,
under the conditions listed for steps to reproduce.

Version-Release number of selected component (if applicable):
caching-nameserver-7.3-4.FC3

How reproducible:
Always

Steps to Reproduce:
1. Put "ROOTDIR=/" into /etc/sysconfig/named.
2. Make sure /etc/named.conf is a regular file (not a symlink).
3. Update caching-nameserver rpm (eg with up2date around Dec 20 2005)
  

Actual Results:  * /etc/named.conf becomes a symlink pointing to /etc/named.conf.
* /var/named/named.ca becomes a symlink pointing to /var/named/named.ca.
Similarly for these files under /var/named:
localdomain.zone localhost.zone named.broadcast named.ip6.local named.local 
named.zero
(Fortunately, the old versions of these files were backed up to *.rpmsave.)

* NameD (BIND) will not start, because /etc/named.conf is a broken symlink.


Expected Results:  Config files (especially /etc/named.conf) should either be left alone when 
caching-nameserver is upgraded, or regular files should be replaced with 
the corresponding regular files from the caching-nameserver rpm.
Regular files should certainly *not* be replaced with broken symlinks.

Additional info:

postinstall scriptlet (using /bin/sh):
...
if test -r /etc/sysconfig/named ; then
        . /etc/sysconfig/named
        if [ ! -z $ROOTDIR ]; then
           for f in /etc/named.conf /var/named/{named.ca,named.local,named.ip6.
local,named.broadcast,named.zero,localhost.zone,localdomain.zone};
           do
              if [ ! -L $f ]; then
                 if [ -f $ROOTDIR$f ]; then
                    mv $ROOTDIR$f $ROOTDIR$f.rpmsave;
                 fi;
                 /bin/mv $f $ROOTDIR$f
                 ln -s $ROOTDIR$f $f;
              fi;
           done;
        fi;
fi;

One easy way to fix the problem I've had would be :
* change the [ ! -z $ROOTDIR ] to [ ! -z "$ROOTDIR" -a "$ROOTDIR" != "/" ]

(Although you could still have the same problem if someone set ROOTDIR
to say "/." or "//" or "/usr/..".  If thats a concern you could check
[ -f $f ] before and after doing the $ROOTDIR$f.rpmsave mv, and only 
proceed with the /bin/mv and ln -s if both tests succeeded.  Or put a 
"&&" between the /bin/mv and the ln -s so the symlink is only tried if 
the /bin/mv succeeded.)
Comment 1 David Keegel 2006-01-08 18:15:27 EST
Here is example output from  ls -l /etc/named.conf* /var/named/named.ca* :-

lrwxrwxrwx  1 root  root    16 Dec 21 04:19 /etc/named.conf -> //etc/named.conf
-rw-r--r--  1 named named 2108 Nov  9 11:22 /etc/named.conf.rpmsave
lrwxrwxrwx  1 root  root    20 Dec 21 04:19 /var/named/named.ca ->
//var/named/named.ca
-rw-r--r--  1 named named 2518 Dec 20 08:39 /var/named/named.ca.rpmsave
Comment 2 Chaim Frenkel 2006-01-08 19:27:19 EST
This may be a seperate issue, but this seems to be related to my problem.

In my setup, I added a master zone and entries. However, the update to
caching-nameserver-7.3-4.FC4.noarch.rpm worked on the links rather than the
underlying files in /var/named/chroot/etc and protecting my changes.

Comment 3 Jason Vas Dias 2006-01-09 11:32:09 EST
Yes, I guess this yet another problem with the way the current
caching-nameserver package works, which all stems from it being a package
consisting only of server configuration files, so it must modify named
configuration files in order to be updated / installed .

I'll consider reworking the code as you suggest, but I think the best longterm
solution is to replace caching-nameserver with a bind-config bind- subpackage
to provide 'Default Configuration Files and Configuration Profile Management'
facilities for BIND, so that updating the bind-config package would only
update the configuration files for the 'caching-nameserver' "profile" .
Comment 4 David Keegel 2006-01-09 16:11:28 EST
Regarding Comment #2 from chaimf.
The issue you raise is separate.
My bug is very specific:
* as a pre-requisite, you must have ROOTDIR=/ in /etc/sysconfig/named
* after the bug happens, /etc/named.conf will be a symlink to <B>itself</B> 
(//etc/named.conf).

If you have ROOTDIR=/var/named/chroot, then this bug has nothing to do 
with you.

You might want to look at <A href="https://bugzilla.redhat.
com/bugzilla/show_bug.cgi?id=174925">Bug #174925</A> instead.
(Or one of the other bugs filed against caching-nameserver.)
Comment 5 Jason Vas Dias 2006-03-07 11:30:14 EST
This bug is now fixed with bind-9.3.2-6 in Rawhide/FC-5 (we cannot submit changes
for FC-3 packages anymore - FC-3 is obsolete). 
bind-9.3.2-6 now replaces caching-nameserver with the bind-config subpackage, 
which will not create any links if the files are identical (ROOTDIR=/ or '').
Comment 6 Fedora Update System 2006-03-21 12:55:02 EST
bind-9.3.2-10.FC5 has been pushed for FC5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.