Hi,
Named is crashing here on start, but not if I disable the dyndb part of named.conf. So I assume it's not getting data out of ldap correctly (or correct data), and this from slapd logs might suggest so:
[05/May/2018:09:42:02.566222364 +0300] conn=23 op=3 SRCH base="cn=dns,dc=foo,dc=bar" scope=2 filter="(|(objectClass=idnsConfigObject)(&(objectClass=idnsServerConfigObject)(idnsServerId=host.foo.bar)))" attrs=ALL [05/May/2018:09:42:02.568886490 +0300] conn=23 op=3 RESULT err=0 tag=101 nentries=2 etime=0.0002800470 [05/May/2018:09:42:02.715423436 +0300] conn=24 op=-1 fd=96 closed - B1 [05/May/2018:09:42:02.716084255 +0300] conn=23 op=-1 fd=95 closed error 104 (Connection reset by peer) - TCP connection reset by peer.
looking at the install logs everything seemed to go fine until it started named, and ldapsearch doesn't provide any hints either..
ubuntu 18.04 ipa 4.6.90.pre1+1b320ac3e7ab763 bind9 9.11.3 bind9-dyndb-ldap 11.1
On la, 05 touko 2018, Timo Aaltonen via FreeIPA-users wrote:
Hi,
Named is crashing here on start, but not if I disable the dyndb part of named.conf. So I assume it's not getting data out of ldap correctly (or correct data), and this from slapd logs might suggest so:
[05/May/2018:09:42:02.566222364 +0300] conn=23 op=3 SRCH base="cn=dns,dc=foo,dc=bar" scope=2 filter="(|(objectClass=idnsConfigObject)(&(objectClass=idnsServerConfigObject)(idnsServerId=host.foo.bar)))" attrs=ALL [05/May/2018:09:42:02.568886490 +0300] conn=23 op=3 RESULT err=0 tag=101 nentries=2 etime=0.0002800470 [05/May/2018:09:42:02.715423436 +0300] conn=24 op=-1 fd=96 closed - B1 [05/May/2018:09:42:02.716084255 +0300] conn=23 op=-1 fd=95 closed error 104 (Connection reset by peer) - TCP connection reset by peer.
looking at the install logs everything seemed to go fine until it started named, and ldapsearch doesn't provide any hints either..
Any stacktrace?
The LDAP search result with 2 entries suggests it might be a replication conflict. At least the search is expecting to get a single entry back, it seems.
On 05.05.2018 10:53, Alexander Bokovoy wrote:
On la, 05 touko 2018, Timo Aaltonen via FreeIPA-users wrote:
Hi,
Named is crashing here on start, but not if I disable the dyndb part of named.conf. So I assume it's not getting data out of ldap correctly (or correct data), and this from slapd logs might suggest so:
[05/May/2018:09:42:02.566222364 +0300] conn=23 op=3 SRCH base="cn=dns,dc=foo,dc=bar" scope=2 filter="(|(objectClass=idnsConfigObject)(&(objectClass=idnsServerConfigObject)(idnsServerId=host.foo.bar)))" attrs=ALL [05/May/2018:09:42:02.568886490 +0300] conn=23 op=3 RESULT err=0 tag=101 nentries=2 etime=0.0002800470 [05/May/2018:09:42:02.715423436 +0300] conn=24 op=-1 fd=96 closed - B1 [05/May/2018:09:42:02.716084255 +0300] conn=23 op=-1 fd=95 closed error 104 (Connection reset by peer) - TCP connection reset by peer.
looking at the install logs everything seemed to go fine until it started named, and ldapsearch doesn't provide any hints either..
Any stacktrace?
Sure:
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007fe56ee3e801 in __GI_abort () at abort.c:79 #2 0x000055e3cba8ee57 in assertion_failed (file=<optimized out>, line=<optimized out>, type=<optimized out>, cond=<optimized out>) at ../../../bin/named-pkcs11/main.c:229 #3 0x00007fe57024a7fa in isc_assertion_failed (file=file@entry=0x7fe570cea548 "../../../lib/dns-pkcs11/view.c", line=line@entry=962, type=type@entry=isc_assertiontype_require, cond=cond@entry=0x7fe570cea728 "view->zonetable != ((void *)0)") at ../../../lib/isc-pkcs11/assertions.c:49 #4 0x00007fe570c5c2aa in dns_view_addzone (view=view@entry=0x7fe56035a780, zone=<optimized out>) at ../../../lib/dns-pkcs11/view.c:962 #5 0x000055e3cbaaca77 in configure_zone (config=config@entry=0x7fe571340bc8, zconfig=0x7fe57133d970, vconfig=vconfig@entry=0x7fe57133d010, mctx=mctx@entry=0x55e3cd9c6380, view=view@entry=0x7fe56035a780, viewlist=viewlist@entry=0x7fe56900f980, aclconf=0x7fe57131a0b0, added=isc_boolean_false, old_rpz_ok=isc_boolean_false, modify=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:5661 #6 0x000055e3cba707d1 in configure_view (view=0x7fe56035a780, viewlist=viewlist@entry=0x7fe56900f980, config=0x7fe571340bc8, vconfig=vconfig@entry=0x7fe57133d010, cachelist=cachelist@entry=0x7fe56900f9a0, bindkeys=0x7fe571344970, mctx=0x55e3cd9c6380, actx=0x7fe57131a0b0, need_hints=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:3416 #7 0x000055e3cbab9309 in load_configuration (filename=<optimized out>, server=server@entry=0x7fe571318010, first_time=first_time@entry=isc_boolean_true) at ../../../bin/named-pkcs11/server.c:8003 #8 0x000055e3cbabaf33 in run_server (task=<optimized out>, event=<optimized out>) at ../../../bin/named-pkcs11/server.c:8672 #9 0x00007fe570271b59 in dispatch (manager=0x7fe57130f010) at ../../../lib/isc-pkcs11/task.c:1140 #10 run (uap=0x7fe57130f010) at ../../../lib/isc-pkcs11/task.c:1312 #11 0x00007fe56f7eb6db in start_thread (arg=0x7fe569010700) at pthread_create.c:463 #12 0x00007fe56ef1f88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
The LDAP search result with 2 entries suggests it might be a replication conflict. At least the search is expecting to get a single entry back, it seems.
this is a single server, no replicas
On Sat, 05 May 2018, Timo Aaltonen wrote:
On 05.05.2018 10:53, Alexander Bokovoy wrote:
On la, 05 touko 2018, Timo Aaltonen via FreeIPA-users wrote:
Hi,
Named is crashing here on start, but not if I disable the dyndb part of named.conf. So I assume it's not getting data out of ldap correctly (or correct data), and this from slapd logs might suggest so:
[05/May/2018:09:42:02.566222364 +0300] conn=23 op=3 SRCH base="cn=dns,dc=foo,dc=bar" scope=2 filter="(|(objectClass=idnsConfigObject)(&(objectClass=idnsServerConfigObject)(idnsServerId=host.foo.bar)))" attrs=ALL [05/May/2018:09:42:02.568886490 +0300] conn=23 op=3 RESULT err=0 tag=101 nentries=2 etime=0.0002800470 [05/May/2018:09:42:02.715423436 +0300] conn=24 op=-1 fd=96 closed - B1 [05/May/2018:09:42:02.716084255 +0300] conn=23 op=-1 fd=95 closed error 104 (Connection reset by peer) - TCP connection reset by peer.
looking at the install logs everything seemed to go fine until it started named, and ldapsearch doesn't provide any hints either..
Any stacktrace?
Sure:
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007fe56ee3e801 in __GI_abort () at abort.c:79 #2 0x000055e3cba8ee57 in assertion_failed (file=<optimized out>, line=<optimized out>, type=<optimized out>, cond=<optimized out>) at ../../../bin/named-pkcs11/main.c:229 #3 0x00007fe57024a7fa in isc_assertion_failed (file=file@entry=0x7fe570cea548 "../../../lib/dns-pkcs11/view.c", line=line@entry=962, type=type@entry=isc_assertiontype_require, cond=cond@entry=0x7fe570cea728 "view->zonetable != ((void *)0)") at ../../../lib/isc-pkcs11/assertions.c:49 #4 0x00007fe570c5c2aa in dns_view_addzone (view=view@entry=0x7fe56035a780, zone=<optimized out>) at ../../../lib/dns-pkcs11/view.c:962 #5 0x000055e3cbaaca77 in configure_zone (config=config@entry=0x7fe571340bc8, zconfig=0x7fe57133d970, vconfig=vconfig@entry=0x7fe57133d010, mctx=mctx@entry=0x55e3cd9c6380, view=view@entry=0x7fe56035a780, viewlist=viewlist@entry=0x7fe56900f980, aclconf=0x7fe57131a0b0, added=isc_boolean_false, old_rpz_ok=isc_boolean_false, modify=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:5661 #6 0x000055e3cba707d1 in configure_view (view=0x7fe56035a780, viewlist=viewlist@entry=0x7fe56900f980, config=0x7fe571340bc8, vconfig=vconfig@entry=0x7fe57133d010, cachelist=cachelist@entry=0x7fe56900f9a0, bindkeys=0x7fe571344970, mctx=0x55e3cd9c6380, actx=0x7fe57131a0b0, need_hints=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:3416 #7 0x000055e3cbab9309 in load_configuration (filename=<optimized out>, server=server@entry=0x7fe571318010, first_time=first_time@entry=isc_boolean_true) at ../../../bin/named-pkcs11/server.c:8003 #8 0x000055e3cbabaf33 in run_server (task=<optimized out>, event=<optimized out>) at ../../../bin/named-pkcs11/server.c:8672 #9 0x00007fe570271b59 in dispatch (manager=0x7fe57130f010) at ../../../lib/isc-pkcs11/task.c:1140 #10 run (uap=0x7fe57130f010) at ../../../lib/isc-pkcs11/task.c:1312 #11 0x00007fe56f7eb6db in start_thread (arg=0x7fe569010700) at pthread_create.c:463 #12 0x00007fe56ef1f88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
The LDAP search result with 2 entries suggests it might be a replication conflict. At least the search is expecting to get a single entry back, it seems.
this is a single server, no replicas
Looking at the trace, it is failing in the named code itself. We don't see any traces of bind-dyndb-ldap here but sinze it is assert(view->zonetable != NULL), it is most likely a result of the bind-dyndb-ldap returning an empty zone somehow.
Not sure what could be done other than debugging it with gdb...
On 05.05.2018 11:18, Alexander Bokovoy wrote:
On Sat, 05 May 2018, Timo Aaltonen wrote:
On 05.05.2018 10:53, Alexander Bokovoy wrote:
On la, 05 touko 2018, Timo Aaltonen via FreeIPA-users wrote:
Hi,
Named is crashing here on start, but not if I disable the dyndb part of named.conf. So I assume it's not getting data out of ldap correctly (or correct data), and this from slapd logs might suggest so:
[05/May/2018:09:42:02.566222364 +0300] conn=23 op=3 SRCH base="cn=dns,dc=foo,dc=bar" scope=2 filter="(|(objectClass=idnsConfigObject)(&(objectClass=idnsServerConfigObject)(idnsServerId=host.foo.bar)))"
attrs=ALL [05/May/2018:09:42:02.568886490 +0300] conn=23 op=3 RESULT err=0 tag=101 nentries=2 etime=0.0002800470 [05/May/2018:09:42:02.715423436 +0300] conn=24 op=-1 fd=96 closed - B1 [05/May/2018:09:42:02.716084255 +0300] conn=23 op=-1 fd=95 closed error 104 (Connection reset by peer) - TCP connection reset by peer.
looking at the install logs everything seemed to go fine until it started named, and ldapsearch doesn't provide any hints either..
Any stacktrace?
Sure:
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007fe56ee3e801 in __GI_abort () at abort.c:79 #2 0x000055e3cba8ee57 in assertion_failed (file=<optimized out>, line=<optimized out>, type=<optimized out>, cond=<optimized out>) at ../../../bin/named-pkcs11/main.c:229 #3 0x00007fe57024a7fa in isc_assertion_failed (file=file@entry=0x7fe570cea548 "../../../lib/dns-pkcs11/view.c", line=line@entry=962, type=type@entry=isc_assertiontype_require, cond=cond@entry=0x7fe570cea728 "view->zonetable != ((void *)0)") at ../../../lib/isc-pkcs11/assertions.c:49 #4 0x00007fe570c5c2aa in dns_view_addzone (view=view@entry=0x7fe56035a780, zone=<optimized out>) at ../../../lib/dns-pkcs11/view.c:962 #5 0x000055e3cbaaca77 in configure_zone (config=config@entry=0x7fe571340bc8, zconfig=0x7fe57133d970, vconfig=vconfig@entry=0x7fe57133d010, mctx=mctx@entry=0x55e3cd9c6380, view=view@entry=0x7fe56035a780, viewlist=viewlist@entry=0x7fe56900f980, aclconf=0x7fe57131a0b0, added=isc_boolean_false, old_rpz_ok=isc_boolean_false, modify=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:5661 #6 0x000055e3cba707d1 in configure_view (view=0x7fe56035a780, viewlist=viewlist@entry=0x7fe56900f980, config=0x7fe571340bc8, vconfig=vconfig@entry=0x7fe57133d010, cachelist=cachelist@entry=0x7fe56900f9a0, bindkeys=0x7fe571344970, mctx=0x55e3cd9c6380, actx=0x7fe57131a0b0, need_hints=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:3416 #7 0x000055e3cbab9309 in load_configuration (filename=<optimized out>, server=server@entry=0x7fe571318010, first_time=first_time@entry=isc_boolean_true) at ../../../bin/named-pkcs11/server.c:8003 #8 0x000055e3cbabaf33 in run_server (task=<optimized out>, event=<optimized out>) at ../../../bin/named-pkcs11/server.c:8672 #9 0x00007fe570271b59 in dispatch (manager=0x7fe57130f010) at ../../../lib/isc-pkcs11/task.c:1140 #10 run (uap=0x7fe57130f010) at ../../../lib/isc-pkcs11/task.c:1312 #11 0x00007fe56f7eb6db in start_thread (arg=0x7fe569010700) at pthread_create.c:463 #12 0x00007fe56ef1f88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
The LDAP search result with 2 entries suggests it might be a replication conflict. At least the search is expecting to get a single entry back, it seems.
this is a single server, no replicas
Looking at the trace, it is failing in the named code itself. We don't see any traces of bind-dyndb-ldap here but sinze it is assert(view->zonetable != NULL), it is most likely a result of the bind-dyndb-ldap returning an empty zone somehow.
Not sure what could be done other than debugging it with gdb...
Finally got all symbols working, had to reinstall bind9..
#1 0x00005555555afa77 in configure_zone (config=config@entry=0x7ffff7fcfbc8, zconfig=0x7ffff7fcc970, vconfig=vconfig@entry=0x7ffff7fcc010, mctx=mctx@entry=0x55555582d380, view=view@entry=0x7fffe835a5c0, viewlist=viewlist@entry=0x7fffefca4980, aclconf=0x7ffff7fa90b0, added=isc_boolean_false, old_rpz_ok=isc_boolean_false, modify=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:5661 pview = 0x0 zone = 0x7fffe835ceb0 raw = 0x0 dupzone = 0x0 options = 0x7ffff7fcfc90 zoptions = 0x7ffff7fccbc8 typeobj = 0x7ffff7fccc90 forwarders = 0x0 forwardtype = 0x0 only = 0x0 signing = 0x0 viewobj = 0x0 result = 0 tresult = <optimized out> buffer = {magic = 1114990113, base = 0x7ffff7fc2160, length = 12, used = 12, current = 12, active = 0, link = {prev = 0xffffffffffffffff, next = 0xffffffffffffffff}, mctx = 0x0, autore = isc_boolean_false} fixorigin = {name = {magic = 1145983854, ndata = 0x7fffefca2e50 "\aversion\004bind", length = 14, labels = 3, attributes = 1, offsets = 0x7fffefca2d90 "", buffer = 0x7fffefca2e10, link = { prev = 0xffffffffffffffff, next = 0xffffffffffffffff}, list = {head = 0x0, tail = 0x0}}, offsets = "\000\b\r\377\377\377\377\377\256\000\000\000\000\000\000\000\200\000\000\350\377\177\000\000 \000\000\350\377\177\000\000\000\000\000\000\000\000\000\000\360\177\262\365\377\177\000\000\000\000\000\000\000\000\000\000\370\n\000\000\000\000\000\000\000\000\000\000\", '\000' <repeats 20 times>, "\302\361].\377\215\363h\3 16I\355\377\177\000\000\260\a\363\366\377\177\000\000\000\001\000\000\000\000\000\000\017g\362\366\377\177\000", buffer = {magic = 1114990113, base = 0x7fffefca2e50, length = 255, used = 14, current = 0, active = 0, link = {prev = 0xffffffffffffffff, next = 0xffffffffffffffff}, mctx = 0x0, autore = isc_boolean_false}, data = "\aversion\004bind\000\000\000X\005\230\367\377\177\000\000\000\302\361].\377\215\363\300\232\065\350\377\177\000\000\263\305_UUU\000\000\320;\312\357\377\177\000\000\317I\360\366\377\177\000\000\377\377\377\377\377\377\377\377\000\302\361].\377\215\363p\257\r\350\377\177\000\000\310\373\374\367\377\177\000\000(\250\065\350\377\177\000\000\000\000\000\000\000\000\000\000\300d\373\367\377\177\000\000\003\000\000\000\000\000\000\000\020\300\374\367\377\177\000\000o56\367\377\177\000\000\000\000\000\000\000\000\000\000(\250\065\350\377\177\000\000\310\373\374\367\377\177\000\000\247\376VUUU\000\000(\250\065\350\377\177\000\000`\376VUUU\000\000\222\027_UUU\000\000"...} origin = 0x7fffefca2d40 zname = <optimized out> zclass = 3 ztypestr = 0x7ffff7fbf100 "master" rpz_num = 32 ' ' zone_is_catz = isc_boolean_false #2 0x00005555555737d1 in configure_view (view=0x7fffe835a5c0, viewlist=viewlist@entry=0x7fffefca4980, config=0x7ffff7fcfbc8, vconfig=vconfig@entry=0x7ffff7fcc010, cachelist=cachelist@entry=0x7fffefca49a0, bindkeys=0x7ffff7fd3970, mctx=0x55555582d380, actx=0x7ffff7fa90b0, need_hints=isc_boolean_false) at ../../../bin/named-pkcs11/server.c:3416 zconfig = <optimized out> maps = {0x7ffff7fcc268, 0x7ffff7fcfc90, 0x7ffff7fb6588, 0x0} cfgmaps = {0x7ffff7fcc268, 0x7ffff7fcfbc8, 0x0} optionmaps = {0x7ffff7fcc268, 0x7ffff7fcfc90, 0x0} options = 0x7ffff7fcfc90 voptions = <optimized out> forwardtype = 0x0 forwarders = 0x0 alternates = 0x0 zonelist = 0x7ffff7fcc8a8 dlzlist = 0x0 dlz = <optimized out> dlvobj = 0x0 dlzargc = 34286931 dlzargv = 0x0 dyndb_list = 0x7ffff7fd3330 disabled = 0x0 obj = 0x0 obj2 = <optimized out> element = 0x7ffff7f9b340 port = 53 cache = 0x0 result = <optimized out> cleaning_interval = <optimized out> max_cache_size = <optimized out> max_cache_size_percent = 0 max_acache_size = <optimized out> max_adb_size = <optimized out> lame_ttl = <optimized out> fail_ttl = <optimized out> ring = 0x0 pview = 0x0 cmctx = 0x0 hmctx = 0x0 dispatch4 = 0x0 dispatch6 = 0x0 reused_cache = isc_boolean_false shared_cache = isc_boolean_false i = <optimized out> j = <optimized out> k = <optimized out> str = <optimized out> cachename = 0x0 order = 0x0 udpsize = <optimized out> maxbits = <optimized out> resopts = 0 zone = 0x0 max_clients_per_query = <optimized out> empty_zones_enable = <optimized out> disablelist = 0x0 resstats = 0x0 resquerystats = 0x0 auto_root = isc_boolean_false nsc = <optimized out> zero_no_soattl = <optimized out> clients = 0x0 mapped = 0x0 excluded = 0x0 query_timeout = <optimized out> ndisp = <optimized out> old_rpz_ok = isc_boolean_false dscp4 = -1 dscp6 = -1 dctx = 0x0 #3 0x00005555555bc309 in load_configuration (filename=<optimized out>, server=server@entry=0x7ffff7fa7010, first_time=first_time@entry=isc_boolean_true) at ../../../bin/named-pkcs11/server.c:8003 vconfig = 0x7ffff7fcc010 config = 0x7ffff7fcfbc8 bindkeys = 0x7ffff7fd3970 conf_parser = 0x7ffff7fbc100 bindkeys_parser = 0x7ffff7fbc178 element = 0x7ffff7f9b310 builtin_views = 0x7ffff7fcbee8 maps = {0x7ffff7fcfc90, 0x7ffff7fb6588, 0x0} obj = 0x7ffff7fd07e0 options = 0x7ffff7fcfc90 usev4ports = 0x0 avoidv4ports = 0x0 usev6ports = 0x0 avoidv6ports = 0x0 views = 0x0 view = 0x7fffe835a5c0 view_next = <optimized out> tmpviewlist = <optimized out> viewlist = {head = 0x7fffe80daf70, tail = 0x7fffe80daf70} builtin_viewlist = {head = 0x7fffe835a5c0, tail = 0x7fffe835a5c0} listen_port = 53 udpport_low = 32768 udpport_high = 60999 i = <optimized out> num_zones = <optimized out> exclusive = isc_boolean_true interval = {seconds = 86400, nanoseconds = 0} logc = 0x0 v4portset = 0x7fffe8054090 v6portset = 0x7fffe80560a0 nfiles = 1048576 result = <optimized out> tresult = <optimized out> heartbeat_interval = <optimized out> interface_interval = <optimized out> reserved = <optimized out> udpsize = <optimized out> transfer_message_size = <optimized out> nsc = <optimized out> cachelist = {head = 0x7ffff7fa6520, tail = 0x7ffff7fa6520} tmpcachelist = <optimized out> maxsocks = 4096 softquota = <optimized out>
freeipa-users@lists.fedorahosted.org