Univention Bugzilla – Bug 33157
90univention-bind-post.inst hangs while joining via UMC
Last modified: 2013-11-27 16:04:28 CET
While joining with the UMC domain join module the 90univention-bind-post.inst joinscript hangs (→ at "sleep 1" while restarting bind / querying the master). The bind daemon doesn't start because of wrong config permissions: -rw------- 1 root bind 115 6. Nov 15:46 /etc/bind/univention.conf This is probably because the UMC-Moduleserver process runs with restrictive umask (0077).
*** Bug 33282 has been marked as a duplicate of this bug. ***
(In reply to Dirk Wiesenthal from comment #1) > *** Bug 33282 has been marked as a duplicate of this bug. *** It changes the priority since a login was not possible.
fixed The permissions are now set in the bind listener module. Code: r45970 Changelog: r45976
(In reply to Stefan Gohmann from comment #3) > Code: r45970 + r45976 > Changelog: r45976 + r45978
Traceback (most recent call last): File "/usr/lib/univention-directory-listener/system/bind.py", line 85, in handler _new_zone(listener.configRegistry, new['zoneName'][0], dn) File "/usr/lib/univention-directory-listener/system/bind.py", line 146, in _new_zone os.chmod(proxy_zone, 0640) TypeError: coercing to Unicode: need string or buffer, file found
I fixed it in svn46021 univention-bind (8.0.3-1) * Bug #33157: fix typo when setting permissions for the proxy config
There are still configuration files with wrong permissions: Nov 14 11:58:30 slave named[615]: loading configuration from '/etc/bind/named.conf' Nov 14 11:58:30 slave named[615]: /etc/bind/univention.conf:1: open: /etc/bind/univention.conf.d/27.200.10.in-addr.arpa: permission denied Nov 14 11:58:30 slave named[615]: loading configuration: permission denied Nov 14 11:58:30 slave named[615]: exiting (due to fatal error)
The permissions for the directory are wrong: root@slave:~# ls -la /etc/bind/univention.conf.d/ insgesamt 24 drwx--S--- 2 root bind 4096 14. Nov 11:40 .
Fixed with r46030
Fails due to /etc/bind/univention.conf.d/* owned 640 by root.nogroup ============================================================================ root@backup16:~# dpkg-query -W -f='${Package} ${Version}\n' univention-bind univention-bind 8.0.4-1.198.201311141212 root@backup16:~# /usr/sbin/named -c /etc/bind/named.conf -p 7777 -u bind -f -d 10 -g 14-Nov-2013 12:04:57.229 starting BIND 9.8.0-P4 -c /etc/bind/named.conf -p 7777 -u bind -f -d 10 -g 14-Nov-2013 12:04:57.229 built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-dlz-dlopen' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=' 'CPPFLAGS=' 14-Nov-2013 12:04:57.229 adjusted limit on open files from 1024 to 1048576 14-Nov-2013 12:04:57.229 found 1 CPU, using 1 worker thread 14-Nov-2013 12:04:57.230 using up to 4096 sockets 14-Nov-2013 12:04:57.230 Registering DLZ_stub driver. 14-Nov-2013 12:04:57.230 Registering SDLZ driver 'dlz_stub' 14-Nov-2013 12:04:57.231 Registering DLZ driver 'dlz_stub' 14-Nov-2013 12:04:57.231 Registering DLZ filesystem driver. 14-Nov-2013 12:04:57.232 Registering SDLZ driver 'filesystem' 14-Nov-2013 12:04:57.232 Registering DLZ driver 'filesystem' 14-Nov-2013 12:04:57.233 Registering DLZ bdb driver. 14-Nov-2013 12:04:57.233 Registering SDLZ driver 'bdb' 14-Nov-2013 12:04:57.234 Registering DLZ driver 'bdb' 14-Nov-2013 12:04:57.234 Registering DLZ bdbhpt driver. 14-Nov-2013 12:04:57.235 Registering SDLZ driver 'bdbhpt' 14-Nov-2013 12:04:57.235 Registering DLZ driver 'bdbhpt' 14-Nov-2013 12:04:57.235 Registering DLZ ldap driver. 14-Nov-2013 12:04:57.236 Registering SDLZ driver 'ldap' 14-Nov-2013 12:04:57.236 Registering DLZ driver 'ldap' 14-Nov-2013 12:04:57.237 Registering DLZ_dlopen driver 14-Nov-2013 12:04:57.237 Registering SDLZ driver 'dlopen' 14-Nov-2013 12:04:57.237 Registering DLZ driver 'dlopen' 14-Nov-2013 12:04:57.240 decrement_reference: delete from rbt: 0x7f8b047ab068 . 14-Nov-2013 12:04:57.244 loading configuration from '/etc/bind/named.conf' 14-Nov-2013 12:04:57.244 /etc/bind/univention.conf:1: open: /etc/bind/univention.conf.d/8.200.10.in-addr.arpa: permission denied 14-Nov-2013 12:04:57.245 load_configuration: permission denied 14-Nov-2013 12:04:57.245 loading configuration: permission denied 14-Nov-2013 12:04:57.245 exiting (due to fatal error) root@backup16:~# ls -l /etc/bind/univention.conf.d insgesamt 16 -rw-r----- 1 root nogroup 267 14. Nov 11:53 8.200.10.in-addr.arpa -rw-r----- 1 root nogroup 118 14. Nov 11:53 8.200.10.in-addr.arpa.proxy -rw-r----- 1 root nogroup 243 14. Nov 11:53 ar32i9.qa -rw-r----- 1 root nogroup 94 14. Nov 11:53 ar32i9.qa.proxy root@backup16:~# ls -l /etc/bind insgesamt 96 -rw-rw-r-- 1 root root 2389 29. Jul 09:34 bind.keys -rw-rw-r-- 1 root root 237 29. Jul 09:34 db.0 -rw-rw-r-- 1 root root 271 29. Jul 09:34 db.127 -rw-rw-r-- 1 root root 237 29. Jul 09:34 db.255 -rw-rw-r-- 1 root root 353 29. Jul 09:34 db.empty -rw-rw-r-- 1 root root 270 29. Jul 09:34 db.local -rw-rw-r-- 1 root root 3049 29. Jul 09:34 db.root -rw-rw-r-- 1 root root 16 21. Mai 2007 db.root.fake -rw-rw-r-- 1 root bind 23 14. Nov 11:16 local.conf -rw-rw-r-- 1 root bind 23 14. Nov 11:16 local.conf.proxy -rw-rw-r-- 1 root bind 23 14. Nov 11:16 local.conf.samba4 -rw-rw-r-- 1 root bind 74 14. Nov 11:16 local-predlz.conf.samba4 -rw-rw-r-- 1 root bind 876 14. Nov 11:45 named.conf -rw-rw-r-- 1 root bind 463 29. Jul 09:34 named.conf.debian -rw-rw-r-- 1 root bind 490 29. Jul 09:34 named.conf.default-zones -rw-rw-r-- 1 root bind 165 29. Jul 09:34 named.conf.local -rw-rw-r-- 1 root bind 572 29. Jul 09:34 named.conf.options -rw-r--r-- 1 root bind 1394 14. Nov 11:56 named.conf.proxy -rw-r--r-- 1 root bind 1799 14. Nov 11:56 named.conf.samba4 -rw-rw---- 1 bind bind 77 14. Nov 11:15 rndc.key -rw-r--r-- 1 root bind 110 14. Nov 11:57 univention.conf drwxr-xr-x 2 root bind 4096 14. Nov 11:53 univention.conf.d -rw-r--r-- 1 root bind 122 14. Nov 11:57 univention.conf.proxy -rw-rw-r-- 1 root root 1317 29. Jul 09:34 zones.rfc1918 ============================================================================
Fixed with r46035
Ok, works.
UCS 3.2 has been released: http://docs.univention.de/release-notes-3.2-en.html http://docs.univention.de/release-notes-3.2-de.html If this error occurs again, please use "Clone This Bug".