Package: pdns-backend-pgsql
Version: 2.9.20-3
Severity: wishlist
I noticed that the gpgsql backend does not work if you simply enable the
chroot configuration option and expect to use an SSL connection to the
PostgreSQL server. The backend is dynamically linked against libssl:
$ ldd /usr/lib/powerdns/libgpgsqlbackend.so | grep libssl
libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00002ab94b59f000)
Since the server is already chrooted when libssl is supposed to be
linked in, it will fail, causing messages like this in
/var/log/daemon.log:
Aug 8 12:38:45 myhost pdns[14523]: gpgsql Connection failed: Unable to connect
to database, connect string: dbname=mydb user=myuser host=10.0.0.10 port=5432
password=xxx: SSL SYSCALL error: No such file or directory
Some ways to fix this would be to copy (or hardlink) the required
libraries into the chroot, to alter PowerDNS to allow loading libssl
before chrooting, and to document how to make it work.
For now, a note in README.Debian, saying that the chroot option won't
work with SSL connections would be nice.
Thanks!
--
Fabian Fagerholm <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
