Package: sks Version: 1.1.0-4 Severity: normal We’re running a private keyserver (publicly accessible, but not synchronised with the keyserver network, and forbidden for search engines to index via robots.txt, for eMail address privacy) with the stock Lenny sks package and see occasional database corruption.
Symptoms: • sks doesn’t start any more • sks must be killed with -9 • the daily cronjob hangs After a bit of tricking around, I finally managed to patch the cronjob do work around some of the issues, mostly by calling db4.6_recover and SIGKILLing sks if the init script fails to get it down. This is the diff: --- /etc/cron.daily/sks 2008-07-22 00:00:00.000000000 +0200 +++ /etc/cron.daily/sks 2010-10-13 09:18:30.000000000 +0200 @@ -22,16 +22,24 @@ clean_directory() { dir=$1 if [ -d "$dir" ] then + db4.6_recover -h $dir db4.6_archive -h $dir -d fi return 0 } +(/etc/init.d/sks stop || :) +for pidfile in /var/run/sks/sksdb.pid /var/run/sks/sksrecon.pid; do + [[ -s $pidfile ]] || continue + kill -9 $(<$pidfile) +done + # The DB directory holds indexes and keys. clean_directory /var/lib/sks/DB # PTree is for the hashes used with the reconciliation algorithm. (I think) clean_directory /var/lib/sks/PTree +/etc/init.d/sks start exit 0 As further difference from the package, the init script was patched with this, for the sake of completeness, but I under- stand this has been fixed in later versions: --- /etc/init.d/sks~ 2008-06-03 00:00:00.000000000 +0200 +++ /etc/init.d/sks 2009-12-22 12:24:41.000000000 +0100 @@ -68,6 +68,9 @@ case "$1" in exit 0 fi + mkdir -p /var/run/sks + chown debian-sks:debian-sks /var/run/sks + echo -n " sksdb.." start-stop-daemon --start --quiet --oknodo \ The configuration only sets hostname, hkp_port and dontgossip. There’s still one more occasional problem: the PTree was damaged beyond what db4.6_{recover,checkpoint} could do, but removing it “fixed” the problem. (Luckily the keyring is backed up by exporting.) Finally, a minor annoyance, the log is spammed several times per minute with this message: 2010-10-14 09:27:06 <mail transmit keys> error in callback.: Failure("No partners specified") Is running a stand-alone keyserver not supported? This is more a question whether you know of these problems or have advice, and to document my attempts to work around it, as a “real” bugreport, because I have no idea how to actually reproduce the problems (they do appear on our key- server relatively often – for DB – and very rarely – for PTree – though). Any input welcome. -- System Information: Debian Release: 5.0.6 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-xen-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/mksh Versions of packages sks depends on: ii adduser 3.110 add and remove users and groups ii db4.6-util 4.6.21-11 Berkeley v4.6 Database Utilities ii libc6 2.7-18lenny4 GNU C Library: Shared libraries ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii logrotate 3.7.1-5 Log rotation utility ii postfix [mail-transpor 2.5.5-1.1 High-performance mail transport ag ii procmail 3.22-16 Versatile e-mail processor ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime sks recommends no packages. sks suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org