Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Hi,
I reopen this because I have seen another side effect.
The LXC containers fail to start automatically during boot.
I attach a patch to fix this.
I haven't tested with "systemd" as "init", but I think it's not a
problem ("systemd" doesn't use /etc/init.d/lxc script, right ?).
Best regards,
--- /etc/init.d/lxc.orig 2017-01-11 11:47:00.0 +0100
+++ /etc/init.d/lxc 2017-01-11 11:48:00.0 +0100
@@ -7,8 +7,8 @@
#
### BEGIN INIT INFO
# Provides: lxc
-# Required-Start: $syslog $remote_fs
-# Required-Stop: $syslog $remote_fs
+# Required-Start: $syslog $remote_fs cgroupfs-mount
+# Required-Stop: $syslog $remote_fs cgroupfs-mount
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
signature.asc
Description: OpenPGP digital signature
Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Package: lxc Version: 1:2.0.5-3 Severity: important Tags: newcomer Found: 1:2.0.5-1 Notfound: 1:2.0.4-1 Hi, After an upgrade from /1:2.0.4-1/, lxc containers fails to start on /SysV init/. It seems that it is following the removal of "cgmanager" support. A workaround is to install the "cgroupfs-mount" package or manually mount /cgroups/. Could you add some information to help ? Maybe update dependencies (recommended or suggested, like previously "cgmanager") on "systemd" or "cgroupfs-mount" for /cgroups/ settings. Note: On my system, "systemd" is installed (required by other services), but is not used as /init/. -- Before "cgroupfs-mount" installation: --- lxc-start logs: lxc-start: cgroups/cgfs.c: cgfs_init: 2288 cgroupfs failed to detect cgroup metadata lxc-start: start.c: lxc_spawn: 1094 failed initializing cgroup support lxc-start: start.c: __lxc_start: 1354 failed to spawn 'test-container' lxc-start: tools/lxc_start.c: main: 344 The container failed to start. --- lxc-checkconfig outputs: Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-4.7.0-1-amd64 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled --- Control groups --- Cgroup: enabled Cgroup namespace: required Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled Bridges: enabled Advanced netfilter: enabled CONFIG_NF_NAT_IPV4: enabled CONFIG_NF_NAT_IPV6: enabled CONFIG_IP_NF_TARGET_MASQUERADE: enabled CONFIG_IP6_NF_TARGET_MASQUERADE: enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled FUSE (for use with lxcfs): enabled --- Checkpoint/Restore --- checkpoint restore: enabled CONFIG_FHANDLE: enabled CONFIG_EVENTFD: enabled CONFIG_EPOLL: enabled CONFIG_UNIX_DIAG: enabled CONFIG_INET_DIAG: enabled CONFIG_PACKET_DIAG: enabled CONFIG_NETLINK_DIAG: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig -- After "cgroupfs-mount" installation: --- lxc-checkconfig outputs: Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-4.7.0-1-amd64 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled --- Control groups --- Cgroup: enabled Cgroup clone_children flag: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled Bridges: enabled Advanced netfilter: enabled CONFIG_NF_NAT_IPV4: enabled CONFIG_NF_NAT_IPV6: enabled CONFIG_IP_NF_TARGET_MASQUERADE: enabled CONFIG_IP6_NF_TARGET_MASQUERADE: enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled FUSE (for use with lxcfs): enabled --- Checkpoint/Restore --- checkpoint restore: enabled CONFIG_FHANDLE: enabled CONFIG_EVENTFD: enabled CONFIG_EPOLL: enabled CONFIG_UNIX_DIAG: enabled CONFIG_INET_DIAG: enabled CONFIG_PACKET_DIAG: enabled CONFIG_NETLINK_DIAG: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig --- Added mount entries: cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,relatime,cpuset,release_agent=/run/cgmanager/agents/cgm-release-agent.cpuset,clone_children) cgroup on /sys/fs/cgroup/cpu type cgroup (rw,relatime,cpu,release_agent=/run/cgmanager/agents/cgm-release-agent.cpu) cgroup on /sys/fs/cgroup/cpuacct type cgroup (rw,relatime,cpuacct,release_agent=/run/cgmanager/agents/cgm-release-agent.cpuacct) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,relatime,blkio,release_agent=/run/cgmanager/agents/cgm-release-agent.blkio) cgroup on /sys/fs/cgroup/memory type cgroup (rw,relatime,memory,release_agent=/run/cgmanager/agents/cgm-release-agent.memory) cgroup on /sys/fs/cgroup/devices type cgroup (rw,relatime,devices,release_agent=/run/cgmanager/agents/cgm-release-agent.devices) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,relatime,freezer,release_agent=/run/cgmanager/agents/cgm-release-agent.freezer) cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,relatime,net_cls,release_agent=/run/cgmanager/agents/cgm-release-agent.net_cls) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,relatime,perf_event,release_agent=/run/cgmanager/agents/cgm-release-agent.perf_event) cgroup on /sys/fs/cgroup/net_prio type cgroup (rw,relatime,net_prio,release_agent=/run/cgmanager/agents/cgm-release-agent.net_prio) cgroup on /sys/fs/cgroup/pids type cgroup
Bug#808470: samhain: Reload affects all instances, not only the one in //run/samhain/samhain.pid/.
Hi, With my previous patches, I have forgotten 2 modifications of running() function: - The output of the pid found - The check for instance without PIDFILE. The attached patch contains all modifications without cleaning spaces/indent. Regards, diff -ru samhain-3.1.0/debian/samhain.init samhain-3.1.0-patched/debian/samhain.init --- samhain-3.1.0/debian/samhain.init 2016-03-14 22:54:42.0 +0100 +++ samhain-3.1.0-patched/debian/samhain.init 2016-03-14 23:09:00.671890834 +0100 @@ -35,13 +35,11 @@ pid=`cat $PIDFILE` # No pid, probably no daemon present if [ -n "$pid" ] ; then - pidofproc -p $PIDFILE $DAEMON + pidofproc -p $PIDFILE $DAEMON >/dev/null return $? fi fi -# Try to find the daemon by name -pidof $DAEMON >/dev/null -return $? +return 1 } # Initialize @@ -72,13 +70,13 @@ ;; stop) log_begin_msg "Stopping $DESC: $NAME" -start-stop-daemon --stop --quiet --retry 5 --oknodo --pidfile $PIDFILE --name $NAME +start-stop-daemon --stop --quiet --retry 30 --oknodo --pidfile $PIDFILE --name $NAME log_end_msg $? ;; reload) log_begin_msg "Reloading $DESC configuration files: $NAME" if running ; then - start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --exec $DAEMON log_end_msg $? else log_daemon_msg " ERROR: $DAEMON is not running." @@ -89,11 +87,7 @@ restart|force-reload) log_begin_msg "Restarting $DESC: $NAME" if running; then - start-stop-daemon --stop --quiet --retry 5 --oknodo --pidfile $PIDFILE --name $NAME - for i in 1 2 3 ; do - if ! running; then break ; fi - sleep 1 - done + start-stop-daemon --stop --quiet --retry 30 --oknodo --pidfile $PIDFILE --name $NAME fi if ! running ; then start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON signature.asc Description: OpenPGP digital signature
Bug#817841: openresolv: doesn't work with multiple domains in search, they are concatenated.
Ticket available on: http://roy.marples.name/projects/openresolv/tktview/2557e09a73327a41b2cc6676bacf42966f53df35 signature.asc Description: OpenPGP digital signature
Bug#817841: openresolv: doesn't work with multiple domains in search, they are concatenated.
Package: openresolv
Version: 3.7.3-1
Severity: important
Tags: upstream
Hi,
The problem occurs since the new /3.7.3-1/.
A way to reproduce (using bind):
# resolvconf -a wlan0 < domain test2.example.org
> search test2.example.org. example.org. test1.example.org
> nameserver 192.168.0.1
> EOF
Failed to try-restart nscd.service: No such method 'TryRestartUnit'
See system logs and 'systemctl status nscd.service' for details.
Failed to try-restart named.service: No such method 'TryRestartUnit'
See system logs and 'systemctl status named.service' for details.
# resolvconf -l
# resolv.conf from wlan0
domain test2.example.org
search test2.example.org. example.org. test1.example.org
nameserver 192.168.0.1
# resolvconf -v
DOMAIN='test2.example.org'
SEARCH='vm test2.example.orgexample.orgtest1.example.org'
NAMESERVERS='192.168.0.1'
LOCALNAMESERVERS='127.0.0.1'
DOMAINS='test2.example.orgexample.orgtest1.example.org:192.168.0.1'
# cat resolvconf-zones.conf
# Generated by resolvconf
zone "test2.example.orgexample.orgtest1.example.org" {
type forward;
forward first;
forwarders {
192.168.0.1;
};
};
I think messages on /add/ are a new problem: trying to use /systemd/ to
reload /bind/ instead of /invoke-rc.d/.
I have /systemd/ intalled, but my /init/ is /sysvinit/.
Best regards,
-- System Information:
Debian Release: stretch/sid
Kernel: Linux 4.3.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
-- Configuration Files:
/etc/resolvconf.conf changed [not included]
-- no debconf information
signature.asc
Description: OpenPGP digital signature
Bug#808470: samhain: Reload affects all instances, not only the one in //run/samhain/samhain.pid/.
Hi,
With my previous patch, the waiting time of the stop action is sometimes
insufficient. For information on my systems, the time has never exceeded
7 seconds.
The second patch (samhain-reindent.patch) is cleaning spaces/indent, if
you want it.
Regards,
diff -ru samhain-3.1.0-patched/debian/samhain.init samhain-3.1.0-patched2/debian/samhain.init
--- samhain-3.1.0-patched/debian/samhain.init 2016-02-13 11:10:20.747663920 +0100
+++ samhain-3.1.0-patched2/debian/samhain.init 2016-02-13 11:30:28.855246439 +0100
@@ -1,5 +1,5 @@
#! /bin/sh
-#
+#
# Init.d file for Samhain, based on the example init.d file written by
# Miquel van Smoorenburg and modified for Debian GNU/Linux by Ian Murdock
#
@@ -30,87 +30,86 @@
# Check if a daemon is running
running()
{
-# Check with pidfile first, if available
-if [ -r "$PIDFILE" ] ; then
- pid=`cat $PIDFILE`
-# No pid, probably no daemon present
- if [ -n "$pid" ] ; then
- pidofproc -p $PIDFILE $DAEMON
- return $?
- fi
-fi
-# Try to find the daemon by name
-pidof $DAEMON >/dev/null
-return $?
+ # Check with pidfile first, if available
+ if [ -r "$PIDFILE" ] ; then
+ pid=`cat $PIDFILE`
+ # No pid, probably no daemon present
+ if [ -n "$pid" ] ; then
+ pidofproc -p $PIDFILE $DAEMON
+ return $?
+ fi
+ fi
+ # Try to find the daemon by name
+ pidof $DAEMON >/dev/null
+ return $?
}
-# Initialize
+# Initialize
init_db()
{
-# Initialize the database only if does not exist yet, abort if
-# it cannot be created
- [ -f /var/lib/samhain/samhain_file ] && return
- log_progress_msg "Creating integrity database (this can take some minutes)."
- samhain -t init >/var/log/samhain/samhain-init.log 2>&1
- if [ ! -f /var/lib/samhain/samhain_file ] ; then
-log_failure_msg "Database could not be created. Review /var/log/samhain/samhain-init.log"
-log_end_msg 1
-exit 1
-fi
-log_progress_msg "Database created."
+ # Initialize the database only if does not exist yet, abort if
+ # it cannot be created
+ [ -f /var/lib/samhain/samhain_file ] && return
+ log_progress_msg "Creating integrity database (this can take some minutes)."
+ samhain -t init >/var/log/samhain/samhain-init.log 2>&1
+ if [ ! -f /var/lib/samhain/samhain_file ] ; then
+ log_failure_msg "Database could not be created. Review /var/log/samhain/samhain-init.log"
+ log_end_msg 1
+ exit 1
+ fi
+ log_progress_msg "Database created."
}
case "$1" in
- start)
-[ ! -e /var/run/${NAME} ] && mkdir -p /var/run/${NAME}
-log_begin_msg "Starting $DESC: $NAME"
-init_db
-start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON
-log_end_msg $?
-;;
- stop)
-log_begin_msg "Stopping $DESC: $NAME"
-start-stop-daemon --stop --quiet --retry 30 --oknodo --pidfile $PIDFILE --name $NAME
-log_end_msg $?
-;;
- reload)
- log_begin_msg "Reloading $DESC configuration files: $NAME"
- if running ; then
- start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON
+ start)
+ [ ! -e /var/run/${NAME} ] && mkdir -p /var/run/${NAME}
+ log_begin_msg "Starting $DESC: $NAME"
+ init_db
+ start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON
log_end_msg $?
- else
- log_daemon_msg " ERROR: $DAEMON is not running."
- log_end_msg 1
- fi
-
- ;;
- restart|force-reload)
-log_begin_msg "Restarting $DESC: $NAME"
- if running; then
- start-stop-daemon --stop --quiet --retry 30 --oknodo --pidfile $PIDFILE --name $NAME
- fi
-if ! running ; then
-start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
-log_end_msg $?
-else
-log_daemon_msg " ERROR: $DAEMON did not die in the expected time, will not restart/force-reload"
-log_end_msg 1
-fi
-;;
- status)
- if [ -e $PIDFILE ] ; then
- status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
- else
- status_of_proc $DAEMON $NAME && exit 0 || exit $?
- fi
-;;
- *)
-N=/etc/init.d/${0##*/}
-echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2
-exit 1
-;;
+ ;;
+ stop)
+ log_begin_msg "Stopping $DESC: $NAME"
+ start-stop-daemon --stop --quiet --retry 30 --oknodo --pidfile $PIDFILE --name $NAME
+ log_end_msg $?
+ ;;
+ reload)
+ log_begin_msg "Reloading $DESC configuration files: $NAME"
+ if running ; then
+ start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON
+ log_end_msg $?
+ else
+ log_daemon_msg " ERROR: $DAEMON is not running."
+ log_end_msg 1
+ fi
+ ;;
+ restart|force-reload)
+ log_begin_msg "Restarting $DESC: $NAME"
+ if running; then
+ start-stop-daemon --stop --quiet --retry 30 --oknodo --pidfile $PIDFILE --name $NAME
+ fi
+ if ! running ; then
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
+ log_end_msg $?
+ else
+ log_daemon_msg "
Bug#808470: samhain: Reload affects all instances, not only the one in //run/samhain/samhain.pid/.
Package: samhain Version: 3.1.0-7 Severity: minor Tags: patch The problem affects manually started instances and instances inside /lxc/'s containers (if /samhain/ is installed on host and guests) when the log rotation occurs on host. The patch have an other side effect: the child process isn't killed yet. I'm not sure that the configuration is really reloaded for it and maybe log on the old file still. Best regards, diff -Naur samhain-3.1.0/debian/samhain.init samhain-3.1.0-patched/debian/samhain.init --- samhain-3.1.0/debian/samhain.init 2015-12-20 12:46:12.0 +0100 +++ samhain-3.1.0-patched/debian/samhain.init 2015-12-20 12:51:46.637027832 +0100 @@ -78,7 +78,7 @@ reload) log_begin_msg "Reloading $DESC configuration files: $NAME" if running ; then - start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --exec $DAEMON log_end_msg $? else log_daemon_msg " ERROR: $DAEMON is not running." signature.asc Description: OpenPGP digital signature
Bug#807808: openvpn: Please preserve order of pushed parameters in update-resolv-conf, if more than 9.
Package: openvpn
Version: 2.3.7-2+b1
Severity: minor
Tags: patch
Hi,
I came across a bug when using /update-resolv-conf/ in my configuration.
Indeed, when there are more than 9 parameters pushed from the server,
the order isn't kept, when applied.
Here's my patch to fix this problem.
Best regards,
--- openvpn-2.3.7/debian/control 2015-09-08 10:09:05.0 +0200
+++ openvpn-2.3.7-patched/debian/control 2015-12-08 00:40:47.250754635 +0100
@@ -11,7 +11,7 @@
Package: openvpn
Architecture: any
Depends: debconf | debconf-2.0, ${shlibs:Depends}, ${misc:Depends}, initscripts (>= 2.88dsf-13.3), iproute2 [linux-any], net-tools [!linux-any]
-Suggests: openssl, resolvconf
+Suggests: openssl, resolvconf, coreutils
Recommends: easy-rsa
Description: virtual private network daemon
OpenVPN is an application to securely tunnel IP networks over a
--- openvpn-2.3.7/debian/update-resolv-conf 2013-09-09 15:58:03.0 +0200
+++ openvpn-2.3.7-patched/debian/update-resolv-conf 2015-12-12 23:43:25.604424477 +0100
@@ -30,7 +30,8 @@
up)
NMSRVRS=""
SRCHS=""
- for optionvarname in ${!foreign_option_*} ; do
+ foreign_options=$(printf '%s\n' ${!foreign_option_*} | sort -t _ -k 3 -g)
+ for optionvarname in ${foreign_options} ; do
option="${!optionvarname}"
echo "$option"
split_into_parts $option
signature.asc
Description: OpenPGP digital signature
Bug#799041: Updated rules for isc-dhcp-server.
Hi,
Thank you.
In case you are interrested, here's my patch for it.
He keeps working with previous versions of /isc-dhcp-server/.
Best regards,
--- logcheck-1.3.17/rulefiles/linux/ignore.d.server/dhcp 2014-10-25 00:01:52.0 +0200
+++ logcheck-1.3.17-patched/rulefiles/linux/ignore.d.server/dhcp 2015-10-05 17:57:39.0 +0200
@@ -1,48 +1,48 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): Internet (Software|Systems) Consortium DHCP Server [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): Copyright [0-9-]+ Internet (Software|Systems) Consortium\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): All rights reserved\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): For info, please visit http(://www\.isc\.org/(products/DHCP|sw/dhcp/)|s://www\.isc\.org/software/dhcp/)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): Wrote [0-9]+ (leases|(class|group|deleted host|new dynamic host) decls) to leases file\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): (BOOTREQUEST|DHCPDISCOVER) from [:[:alnum:]]+ (\([\(\):._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): BOOTREPLY (for|on) [.0-9]{7,15} to [:[:alnum:]]+ (\([:._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPOFFER on [.0-9]{7,15} to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPREQUEST for [.0-9]{7,15} (\([.0-9]{7,15}\) )?from [:._[:alnum:]-]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+(: unknown lease [.0-9]{7,15}\.)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCPACK on [.0-9]{7,15} to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|): DHCP(NAK|RELEASE|INFORM) (on|from) ([.0-9]{7,15}|[:[:alnum:].]+)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): Internet (Software|Systems) Consortium DHCP Server [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): Copyright [0-9-]+ Internet (Software|Systems) Consortium\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): All rights reserved\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): For info, please visit http(://www\.isc\.org/(products/DHCP|sw/dhcp/)|s://www\.isc\.org/software/dhcp/)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): Wrote [0-9]+ (leases|(class|group|deleted host|new dynamic host) decls) to leases file\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): (BOOTREQUEST|DHCPDISCOVER) from [:[:alnum:]]+ (\([\(\):._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): BOOTREPLY (for|on) [.0-9]{7,15} to [:[:alnum:]]+ (\([:._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): DHCPOFFER on [.0-9]{7,15} to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): DHCPREQUEST for [.0-9]{7,15} (\([.0-9]{7,15}\) )?from [:._[:alnum:]-]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+(: unknown lease [.0-9]{7,15}\.)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): DHCPACK on [.0-9]{7,15} to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd(-2\.2\.x|\[[[:digit:]]+\]|): DHCP(NAK|RELEASE|INFORM) (on|from) ([.0-9]{7,15}|[:[:alnum:].]+)$
#Added for dhcp 3
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPDISCOVER from [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+(: load balance to peer [._[:alnum:]-]+)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPOFFER on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPREQUEST for [.0-9]{7,15} (\([.0-9]{7,15}\) |)from [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+(: load balance to peer [._[:alnum:]-]+\.?|: lease owned by peer\.?|: wrong network\.?|: lease [.0-9]{7,15} unavailable\.?)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPACK on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPNAK on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPINFORM from [.0-9]{7,15} via [._[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPRELEASE of [.0-9]{7,15} from [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+ \((not |)found\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: DHCPACK to [.0-9]{7,15}( \(([:[:xdigit:]]+|)\) via [._[:alnum:]-]+)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd: ((balancing|balanced) )?pool [0-9a-f]{6,7} [.0-9]{7,15}/[:[:alnum:]]+ ? total [:[:alnum:]]+ free [:[:alnum:]]+ backup [:[:alnum:]]+ lts
Bug#792430: openresolv: Fail if a zone is declared on multiple interfaces.
Hi, Sorry about the late response, notification seems to have failed too. To produce outputs that you requested, I did some tests. test$ resolvconf -l # resolv.conf from tun10.openvpn search test1.example.org example.org test2.example.org nameserver 192.168.1.1 # resolv.conf from wlan0 # resolv.conf for wlan0 domain test2.example.org search test2.example.org. example.org. test1.example.org nameserver 192.168.0.1 test$ resolvconf -v DOMAIN='test2.example.org' SEARCH='test test1.example.org example.org test2.example.org test2.example.org. example.org. test1.example.org.' NAMESERVERS='192.168.0.1' LOCALNAMESERVERS='' DOMAINS='test1.example.org:192.168.1.1 example.org:192.168.1.1 test2.example.org:192.168.1.1 test2.example.org.:192.168.0.1 example.org.:192.168.0.1 test1.example.org.:192.168.0.1' The bug seems linked with the dot at the end of domain names. When all entries have the same syntax, it works ! Can you add the trailing dot when it's not present ? It will limit DNS queries with suffixes in /search/ (without that, a combination of suffixes is tried for each query). Otherwise, I do not think this is the best solution to merge resolvers addresses provided by the various network interfaces for a zone. Indeed, if the zone is the same on all networks, there is no problem. But if not, wouldn't it cause strange behaviors, like not predictable mixed resolutions, induced by timeouts for example ? In my opinion, we should only have access to one zone at a time, the one provided by the highest priority interface for example. However, it would be useful to keep the fusion for resolvers on the same interface, provided by different sources like DHCP and DHCPv6... What do you think ? Best regards, Thibaut Chèze signature.asc Description: OpenPGP digital signature
Bug#792428: openresolv: "Failed to get D-Bus connection" randomly at update and boot on bind9 restart
Hi, Sorry about the late response, notifications seems to be failed. /etc/resolvconf.conf: # Configuration for resolvconf(8) # See resolvconf.conf(5) for details resolv_conf=/etc/resolv.conf # If you run a local name server, you should uncomment the below line and # configure your subscribers configuration files below. #name_servers=127.0.0.1 name_servers=127.0.0.1 search_domains=test # Mirror the Debian package defaults for the below resolvers # so that resolvconf integrates seemlessly. #dnsmasq_resolv=/var/run/dnsmasq/resolv.conf #pdnsd_conf=/etc/pdnsd.conf #unbound_conf=/var/cache/unbound/resolvconf_resolvers.conf named_options=/var/lib/bind/resolvconf-options.conf named_zones=/var/lib/bind/resolvconf-zones.conf I did some tests since Thursday, with versions /3.7.0-1/, /3.7.1-1/ and /3.7.2-1/, and I see a new message instead of the old one: Failed to try-restart nscd.service: No such method 'TryRestartUnit' Failed to try-restart named.service: No such method 'TryRestartUnit' The second line appears alone some times. These lines make me think that /systemd/ is used to reload the service, but my configurations use /sysvinit/. The previous version /3.5.2-1/ seems to use the init script in //etc/init.d/ instead. Best regards, Thibaut Chèze signature.asc Description: OpenPGP digital signature
Bug#798237: (no subject)
I rolled back to the previous version /4.3.3-1/ using packages from /snapshot.debian.org/, and it's working perfectly (with 'interim', didn't try for 'standard' yet). I think, the problem doesn't come from the sources but from compilation options. Best regards, Thibaut Chèze signature.asc Description: OpenPGP digital signature
Bug#792430: openresolv: Fail if a zone is declared on multiple interfaces.
Package: openresolv Version: 3.7.0-1 Severity: important Tags: newcomer When a zone is declared on multiple interfaces (not necessarely same content, but the same name), the configuration generated doesn't work, two entries are provided and this log indicates the failure at bind restart: config: error: /var/lib/bind/resolvconf-zones.conf:23: zone 'example.org': already exists previous definition: /var/lib/bind/resolvconf-zones.conf:16 I think it's the same problem for other resolvers. Maybe use the first declaration, in interfaces order and drop others ? It's not perfect, but technically, the problem have no solution (if zones are the same, it works perfectly, else, some zone are not reachable). This problem also affects the version /3.5.2-1/. Best regards, Thibaut Chèze -- System Information: Debian Release: stretch/sid APT prefers testing-proposed-updates APT policy: (600, 'testing-proposed-updates'), (600, 'testing'), (500, 'stable-updates'), (400, 'proposed-updates'), (400, 'stable'), (300, 'oldstable-proposed-updates'), (300, 'oldstable'), (200, 'unstable'), (100, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- Configuration Files: /etc/dhcp3/dhclient-enter-hooks.d/resolvconf 88c96ccaddd11b931ad6238e04ee0d88 [Errno 2] Aucun fichier ou dossier de ce type: u'/etc/dhcp3/dhclient-enter-hooks.d/resolvconf 88c96ccaddd11b931ad6238e04ee0d88' /etc/resolvconf.conf changed [not included] -- no debconf information signature.asc Description: OpenPGP digital signature
Bug#792428: openresolv: Failed to get D-Bus connection randomly at update and boot on bind9 restart
My workaround for this problem is to stay in version /3.5.2-1/. Le 14/07/2015 19:48, Thibaut Chèze wrote : Package: openresolv Version: 3.7.0-1 Severity: normal Tags: upstream After an update from any source (dhcp, openvpn, static, ...), restart of bind fail with message: Failed to get D-Bus connection: Operation not permitted It's not all the time, but very very often. Best regards, Thibaut Chèze -- System Information: Debian Release: stretch/sid APT prefers testing-proposed-updates APT policy: (600, 'testing-proposed-updates'), (600, 'testing'), (500, 'stable-updates'), (400, 'proposed-updates'), (400, 'stable'), (300, 'oldstable-proposed-updates'), (300, 'oldstable'), (200, 'unstable'), (100, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- Configuration Files: /etc/dhcp3/dhclient-enter-hooks.d/resolvconf 88c96ccaddd11b931ad6238e04ee0d88 [Errno 2] Aucun fichier ou dossier de ce type: u'/etc/dhcp3/dhclient-enter-hooks.d/resolvconf 88c96ccaddd11b931ad6238e04ee0d88' /etc/resolvconf.conf changed [not included] -- no debconf information signature.asc Description: OpenPGP digital signature
Bug#792428: openresolv: Failed to get D-Bus connection randomly at update and boot on bind9 restart
Package: openresolv Version: 3.7.0-1 Severity: normal Tags: upstream After an update from any source (dhcp, openvpn, static, ...), restart of bind fail with message: Failed to get D-Bus connection: Operation not permitted It's not all the time, but very very often. Best regards, Thibaut Chèze -- System Information: Debian Release: stretch/sid APT prefers testing-proposed-updates APT policy: (600, 'testing-proposed-updates'), (600, 'testing'), (500, 'stable-updates'), (400, 'proposed-updates'), (400, 'stable'), (300, 'oldstable-proposed-updates'), (300, 'oldstable'), (200, 'unstable'), (100, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- Configuration Files: /etc/dhcp3/dhclient-enter-hooks.d/resolvconf 88c96ccaddd11b931ad6238e04ee0d88 [Errno 2] Aucun fichier ou dossier de ce type: u'/etc/dhcp3/dhclient-enter-hooks.d/resolvconf 88c96ccaddd11b931ad6238e04ee0d88' /etc/resolvconf.conf changed [not included] -- no debconf information signature.asc Description: OpenPGP digital signature
