Re: [Freeipa-users] named failure: REQUIRE(pthread_kill(ldap_inst-watcher...) failed
On 6.1.2014 21:53, Alexandre Ellert wrote: Do you have some settings in global configuration object in LDAP? You have to adapt the example to your environment: LDAP search base should be cn=dns, dc=ivscloud, dc=local $ ldapsearch -Y GSSAPI -b 'cn=dns,dc=example,dc=com' '(objectClass=idnsConfigObject)' [...] # search result search: 4 result: 32 No such object Anyway, your configuration in /etc/named.conf seems correct. Please let us know if you are able to reproduce the crash, I don't see a way how to fix it without a reproducer. Have a nice day! -- Petr^2 Spacek ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] named failure: REQUIRE(pthread_kill(ldap_inst-watcher...) failed
You have to adapt the example to your environment: LDAP search base should be cn=dns, dc=ivscloud, dc=local $ ldapsearch -Y GSSAPI -b 'cn=dns,dc=example,dc=com' '(objectClass=idnsConfigObject)' [...] # search result search: 4 result: 32 No such object My mistake, here is the result : ldapsearch -Y GSSAPI -b 'cn=dns,dc=ivscloud,dc=local' '(objectClass=idnsConfigObject)' SASL/GSSAPI authentication started SASL username: admin@IVSCLOUD.LOCAL SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base cn=dns,dc=ivscloud,dc=local with scope subtree # filter: (objectClass=idnsConfigObject) # requesting: ALL # # dns, ivscloud.local dn: cn=dns,dc=ivscloud,dc=local objectClass: idnsConfigObject objectClass: nsContainer objectClass: top cn: dns # search result search: 4 result: 0 Success # numResponses: 2 # numEntries: 1 Anyway, your configuration in /etc/named.conf seems correct. Please let us know if you are able to reproduce the crash, I don't see a way how to fix it without a reproducer. I don't know how to reproduce. Maybe try to put a cron '/sbin/service named reload' and see if it crash. Have a nice day! -- Petr^2 Spacek ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] named failure: REQUIRE(pthread_kill(ldap_inst-watcher...) failed
On 7.1.2014 11:14, Alexandre Ellert wrote: You have to adapt the example to your environment: LDAP search base should be cn=dns, dc=ivscloud, dc=local $ ldapsearch -Y GSSAPI -b 'cn=dns,dc=example,dc=com' '(objectClass=idnsConfigObject)' [...] # search result search: 4 result: 32 No such object My mistake, here is the result : ldapsearch -Y GSSAPI -b 'cn=dns,dc=ivscloud,dc=local' '(objectClass=idnsConfigObject)' SASL/GSSAPI authentication started SASL username: admin@IVSCLOUD.LOCAL SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base cn=dns,dc=ivscloud,dc=local with scope subtree # filter: (objectClass=idnsConfigObject) # requesting: ALL # # dns, ivscloud.local dn: cn=dns,dc=ivscloud,dc=local objectClass: idnsConfigObject objectClass: nsContainer objectClass: top cn: dns # search result search: 4 result: 0 Success # numResponses: 2 # numEntries: 1 Anyway, your configuration in /etc/named.conf seems correct. Please let us know if you are able to reproduce the crash, I don't see a way how to fix it without a reproducer. I don't know how to reproduce. Maybe try to put a cron '/sbin/service named reload' and see if it crash. May be, I don't have a better idea. -- Petr^2 Spacek ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] named failure: REQUIRE(pthread_kill(ldap_inst-watcher...) failed
Hello! On 1.1.2014 00:45, Dmitri Pal wrote: On 12/30/2013 04:48 AM, Alexandre Ellert wrote: This night, named crashed on my IPA server (Centos 6.5) : Dec 29 02:27:02 ipa-master named[1537]: received control channel command 'reload' Dec 29 02:27:03 ipa-master named[1537]: ldap_helper.c:640: REQUIRE(pthread_kill(ldap_inst-watcher, 10) == 0) failed, back trace Dec 29 02:27:03 ipa-master named[1537]: #0 0x7f6f443a0eff in ?? Dec 29 02:27:03 ipa-master named[1537]: #1 0x7f6f42d0c89a in ?? Dec 29 02:27:03 ipa-master named[1537]: #2 0x7f6f3e48acbf in ?? Dec 29 02:27:03 ipa-master named[1537]: #3 0x7f6f3e48efd6 in ?? Dec 29 02:27:03 ipa-master named[1537]: #4 0x7f6f3e48f591 in ?? Dec 29 02:27:03 ipa-master named[1537]: #5 0x7f6f43bfca54 in ?? Dec 29 02:27:03 ipa-master named[1537]: #6 0x7f6f443c1b87 in ?? Dec 29 02:27:03 ipa-master named[1537]: #7 0x7f6f443c4726 in ?? Dec 29 02:27:03 ipa-master named[1537]: #8 0x7f6f443c4b36 in ?? Dec 29 02:27:03 ipa-master named[1537]: #9 0x7f6f443c4cf8 in ?? Dec 29 02:27:03 ipa-master named[1537]: #10 0x7f6f44399f55 in ?? Dec 29 02:27:03 ipa-master named[1537]: #11 0x7f6f4439d616 in ?? Dec 29 02:27:03 ipa-master named[1537]: #12 0x7f6f42d2b2f8 in ?? Dec 29 02:27:03 ipa-master named[1537]: #13 0x7f6f426e09d1 in ?? Dec 29 02:27:03 ipa-master named[1537]: #14 0x7f6f41c41b6d in ?? Dec 29 02:27:03 ipa-master named[1537]: exiting (due to assertion failure) DNS was setup during installation time and didn't notify any problem since this server is in production (several months). Can you please advice about how to investigate to find the root cause of this crash ? Should I worry about that or is this just a isolated case ? This crash happens if something goes seriously wrong with the LDAP connection between named and LDAP server. (It should not crash but I feel that this part of code is not bullet-proof.) Do you see any messages complaining about broken connection or something like that? Did the server worked fine before the reload? We need more information about your configuration. Please add details mentioned at https://fedorahosted.org/bind-dyndb-ldap/wiki/BugReporting#Aboutyouroperatingsystemdistribution and https://fedorahosted.org/bind-dyndb-ldap/wiki/BugReporting#Abouttheplugin Have a nice day! -- Petr^2 Spacek ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] named failure: REQUIRE(pthread_kill(ldap_inst-watcher...) failed
We need more information about your configuration. Please add details mentioned at https://fedorahosted.org/bind-dyndb-ldap/wiki/BugReporting#Aboutyouroperatingsystemdistribution and https://fedorahosted.org/bind-dyndb-ldap/wiki/BugReporting#Abouttheplugin What distribution/version/architecture you use? Centos 6.5 (2.6.32-431.el6.x86_64) up to date What plugin version you use? bind-dyndb-ldap-2.3-5.el6.x86_64 Do you use bind-dyndb-ldap as part of FreeIPA installation? Yes Which version of BIND you use ? bind-9.8.2-0.17.rc1.el6_4.6.x86_64 Please provide dynamic-db section from configuration file /etc/named.conf : dynamic-db ipa { library ldap.so; arg uri ldapi://%2fvar%2frun%2fslapd-IVSCLOUD-LOCAL.socket; arg base cn=dns, dc=ivscloud,dc=local; arg fake_mname ipa-master.ivscloud.local.; arg auth_method sasl; arg sasl_mech GSSAPI; arg sasl_user DNS/ipa-master.ivscloud.local; arg zone_refresh 0; arg psearch yes; arg serial_autoincrement yes; arg connections 4; }; Do you have some other text based or DLZ zones configured? no Do you have some global forwarders configured in BIND configuration file? no options { […] forward first; forwarders { }; […] }; Do you have some settings in global configuration object in LDAP? no (not sure) $ ldapsearch -Y GSSAPI -b 'cn=dns,dc=example,dc=com' '(objectClass=idnsConfigObject)' SASL/GSSAPI authentication started SASL username: admin@IVSCLOUD.LOCAL SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base cn=dns,dc=example,dc=com with scope subtree # filter: (objectClass=idnsConfigObject) # requesting: ALL # # search result search: 4 result: 32 No such object # numResponses: 1 Do you see any messages complaining about broken connection or something like that? Did the server worked fine before the reload? The server worked fine before reload (caused by logrotate). I've searched in log file /var/log/dirsrv/*, /var/log/messages but didn't find anything interesting. Thanks for your help ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] named failure: REQUIRE(pthread_kill(ldap_inst-watcher...) failed
On 06/01/14 21:53, Alexandre Ellert wrote: Do you see any messages complaining about broken connection or something like that? Did the server worked fine before the reload? The server worked fine before reload (caused by logrotate). I've searched in log file /var/log/dirsrv/*, /var/log/messages but didn't find anything interesting. Some of the named crashes I had at first with bind-dyndb-ldap when I started using IPA in production a few years ago also happened at the exact time logrotate rotated the log files. I've not had any issues with bind-dyndb-ldap for a while now, however the most busy dns servers are still running flat files generated from IPA's LDAP tree, but the similarity was too close not to mention it. :) Regards, Siggi ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users