Re: bind 9.16.6 on FreeBSD - Assert

2020-09-01 Thread Borja Marcos 


> On 1 Sep 2020, at 19:48, Søren Andersen  wrote:
> 
> hmm.. I think you hit this bug right here: 
> https://gitlab.isc.org/isc-projects/bind9/-/issues/2104

Looks like that. I compiled bind with debug symbols and it crashed again.

No way to append this to your bug report, it’s closed.




Borja.


——
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - rbt.c:2355:
 REQUIRE(newbits <= rbt->maxhashbits) failed, back trace
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #0 0x43fe19
 in assertion_failed()+0x59
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #1 0x7ba3d8
 in isc_assertion_failed()+0x38
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #2 0x5cbb8f
 in rehash()+0x9f
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #3 0x5c2dc7
 in maybe_rehash()+0x47
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #4 0x5c5574
 in hash_node()+0xd4
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #5 0x5c5089 in 
dns_rbt_addnode()+0xf19
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #6 0x5e6bd0 in 
findnodeintree()+0x260
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #7 0x5d1c60 in 
findnode()+0xa0
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #8 0x5201a0 in 
dns_db_findnode()+0x130
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #9 0x6a8351 in 
cache_name()+0x3a1
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #10 0x6a240f in 
cache_message()+0x16f
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #11 0x69f4a6 in 
resquery_response()+0xd06
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #12 0x804d03 in 
dispatch()+0xc63
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #13 0x800751 in 
run()+0x41
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - #14 0x80245e036 in 
_fini()+0x801c3a35e
<26>1 2020-09-02T04:30:04.00+00:00 host1 named 49310 - - exiting (due to 
assertion failure)
<6>1 2020-09-02T04:30:04.407121+00:00 host1 kernel - - - pid 49310 (named), jid 
0, uid 53: exited on signal 6
——

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Upgrading from 9.14.12 to 9.16.4 - with existing DNSSEC zones

2020-09-01 Thread Mark Andrews 
Do you go to your mechanic and not take the car when you have a problem you 
don’t understand with the car?

BIND 9.16.4 should be a drop in replacement for 9.14.12.  As you are seeing 
issues you will need to supply more details like the name of the zone so people 
can actually try and figure out what the issue is.

Mark 

> On 2 Sep 2020, at 01:06, Duncan  wrote:
> 
> I am using DNSSEC for more than 5 years now (never had a problem so far), but 
> after upgrading to the latest bind-9.16.4 the verification fails using 
> Verisign's DNSSEC Validator.
>  
> I reverted back to 9.14.12 and everything works as expected.
>  
> First I started upgrading my secondary DNS-Server (primary left untouched 
> !!!) to 9.16.4 - restarted named and everything seems to be OK.
>  
> So I tested with Verisign's DNSSEC Validator 
> https://dnssec-analyzer.verisignlabs.com/ before upgrading my primary DNS.
>  
> And Verisign reported an error -> All Queries to 
> secondary.my-dnsserver-domain.com for my-domain.com/Atimed out or failed
>  
> Test Results: https://ibb.co/7QLVJsC
>  
> Any ideas? …or should I upgrade both servers before I do my first test (not 
> only the secondary server)? As I said, I only updated my secondary server and 
> left my primary server untouched!
>  
> Are there any related upgrade issues from from 9.14.12 to 9.16.4, which I 
> should take care first (do I have to update something in my configs)? Is it 
> possible to keep my already signed zones of my 9.14.12 installation? Or do I 
> have to re-sign anything?
>  
>  
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742  INTERNET: ma...@isc.org

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Axel Rau 
tcp queries are being answered, but udp queries receive no response.
This is independent of client location (local, remote).

A ktrace shows 8 bytes are written on fd 89, the 8 bytes read on fd 88.
The next read gets an errno 35 (see below).

clueless,
Axel


root@ns5:/var/log # uname -a
FreeBSD ns5 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC  amd64

root@ns5:/var/log # named -V
BIND 9.16.6 (Stable Release) 
running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
built by make with '--disable-linux-caps' '--localstatedir=/var' 
'--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2' 
'--with-openssl=/usr' '--with-readline=-L/usr/local/lib -ledit' 
'--with-dlz-filesystem=yes' '--enable-dnstap' '--disable-fixed-rrset' 
'--disable-geoip' '--without-maxminddb' '--without-gssapi' 
'--with-libidn2=/usr/local' '--with-json-c' '--disable-largefile' 
'--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python' 
'--disable-querytrace' '--enable-tcp-fastopen' '--disable-symtable' 
'--prefix=/usr/local' '--mandir=/usr/local/man' 
'--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd12.1' 
'build_alias=amd64-portbld-freebsd12.1' 'CC=cc' 'CFLAGS=-O2 -pipe 
-DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include 
-fno-strict-aliasing ' 'LDFLAGS= -L/usr/local/lib -ljson-c 
-fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG 
-isystem /usr/local/include' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 (tags/RELEASE_801/final 
366581)
compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
linked to OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
compiled with libuv version: 1.38.1
linked to libuv version: 1.38.1
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.15
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
compiled with protobuf-c version: 1.3.2
linked to protobuf-c version: 1.3.2
threads support is enabled

23480 isc-socket-0 STRU  struct kevent[] = { { ident=512, filter=EVFILT_READ, 
flags=0, fflags=0, data=0x35, udata=0x0 } }
 23480 isc-socket-0 RET   kevent 0x1
 23480 isc-socket-0 CALL  recvmsg(0x200,0x7fffdbddbb70,0)
 23480 isc-socket-0 GIO   fd 512 read 53 bytes
   0x 552a 0120 0001   0001 0377   |U*. .www|
   0x0010 0568 6569 7365 0264 6500 0001 0001   |.heise.de...|
   0x0020 2910    0c00 0a00 0810 a161  |)..a|
   0x0030 cea7 9c05 fa |.|

 23480 isc-socket-0 STRU  struct sockaddr { AF_INET, 193.105.105.1:56885 }
 23480 isc-socket-0 RET   recvmsg 0x35
 23480 isc-socket-0 CALL  _umtx_op(0x802f38bb8,0x15,0x1,0,0)
 23480 isc-socket-0 RET   _umtx_op 0
 23480 isc-socket-0 CALL  kevent(0x5a,0x7fffdbddbec0,0x1,0,0,0)
 23480 isc-socket-0 STRU  struct kevent[] = { { ident=512, filter=EVFILT_READ, 
flags=0x2, fflags=0, data=0, udata=0x0 } }
 23480 isc-socket-0 STRU  struct kevent[] = {  }
 23480 isc-socket-0 RET   kevent 0
 23480 isc-socket-0 CALL  kevent(0x5a,0,0,0x802fa7200,0x800,0)
 23480 isc-socket-0 STRU  struct kevent[] = {  }
 23480 isc-worker RET   _umtx_op 0
 23480 isc-worker CALL  recvmsg(0x200,0x7fffddfec9c0,0)
 23480 isc-worker RET   recvmsg -1 errno 35
 23480 isc-worker CALL  write(0x59,0x7fffddfecbc0,0x8)
 23480 isc-worker GIO   fd 89 wrote 8 bytes
   0x 0002  fdff   ||

 23480 isc-worker RET   write 0x8
 23480 isc-worker CALL  _umtx_op(0x80178f188,0xf,0,0,0)
 23480 isc-socket-0 STRU  struct kevent[] = { { ident=88, filter=EVFILT_READ, 
flags=0, fflags=0, data=0x8, udata=0x0 } }
 23480 isc-socket-0 RET   kevent 0x1
 23480 isc-socket-0 CALL  read(0x58,0x7fffdbddbe40,0x8)
 23480 isc-socket-0 GIO   fd 88 read 8 bytes
   0x 0002  fdff   ||

 23480 isc-socket-0 RET   read 0x8
 23480 isc-socket-0 CALL  kevent(0x5a,0x7fffdbddbec0,0x1,0,0,0)
 23480 isc-socket-0 STRU  struct kevent[] = { { ident=512, filter=EVFILT_READ, 
flags=0x1, fflags=0, data=0, udata=0x0 } }
 23480 isc-socket-0 STRU  struct kevent[] = {  }
 23480 isc-socket-0 RET   kevent 0
 23480 isc-socket-0 CALL  read(0x58,0x7fffdbddbe40,0x8)
 23480 isc-socket-0 RET   read -1 errno 35
 23480 isc-socket-0 CALL  kevent(0x5a,0,0,0x802fa7200,0x800,0)
 23480 isc-socket-0 STRU  struct kevent[] = {  }
 23480 isc-socket-0 STRU  struct kevent[] = { { ident=512, filter=EVFILT_READ, 
flags=0, fflags=0, data=0x35, udata=0x0 } }
 23480 isc-socket-0 RET   kevent 0x1
 23480 isc-socket-0 CALL  recvmsg(0x200,0x7fffdbddbb70,0)
 23480 isc-socket-0 GIO   fd 512 read 53 bytes
   0x 552a 0120 0001   0001 0377   |U*. .www|
   0x0010 0568 6569 7365 0264 6500 0001 0001   |.heise.de...|
   0x0020 2910    0c00 0a00 0810 a161  |)..a|
   0x0030 cea7 9

Re: bind 9.16.6 on FreeBSD - Assert

2020-09-01 Thread Søren Andersen 
hmm.. I think you hit this bug right here: 
https://gitlab.isc.org/isc-projects/bind9/-/issues/2104

/Søren

From: bind-users  on behalf of Borja Marcos 

Sent: Tuesday, September 1, 2020 17:12
To: bind-users@lists.isc.org 
Subject: bind 9.16.6 on FreeBSD - Assert

[EXTERNAL MAIL]


Hi,

I had a named process aborting with an assert.

<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - rbt.c:2355: 
REQUIRE(newbits <= rbt->maxhashbits) failed, back trace
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #0 0x43d260 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #1 0x62035a in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #2 0x514868 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #3 0x515616 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #4 0x529c7d in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #5 0x579df7 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #6 0x645e1c in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #7 0x80225e036 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - exiting (due to 
assertion failure)
<6>1 2020-08-27T15:52:04.091803+00:00 host kernel - - - pid 6520 (named), jid 
0, uid 53: exited on signal 6

I have a full log of queries (it’s a recursive only server) and I haven’t seen 
anything unusual before the crash. Unfortunately the
program was stripped, I have recompiled it with debug symbols.

It is bind 9.16.6, built from ports on FreeBSD 11.3.

Any hint on what to look for? Fortunately I have another server running 9.11. 
It wasn’t affected.

Thanks!





Borja.


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

bind 9.16.6 on FreeBSD - Assert

2020-09-01 Thread Borja Marcos 
Hi,

I had a named process aborting with an assert. 

<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - rbt.c:2355: 
REQUIRE(newbits <= rbt->maxhashbits) failed, back trace
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #0 0x43d260 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #1 0x62035a in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #2 0x514868 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #3 0x515616 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #4 0x529c7d in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #5 0x579df7 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #6 0x645e1c in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - #7 0x80225e036 in ??
<26>1 2020-08-27T15:52:04.00+00:00 host named 6520 - - exiting (due to 
assertion failure)
<6>1 2020-08-27T15:52:04.091803+00:00 host kernel - - - pid 6520 (named), jid 
0, uid 53: exited on signal 6

I have a full log of queries (it’s a recursive only server) and I haven’t seen 
anything unusual before the crash. Unfortunately the
program was stripped, I have recompiled it with debug symbols.

It is bind 9.16.6, built from ports on FreeBSD 11.3.

Any hint on what to look for? Fortunately I have another server running 9.11. 
It wasn’t affected.

Thanks!





Borja.


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Axel Rau 


> Am 01.09.2020 um 16:57 schrieb Petr Menšík :
> 
> Please include any listen-on { ... } and listen-on-v6 { ... } clauses.
> 
> It seems any of 127.0.0.1; ::1; nor localhost; is listed in them.
> Because it is not listening on localhost socket, it would not answer any
> queries.
> 


Voilà:


Listen-on {
91.216.35.21;
127.0.0.1;
};
Listen-on-v6 {
2a05:bec0:26:5::71;
::1;
};

Axel
---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Upgrading from 9.14.12 to 9.16.4 - with existing DNSSEC zones

2020-09-01 Thread Duncan 
I am using DNSSEC for more than 5 years now (never had a problem so far),
but after upgrading to the latest bind-9.16.4 the verification fails using
Verisign's DNSSEC Validator.

 

I reverted back to 9.14.12 and everything works as expected.

 

First I started upgrading my secondary DNS-Server (primary left untouched
!!!) to 9.16.4 - restarted named and everything seems to be OK.

 

So I tested with Verisign's DNSSEC Validator
https://dnssec-analyzer.verisignlabs.com/ before upgrading my primary DNS.

 

And Verisign reported an error -> All Queries to
secondary.my-dnsserver-domain.com for my-domain.com/A timed out or failed

 

Test Results: https://ibb.co/7QLVJsC

 

Any ideas? .or should I upgrade both servers before I do my first test (not
only the secondary server)? As I said, I only updated my secondary server
and left my primary server untouched!

 

Are there any related upgrade issues from from 9.14.12 to 9.16.4, which I
should take care first (do I have to update something in my configs)? Is it
possible to keep my already signed zones of my 9.14.12 installation? Or do I
have to re-sign anything?

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Petr Menšík 
Please include any listen-on { ... } and listen-on-v6 { ... } clauses.

It seems any of 127.0.0.1; ::1; nor localhost; is listed in them.
Because it is not listening on localhost socket, it would not answer any
queries.

If the server should listen on all interfaces, just use:
  listen-on { any; };

If it has addresses on which it should not listen, just add localhost;
to current listen-on.

It might be able to respond to:

dig @91.216.35.21 -b 127.0.0.1 localhost

Which would be technically from localhost, but I guess you are looking
for listen-on change.

Cheers,
Petr

On 9/1/20 4:41 PM, Axel Rau wrote:
> Thanks for answering:
> 
> root@ns5:/ # dig NS lrau.net @91.216.35.21
> 
> ; <<>> DiG 9.16.5 <<>> NS lrau.net @91.216.35.21
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> 
> root@ns5:/ # dig NS lrau.net @localhost
> 
> ; <<>> DiG 9.16.5 <<>> NS lrau.net @localhost
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> 
> root@ns5:/ # sockstat -p 53
> USER COMMANDPID   FD PROTO  LOCAL ADDRESS FOREIGN ADDRESS
> root cron   59891 5  dgram  -> /var/run/log
> root sendmail   59197 3  dgram  -> /var/run/log
> bind named  47812 3  dgram  -> /var/run/log
> bind named  47812 137 udp4  91.216.35.21:53   *:*
> bind named  47812 138 udp4  91.216.35.21:53   *:*
> bind named  47812 139 udp4  91.216.35.21:53   *:*
> bind named  47812 140 udp4  91.216.35.21:53   *:*
> bind named  47812 141 udp4  91.216.35.21:53   *:*
> bind named  47812 142 udp4  91.216.35.21:53   *:*
> bind named  47812 143 udp4  91.216.35.21:53   *:*
> bind named  47812 144 udp4  91.216.35.21:53   *:*
> bind named  47812 145 udp4  91.216.35.21:53   *:*
> bind named  47812 146 udp4  91.216.35.21:53   *:*
> bind named  47812 147 udp4  91.216.35.21:53   *:*
> bind named  47812 148 udp4  91.216.35.21:53   *:*
> bind named  47812 149 udp4  91.216.35.21:53   *:*
> bind named  47812 150 udp4  91.216.35.21:53   *:*
> bind named  47812 151 udp4  91.216.35.21:53   *:*
> bind named  47812 152 udp4  91.216.35.21:53   *:*
> bind named  47812 154 tcp4  91.216.35.21:53   *:*
> bind named  47812 155 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 156 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 157 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 158 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 159 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 160 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 161 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 162 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 163 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 164 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 165 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 166 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 167 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 168 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 169 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 170 udp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 172 tcp6  2a05:bec0:26:5::71:53 *:*
> bind named  47812 512 udp4  91.216.35.21:53   *:*
> bind named  47812 513 udp6  2a05:bec0:26:5::71:53 *:*
> root rsyslogd   45747 0  dgram  /var/run/log
> root rsyslogd   45747 1  dgram  -> /var/run/log
> root@ns5:/ #
> 
> 
>> Am 01.09.2020 um 16:14 schrieb Ondřej Surý :
>>
>> Hi Axel,
>>
>> the `nc` commands you used for testing neither proves that
>> it’s that specific `named` listening on that port nor DNS
>> daemon at all.  FWIW it could be a dummy UDP/TCP server
>> and you would not know.
>>
>> First you need to use a tool from your operating system
>> to check what is listening on those ports, and then use
>> `dig` (or other DNS debugging tool) to send actual DNS
>> queries.
>>
>> Ondrej
>> --
>> Ondřej Surý (He/Him)
>> ond...@isc.org
>>
>>> On 1. 9. 2020, at 16:11, Axel Rau  wrote:
>>>
>>> Hi!
>>>
>>> this is a new server, which answers external queries, sends notifies and 
>>> pushes axfrs.
>>> It does not answer any query from localhost nor shows any notifies from 
>>> master in the logs.
>>>
>>> From local:
>>> root@ns5:/ # nc -v localhost 53
>>> Connection to localhost 53 port [tcp/domain] succeeded!
>>> ^C
>>> root@ns5:/ # nc -vu localhost 53
>>> Connection to localhost 53 port [udp/domain] succeeded!
>>>
>>> From master server:
>>> [hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
>>> Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
>>> ^C
>>> [hermes:local/etc/namedb] root# nc -vu ns5.lrau.net 53
>>> Connection to ns5.lrau.net 53 port [udp/domain] succeeded!
>>>
>>>
>>

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Axel Rau 
Thanks for answering:

root@ns5:/ # dig NS lrau.net @91.216.35.21

; <<>> DiG 9.16.5 <<>> NS lrau.net @91.216.35.21
;; global options: +cmd
;; connection timed out; no servers could be reached

root@ns5:/ # dig NS lrau.net @localhost

; <<>> DiG 9.16.5 <<>> NS lrau.net @localhost
;; global options: +cmd
;; connection timed out; no servers could be reached

root@ns5:/ # sockstat -p 53
USER COMMANDPID   FD PROTO  LOCAL ADDRESS FOREIGN ADDRESS
root cron   59891 5  dgram  -> /var/run/log
root sendmail   59197 3  dgram  -> /var/run/log
bind named  47812 3  dgram  -> /var/run/log
bind named  47812 137 udp4  91.216.35.21:53   *:*
bind named  47812 138 udp4  91.216.35.21:53   *:*
bind named  47812 139 udp4  91.216.35.21:53   *:*
bind named  47812 140 udp4  91.216.35.21:53   *:*
bind named  47812 141 udp4  91.216.35.21:53   *:*
bind named  47812 142 udp4  91.216.35.21:53   *:*
bind named  47812 143 udp4  91.216.35.21:53   *:*
bind named  47812 144 udp4  91.216.35.21:53   *:*
bind named  47812 145 udp4  91.216.35.21:53   *:*
bind named  47812 146 udp4  91.216.35.21:53   *:*
bind named  47812 147 udp4  91.216.35.21:53   *:*
bind named  47812 148 udp4  91.216.35.21:53   *:*
bind named  47812 149 udp4  91.216.35.21:53   *:*
bind named  47812 150 udp4  91.216.35.21:53   *:*
bind named  47812 151 udp4  91.216.35.21:53   *:*
bind named  47812 152 udp4  91.216.35.21:53   *:*
bind named  47812 154 tcp4  91.216.35.21:53   *:*
bind named  47812 155 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 156 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 157 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 158 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 159 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 160 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 161 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 162 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 163 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 164 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 165 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 166 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 167 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 168 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 169 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 170 udp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 172 tcp6  2a05:bec0:26:5::71:53 *:*
bind named  47812 512 udp4  91.216.35.21:53   *:*
bind named  47812 513 udp6  2a05:bec0:26:5::71:53 *:*
root rsyslogd   45747 0  dgram  /var/run/log
root rsyslogd   45747 1  dgram  -> /var/run/log
root@ns5:/ #


> Am 01.09.2020 um 16:14 schrieb Ondřej Surý :
> 
> Hi Axel,
> 
> the `nc` commands you used for testing neither proves that
> it’s that specific `named` listening on that port nor DNS
> daemon at all.  FWIW it could be a dummy UDP/TCP server
> and you would not know.
> 
> First you need to use a tool from your operating system
> to check what is listening on those ports, and then use
> `dig` (or other DNS debugging tool) to send actual DNS
> queries.
> 
> Ondrej
> --
> Ondřej Surý (He/Him)
> ond...@isc.org
> 
>> On 1. 9. 2020, at 16:11, Axel Rau  wrote:
>> 
>> Hi!
>> 
>> this is a new server, which answers external queries, sends notifies and 
>> pushes axfrs.
>> It does not answer any query from localhost nor shows any notifies from 
>> master in the logs.
>> 
>> From local:
>> root@ns5:/ # nc -v localhost 53
>> Connection to localhost 53 port [tcp/domain] succeeded!
>> ^C
>> root@ns5:/ # nc -vu localhost 53
>> Connection to localhost 53 port [udp/domain] succeeded!
>> 
>> From master server:
>> [hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
>> Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
>> ^C
>> [hermes:local/etc/namedb] root#  nc -vu ns5.lrau.net 53
>> Connection to ns5.lrau.net 53 port [udp/domain] succeeded!
>> 
>> 
>> Any help greatly appreciated,
>> Axel
>> 
>> PS:
>> 
>> part of named.conf:
>>  allow-notify {
>>  hermes-ns5;
>>  };
>>  allow-transfer {
>>  full-trusted;
>>  ns5-ping;
>>  ns4-he;
>>  management-hosts;
>>  };
>>  allow-query { any; };
>>  allow-query-cache { recursive-users; };
>>  allow-recursion { recursive-users; };
>> 
>> 
>> root@ns5:/usr/local/etc/namedb/working/slave # named -V
>> BIND 9.16.5 (Stable Release) 
>> running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
>> built by make with '--disable-linux-caps' '--localstatedir=/var' 
>> '--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2' 
>> '--with-openssl=/usr' '--

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Axel Rau 
Thanks for your answer!

> Am 01.09.2020 um 16:18 schrieb Warren Kumari :
> 
> The output you included doesn't really show very much, other than that nc 
> connect to port 53.
> 
> I'd suggest:
> dig ns5.lrau.net  @localhost
> dig ns5.lrau.net  @127.0.0.1 
> dig ns5.lrau.net  @::1
> 
> Also, have a look in /etc/hosts and make sure that you have something like:
> 127.0.0.1 localhost
> 
> 
> (nc may be connecting over v4 and  may be 
> doing v6, etc...)
> 

; <<>> DiG 9.16.5 <<>> NS lrau.net @127.0.0.1
;; global options: +cmd
;; connection timed out; no servers could be reached

root@ns5:/ # dig NS lrau.net @::1

; <<>> DiG 9.16.5 <<>> NS lrau.net @::1
;; global options: +cmd
;; connection timed out; no servers could be reached

root@ns5:/ # dig NS lrau.net @91.216.35.21

; <<>> DiG 9.16.5 <<>> NS lrau.net @91.216.35.21
;; global options: +cmd
;; connection timed out; no servers could be reached

root@ns5:/ # dig NS lrau.net @localhost

; <<>> DiG 9.16.5 <<>> NS lrau.net @localhost
;; global options: +cmd
;; connection timed out; no servers could be reached

root@ns5:/ # grep localhost /etc/hosts
127.0.0.1   localhost
::1 localhost

---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Warren Kumari 
What is 'localhost'?

The output you included doesn't really show very much, other than that nc
connect to port 53.

I'd suggest:
dig ns5.lrau.net @localhost
dig ns5.lrau.net @127.0.0.1
dig ns5.lrau.net @::1

Also, have a look in /etc/hosts and make sure that you have something like:
127.0.0.1 localhost


(nc may be connecting over v4 and  may be
doing v6, etc...)

W

On Tue, Sep 1, 2020 at 10:12 AM Axel Rau  wrote:

> Hi!
>
> this is a new server, which answers external queries, sends notifies and
> pushes axfrs.
> It does not answer any query from localhost nor shows any notifies from
> master in the logs.
>
> From local:
> root@ns5:/ # nc -v localhost 53
> Connection to localhost 53 port [tcp/domain] succeeded!
> ^C
> root@ns5:/ # nc -vu localhost 53
> Connection to localhost 53 port [udp/domain] succeeded!
>
> From master server:
> [hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
> Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
> ^C
> [hermes:local/etc/namedb] root# nc -vu ns5.lrau.net 53
> Connection to ns5.lrau.net 53 port [udp/domain] succeeded!
>
>
> Any help greatly appreciated,
> Axel
>
> PS:
>
> part of named.conf:
> allow-notify {
> hermes-ns5;
> };
> allow-transfer {
> full-trusted;
> ns5-ping;
> ns4-he;
> management-hosts;
> };
> allow-query { any; };
> allow-query-cache { recursive-users; };
> allow-recursion { recursive-users; };
>
>
> root@ns5:/usr/local/etc/namedb/working/slave # named -V
> BIND 9.16.5 (Stable Release) 
> running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
> built by make with '--disable-linux-caps' '--localstatedir=/var'
> '--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2'
> '--with-openssl=/usr' '--with-readline=-L/usr/local/lib -ledit'
> '--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-fixed-rrset'
> '--disable-geoip' '--without-maxminddb' '--without-gssapi'
> '--with-libidn2=/usr/local' '--with-json-c' '--disable-largefile'
> '--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python'
> '--disable-querytrace' 'STD_CDEFINES=-DDIG_SIGCHASE=1'
> '--enable-tcp-fastopen' '--with-tuning=default' '--disable-symtable'
> '--prefix=/usr/local' '--mandir=/usr/local/man'
> '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd12.1'
> 'build_alias=amd64-portbld-freebsd12.1' 'CC=cc' 'CFLAGS=-O2 -pipe
> -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include
> -fno-strict-aliasing ' 'LDFLAGS= -L/usr/local/lib -ljson-c
> -fstack-protector-strong ' 'LIBS=-L/usr/local/lib'
> 'CPPFLAGS=-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=cpp'
> 'PKG_CONFIG=pkgconf'
> compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1
> (tags/RELEASE_801/final 366581)
> compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
> linked to OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
> compiled with libxml2 version: 2.9.10
> linked to libxml2 version: 20910
> compiled with json-c version: 0.14
> linked to json-c version: 0.15
> compiled with zlib version: 1.2.11
> linked to zlib version: 1.2.11
> threads support is enabled
>
> default paths:
>  named configuration:  /usr/local/etc/namedb/named.conf
>  rndc configuration:   /usr/local/etc/namedb/rndc.conf
>  DNSSEC root key:  /usr/local/etc/namedb/bind.keys
>  nsupdate session key: /var/run/named/session.key
>  named PID file:   /var/run/named/pid
>  named lock file:  /var/run/named/named.lock
>
> ---
> PGP-Key: CDE74120  ☀  computing @ chaos claudius
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>


-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: No response from localhost with "allow-query { any; };"

2020-09-01 Thread Ondřej Surý 
Hi Axel,

the `nc` commands you used for testing neither proves that
it’s that specific `named` listening on that port nor DNS
daemon at all.  FWIW it could be a dummy UDP/TCP server
and you would not know.

First you need to use a tool from your operating system
to check what is listening on those ports, and then use
`dig` (or other DNS debugging tool) to send actual DNS
queries.

Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org

> On 1. 9. 2020, at 16:11, Axel Rau  wrote:
> 
> Hi!
> 
> this is a new server, which answers external queries, sends notifies and 
> pushes axfrs.
> It does not answer any query from localhost nor shows any notifies from 
> master in the logs.
> 
> From local:
> root@ns5:/ # nc -v localhost 53
> Connection to localhost 53 port [tcp/domain] succeeded!
> ^C
> root@ns5:/ # nc -vu localhost 53
> Connection to localhost 53 port [udp/domain] succeeded!
> 
> From master server:
> [hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
> Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
> ^C
> [hermes:local/etc/namedb] root#   nc -vu ns5.lrau.net 53
> Connection to ns5.lrau.net 53 port [udp/domain] succeeded!
> 
> 
> Any help greatly appreciated,
> Axel
> 
> PS:
> 
> part of named.conf:
>   allow-notify {
>   hermes-ns5;
>   };
>   allow-transfer {
>   full-trusted;
>   ns5-ping;
>   ns4-he;
>   management-hosts;
>   };
>   allow-query { any; };
>   allow-query-cache { recursive-users; };
>   allow-recursion { recursive-users; };
> 
> 
> root@ns5:/usr/local/etc/namedb/working/slave # named -V
> BIND 9.16.5 (Stable Release) 
> running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
> built by make with '--disable-linux-caps' '--localstatedir=/var' 
> '--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2' 
> '--with-openssl=/usr' '--with-readline=-L/usr/local/lib -ledit' 
> '--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-fixed-rrset' 
> '--disable-geoip' '--without-maxminddb' '--without-gssapi' 
> '--with-libidn2=/usr/local' '--with-json-c' '--disable-largefile' 
> '--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python' 
> '--disable-querytrace' 'STD_CDEFINES=-DDIG_SIGCHASE=1' 
> '--enable-tcp-fastopen' '--with-tuning=default' '--disable-symtable' 
> '--prefix=/usr/local' '--mandir=/usr/local/man' 
> '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd12.1' 
> 'build_alias=amd64-portbld-freebsd12.1' 'CC=cc' 'CFLAGS=-O2 -pipe 
> -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include 
> -fno-strict-aliasing ' 'LDFLAGS= -L/usr/local/lib -ljson-c 
> -fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG 
> -isystem /usr/local/include' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
> compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 
> (tags/RELEASE_801/final 366581)
> compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
> linked to OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
> compiled with libxml2 version: 2.9.10
> linked to libxml2 version: 20910
> compiled with json-c version: 0.14
> linked to json-c version: 0.15
> compiled with zlib version: 1.2.11
> linked to zlib version: 1.2.11
> threads support is enabled
> 
> default paths:
> named configuration:  /usr/local/etc/namedb/named.conf
> rndc configuration:   /usr/local/etc/namedb/rndc.conf
> DNSSEC root key:  /usr/local/etc/namedb/bind.keys
> nsupdate session key: /var/run/named/session.key
> named PID file:   /var/run/named/pid
> named lock file:  /var/run/named/named.lock
> 
> ---
> PGP-Key: CDE74120  ☀  computing @ chaos claudius
> 
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

No response from localhost with "allow-query { any; };"

2020-09-01 Thread Axel Rau 
Hi!

this is a new server, which answers external queries, sends notifies and pushes 
axfrs.
It does not answer any query from localhost nor shows any notifies from master 
in the logs.

From local:
root@ns5:/ # nc -v localhost 53
Connection to localhost 53 port [tcp/domain] succeeded!
^C
root@ns5:/ # nc -vu localhost 53
Connection to localhost 53 port [udp/domain] succeeded!

From master server:
[hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
^C
[hermes:local/etc/namedb] root# nc -vu ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [udp/domain] succeeded!


Any help greatly appreciated,
Axel

PS:

part of named.conf:
allow-notify {
hermes-ns5;
};
allow-transfer {
full-trusted;
ns5-ping;
ns4-he;
management-hosts;
};
allow-query { any; };
allow-query-cache { recursive-users; };
allow-recursion { recursive-users; };


root@ns5:/usr/local/etc/namedb/working/slave # named -V
BIND 9.16.5 (Stable Release) 
running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
built by make with '--disable-linux-caps' '--localstatedir=/var' 
'--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2' 
'--with-openssl=/usr' '--with-readline=-L/usr/local/lib -ledit' 
'--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-fixed-rrset' 
'--disable-geoip' '--without-maxminddb' '--without-gssapi' 
'--with-libidn2=/usr/local' '--with-json-c' '--disable-largefile' 
'--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python' 
'--disable-querytrace' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-tcp-fastopen' 
'--with-tuning=default' '--disable-symtable' '--prefix=/usr/local' 
'--mandir=/usr/local/man' '--infodir=/usr/local/share/info/' 
'--build=amd64-portbld-freebsd12.1' 'build_alias=amd64-portbld-freebsd12.1' 
'CC=cc' 'CFLAGS=-O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem 
/usr/local/include -fno-strict-aliasing ' 'LDFLAGS= -L/usr/local/lib -ljson-c 
-fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG 
-isystem /usr/local/include' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 (tags/RELEASE_801/final 
366581)
compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
linked to OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.14
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled

default paths:
 named configuration:  /usr/local/etc/namedb/named.conf
 rndc configuration:   /usr/local/etc/namedb/rndc.conf
 DNSSEC root key:  /usr/local/etc/namedb/bind.keys
 nsupdate session key: /var/run/named/session.key
 named PID file:   /var/run/named/pid
 named lock file:  /var/run/named/named.lock

---
PGP-Key: CDE74120  ☀  computing @ chaos claudius



signature.asc
Description: Message signed with OpenPGP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rpmbuild problem with 9.11.22 on Centos

2020-09-01 Thread Petr Menšík 
Hi Matthew,

it would also help to make setting flags not mandatory.

Changing it to:
%{?set_build_flags}

Would use it whenever the macro is supported and expand it to empty on
legacy systems.
Another possibility would be skipping epel dependency:

%if 0%{?rhel} && 0%{?rhel} <= 7
export CFLAGS="%optflags"
%else
%set_build_flags
%endif

Regards,
Petr

On 8/29/20 8:06 PM, Matthew Richardson wrote:
> Today I have been trying to compile 9.11.22 on Centos 7 with a procedure
> that has been used successfully on many previous releases.  The last
> version I compiled successfully was 9.11.19.
> 
> The process involves downloading the Copr source RPM and then compiling
> with rpmbuild.  Today's output is:-
> 
>> [root@li277-75 ~]# rpmbuild --rebuild --define 'dist .el7' --without scl 
>> isc-bind-bind-9.11.22-1.1.el7.src.rpm
>> Installing isc-bind-bind-9.11.22-1.1.el7.src.rpm
>> warning: isc-bind-bind-9.11.22-1.1.el7.src.rpm: Header V3 RSA/SHA1 
>> Signature, key ID 4168cd93: NOKEY
>> warning: user mockbuild does not exist - using root
>> warning: group mock does not exist - using root
>> warning: user mockbuild does not exist - using root
>> warning: group mock does not exist - using root
>> warning: user mockbuild does not exist - using root
>> warning: group mock does not exist - using root
>> warning: user mockbuild does not exist - using root
>> warning: group mock does not exist - using root
>> warning: user mockbuild does not exist - using root
>> warning: group mock does not exist - using root
>> warning: user mockbuild does not exist - using root
>> warning: group mock does not exist - using root
>> Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.sl7q9u
>> + umask 022
>> + cd /root/rpmbuild/BUILD
>> + cd /root/rpmbuild/BUILD
>> + rm -rf bind-9.11.22
>> + /usr/bin/gzip -dc /root/rpmbuild/SOURCES/bind-9.11.22.tar.gz
>> + /usr/bin/tar -xf -
>> + STATUS=0
>> + '[' 0 -ne 0 ']'
>> + cd bind-9.11.22
>> + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
>> + exit 0
>> Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.oI0ckT
>> + umask 022
>> + cd /root/rpmbuild/BUILD
>> + cd bind-9.11.22
>> + %set_build_flags
>> /var/tmp/rpm-tmp.oI0ckT: line 30: fg: no job control
>> error: Bad exit status from /var/tmp/rpm-tmp.oI0ckT (%build)
>>
>>
>> RPM build errors:
>>isc-bind-bind-9.11.22-1.1.el7.src.rpm: Header V3 RSA/SHA1 Signature, key 
>> ID 4168cd93: NOKEY
>>user mockbuild does not exist - using root
>>group mock does not exist - using root
>>user mockbuild does not exist - using root
>>group mock does not exist - using root
>>user mockbuild does not exist - using root
>>group mock does not exist - using root
>>user mockbuild does not exist - using root
>>group mock does not exist - using root
>>user mockbuild does not exist - using root
>>group mock does not exist - using root
>>user mockbuild does not exist - using root
>>group mock does not exist - using root
>>Bad exit status from /var/tmp/rpm-tmp.oI0ckT (%build)
> 
> My guess (which may be wrong) is that something is wrong with the line:-
>   %set_build_flags
> in bind.spec.
> 
> Any thoughts from others, more knowledgeable that myself, would be
> appreciated.
> 
> The same error occurs on both Centos 7 & Centos 6.
> 
> Best wishes,
> Matthew
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemen...@redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users