no, bind9 needs to be fixed instead, the way it's build got revamped in
9.11.3+dfsg-1 and I believe that's what broke it..
** Also affects: bind9 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: bind9 (Ubuntu)
Status: New => Triaged
** Summary changed:
- freeipa
I think the my trick (copy /usr/sbin/named into /usr/sbin/named-pkcs11)
works quite well. Not sure about the differences between named and
named-pkcs11, but I think it is essentially the fact that named-pkcs11
supports cryptographic devices while plain named doesn't. In order to
avoid
Is there a recommended workaround? For example, install without DNS
support and use a separate bind installation?
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
Title:
freeipa server
For some reason, I have /usr/sbin/named in enforce mode by default (I am
sure I did not change anything manually). Ubuntu 18.04 installed with an
alternate CD on a KVM virtual machine.
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in
interesting, maybe there's something wrong with bind9 build..
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
Title:
freeipa server install fails - Configuring the web interface,
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: freeipa (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
lucky you
Reading symbols from /usr/sbin/named-pkcs11...(no debugging symbols
found)...done.
I have all the dbgsym packages installed..
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
Installing libdns-export1100-dbgsym libdns1100-dbgsym libisc-export169-dbgsym
helped. I now have debug symbols in view.c
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
Title:
freeipa
No symbol info for the library :-(
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
Title:
freeipa server install fails - Configuring the web interface, setting
up ssl
Status in
you need to prime it with the environment:
SOFTHSM2_CONF=/etc/ipa/dnssec/softhsm2.conf
KRB5_KTNAME=/etc/bind/named.keytab gdb --args named-pkcs11 -g -u bind
then the problem is that there are no debug symbols for named-pkcs11,
not even in bind9-dbgsym and I've no idea why..
--
You received
@Timo what is the named command that you used to debug? I can't get named
to produce the same error (at view.c:962) when I run it as follows (this
is the command I found in the log):
/usr/sbin/named-pkcs11 -f -u bind
or
/usr/sbin/named-pkcs11 -g -u bind
It crashes at:
08-May-2018 07:07:41.154
Hi guys, I'm getting the same while installing on real hardware. The
name server refuses to start up with the following error in the logs:
../../../lib/dns-pkcs11/view.c:962: REQUIRE(view->zonetable != ((void
*)0)) failed, back trace
Using the server's FQDN.
Installing on Ubuntu 18.04 using
I mean the dns setup is known to be broken, I don't know why it gets an
empty zone from ldap and reported it upstream but the next step would be
to debug with gdb and I didn't get anywhere with it yet..
--
You received this bug notification because you are a member of FreeIPA,
which is
When you said: "yep, that's a known issue" you referred to the non-FQDN. But
the above
error is after I corrected that. So, with a FQDN.
BTW, I'm doing the install with --setup-dns. Is that what you do as well?
At the end of the installation the nameserver (bind9-pkcs11) does not start
anymore.
must be a race condition again, I can't reproduce it here
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1769440
Title:
freeipa server install fails - Configuring the web interface, setting
15 matches
Mail list logo
