[Freeipa] [Bug 1874568] Re: Working config in eoan, bind9 fails after upgrade to fossa
I would like to add that I required to turn off "Unattended-Upgrade" because the next morning, bind9 was back to version 9.16. Go to: https://help.ubuntu.com/community/AutomaticSecurityUpdates?_ga=2.129122693.848380658.1588022835-388947123.1587602982#Determining_the_current_configuration I just made this change, so I hope it doesn't circumvent me again tomorrow... -- You received this bug notification because you are a member of FreeIPA, which is subscribed to bind-dyndb-ldap in Ubuntu. https://bugs.launchpad.net/bugs/1874568 Title: Working config in eoan, bind9 fails after upgrade to fossa Status in bind package in Ubuntu: Confirmed Status in bind-dyndb-ldap package in Ubuntu: Confirmed Bug description: Configuration was working in Eoan. Just upgraded to Fossa. Bind9(named) will not start. Syslog show the following: Apr 23 16:55:58 ltserver2 named[1611]: starting BIND 9.16.1-Ubuntu (Stable Release) Apr 23 16:55:58 ltserver2 named[1611]: running on Linux x86_64 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 Apr 23 16:55:58 ltserver2 named[1611]: built with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-' '--disable-native-pkcs11' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/bind9-OLooom/bind9-9.16.1=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' Apr 23 16:55:58 ltserver2 named[1611]: running as: named -f -u bind Apr 23 16:55:58 ltserver2 named[1611]: compiled by GCC 9.3.0 Apr 23 16:55:58 ltserver2 named[1611]: compiled with OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020 Apr 23 16:55:58 ltserver2 named[1611]: linked to OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020 Apr 23 16:55:58 ltserver2 named[1611]: compiled with libxml2 version: 2.9.10 Apr 23 16:55:58 ltserver2 named[1611]: linked to libxml2 version: 20910 Apr 23 16:55:58 ltserver2 named[1611]: compiled with json-c version: 0.13.1 Apr 23 16:55:58 ltserver2 named[1611]: linked to json-c version: 0.13.1 Apr 23 16:55:58 ltserver2 named[1611]: compiled with zlib version: 1.2.11 Apr 23 16:55:58 ltserver2 named[1611]: linked to zlib version: 1.2.11 Apr 23 16:55:58 ltserver2 named[1611]: Apr 23 16:55:58 ltserver2 named[1611]: BIND 9 is maintained by Internet Systems Consortium, Apr 23 16:55:58 ltserver2 named[1611]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Apr 23 16:55:58 ltserver2 named[1611]: corporation. Support and training for BIND 9 are Apr 23 16:55:58 ltserver2 named[1611]: available at https://www.isc.org/support Apr 23 16:55:58 ltserver2 named[1611]: Apr 23 16:55:58 ltserver2 named[1611]: adjusted limit on open files from 524288 to 1048576 Apr 23 16:55:58 ltserver2 named[1611]: found 2 CPUs, using 2 worker threads Apr 23 16:55:58 ltserver2 named[1611]: using 2 UDP listeners per interface Apr 23 16:55:58 ltserver2 named[1611]: using up to 21000 sockets Apr 23 16:55:58 ltserver2 named[1611]: loading configuration from '/etc/bind/named.conf' Apr 23 16:55:58 ltserver2 named[1611]: reading built-in trust anchors from file '/etc/bind/bind.keys' Apr 23 16:55:58 ltserver2 named[1611]: looking for GeoIP2 databases in '/usr/share/GeoIP' Apr 23 16:55:58 ltserver2 named[1611]: using default UDP/IPv4 port range: [32768, 60999] Apr 23 16:55:58 ltserver2 named[1611]: using default UDP/IPv6 port range: [32768, 60999] Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv4 interface enp3s0, #53 Apr 23 16:55:58 ltserver2 named[1611]: IPv6 socket API is incomplete; explicitly binding to each IPv6 address separately Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv6 interface lo, ::1#53 Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv6 interface enp3s0, %2#53 Apr 23 16:55:58 ltserver2 named[1611]: unable to set effective uid to 0: Operation not permitted Apr 23 16:55:58 ltserver2 named[1611]: generating session key for dynamic DNS Apr 23 16:55:58 ltserver2 named[1611]: unable to set effective uid to 0: Operation
[Freeipa] [Bug 1874568] Re: Working config in eoan, bind9 fails after upgrade to fossa
I am running with OpenLdap (slapd). I will attempt to downgrade using your instructions. One way or another, we'll get it remedied. Thank you!!! -- You received this bug notification because you are a member of FreeIPA, which is subscribed to bind-dyndb-ldap in Ubuntu. https://bugs.launchpad.net/bugs/1874568 Title: Working config in eoan, bind9 fails after upgrade to fossa Status in bind package in Ubuntu: Confirmed Status in bind-dyndb-ldap package in Ubuntu: Confirmed Bug description: Configuration was working in Eoan. Just upgraded to Fossa. Bind9(named) will not start. Syslog show the following: Apr 23 16:55:58 ltserver2 named[1611]: starting BIND 9.16.1-Ubuntu (Stable Release) Apr 23 16:55:58 ltserver2 named[1611]: running on Linux x86_64 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 Apr 23 16:55:58 ltserver2 named[1611]: built with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-' '--disable-native-pkcs11' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/bind9-OLooom/bind9-9.16.1=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' Apr 23 16:55:58 ltserver2 named[1611]: running as: named -f -u bind Apr 23 16:55:58 ltserver2 named[1611]: compiled by GCC 9.3.0 Apr 23 16:55:58 ltserver2 named[1611]: compiled with OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020 Apr 23 16:55:58 ltserver2 named[1611]: linked to OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020 Apr 23 16:55:58 ltserver2 named[1611]: compiled with libxml2 version: 2.9.10 Apr 23 16:55:58 ltserver2 named[1611]: linked to libxml2 version: 20910 Apr 23 16:55:58 ltserver2 named[1611]: compiled with json-c version: 0.13.1 Apr 23 16:55:58 ltserver2 named[1611]: linked to json-c version: 0.13.1 Apr 23 16:55:58 ltserver2 named[1611]: compiled with zlib version: 1.2.11 Apr 23 16:55:58 ltserver2 named[1611]: linked to zlib version: 1.2.11 Apr 23 16:55:58 ltserver2 named[1611]: Apr 23 16:55:58 ltserver2 named[1611]: BIND 9 is maintained by Internet Systems Consortium, Apr 23 16:55:58 ltserver2 named[1611]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Apr 23 16:55:58 ltserver2 named[1611]: corporation. Support and training for BIND 9 are Apr 23 16:55:58 ltserver2 named[1611]: available at https://www.isc.org/support Apr 23 16:55:58 ltserver2 named[1611]: Apr 23 16:55:58 ltserver2 named[1611]: adjusted limit on open files from 524288 to 1048576 Apr 23 16:55:58 ltserver2 named[1611]: found 2 CPUs, using 2 worker threads Apr 23 16:55:58 ltserver2 named[1611]: using 2 UDP listeners per interface Apr 23 16:55:58 ltserver2 named[1611]: using up to 21000 sockets Apr 23 16:55:58 ltserver2 named[1611]: loading configuration from '/etc/bind/named.conf' Apr 23 16:55:58 ltserver2 named[1611]: reading built-in trust anchors from file '/etc/bind/bind.keys' Apr 23 16:55:58 ltserver2 named[1611]: looking for GeoIP2 databases in '/usr/share/GeoIP' Apr 23 16:55:58 ltserver2 named[1611]: using default UDP/IPv4 port range: [32768, 60999] Apr 23 16:55:58 ltserver2 named[1611]: using default UDP/IPv6 port range: [32768, 60999] Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv4 interface enp3s0, #53 Apr 23 16:55:58 ltserver2 named[1611]: IPv6 socket API is incomplete; explicitly binding to each IPv6 address separately Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv6 interface lo, ::1#53 Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv6 interface enp3s0, %2#53 Apr 23 16:55:58 ltserver2 named[1611]: unable to set effective uid to 0: Operation not permitted Apr 23 16:55:58 ltserver2 named[1611]: generating session key for dynamic DNS Apr 23 16:55:58 ltserver2 named[1611]: unable to set effective uid to 0: Operation not permitted Apr 23 16:55:58 ltserver2 named[1611]: sizing zone task pool based on 0 zones Apr 23 16:55:58 ltserver2 named[1611]: none:100: 'max-cache-size 90%' - setting to 3513MB (out of 3903MB) Apr 23 16:55:58
[Freeipa] [Bug 1874568] [NEW] Working config in eoan, bind9 fails after upgrade to fossa
Public bug reported: Configuration was working in Eoan. Just upgraded to Fossa. Bind9(named) will not start. Syslog show the following: Apr 23 16:55:58 ltserver2 named[1611]: starting BIND 9.16.1-Ubuntu (Stable Release) Apr 23 16:55:58 ltserver2 named[1611]: running on Linux x86_64 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 Apr 23 16:55:58 ltserver2 named[1611]: built with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-' '--disable-native-pkcs11' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/bind9-OLooom/bind9-9.16.1=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' Apr 23 16:55:58 ltserver2 named[1611]: running as: named -f -u bind Apr 23 16:55:58 ltserver2 named[1611]: compiled by GCC 9.3.0 Apr 23 16:55:58 ltserver2 named[1611]: compiled with OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020 Apr 23 16:55:58 ltserver2 named[1611]: linked to OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020 Apr 23 16:55:58 ltserver2 named[1611]: compiled with libxml2 version: 2.9.10 Apr 23 16:55:58 ltserver2 named[1611]: linked to libxml2 version: 20910 Apr 23 16:55:58 ltserver2 named[1611]: compiled with json-c version: 0.13.1 Apr 23 16:55:58 ltserver2 named[1611]: linked to json-c version: 0.13.1 Apr 23 16:55:58 ltserver2 named[1611]: compiled with zlib version: 1.2.11 Apr 23 16:55:58 ltserver2 named[1611]: linked to zlib version: 1.2.11 Apr 23 16:55:58 ltserver2 named[1611]: Apr 23 16:55:58 ltserver2 named[1611]: BIND 9 is maintained by Internet Systems Consortium, Apr 23 16:55:58 ltserver2 named[1611]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Apr 23 16:55:58 ltserver2 named[1611]: corporation. Support and training for BIND 9 are Apr 23 16:55:58 ltserver2 named[1611]: available at https://www.isc.org/support Apr 23 16:55:58 ltserver2 named[1611]: Apr 23 16:55:58 ltserver2 named[1611]: adjusted limit on open files from 524288 to 1048576 Apr 23 16:55:58 ltserver2 named[1611]: found 2 CPUs, using 2 worker threads Apr 23 16:55:58 ltserver2 named[1611]: using 2 UDP listeners per interface Apr 23 16:55:58 ltserver2 named[1611]: using up to 21000 sockets Apr 23 16:55:58 ltserver2 named[1611]: loading configuration from '/etc/bind/named.conf' Apr 23 16:55:58 ltserver2 named[1611]: reading built-in trust anchors from file '/etc/bind/bind.keys' Apr 23 16:55:58 ltserver2 named[1611]: looking for GeoIP2 databases in '/usr/share/GeoIP' Apr 23 16:55:58 ltserver2 named[1611]: using default UDP/IPv4 port range: [32768, 60999] Apr 23 16:55:58 ltserver2 named[1611]: using default UDP/IPv6 port range: [32768, 60999] Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv4 interface enp3s0, #53 Apr 23 16:55:58 ltserver2 named[1611]: IPv6 socket API is incomplete; explicitly binding to each IPv6 address separately Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv6 interface lo, ::1#53 Apr 23 16:55:58 ltserver2 named[1611]: listening on IPv6 interface enp3s0, %2#53 Apr 23 16:55:58 ltserver2 named[1611]: unable to set effective uid to 0: Operation not permitted Apr 23 16:55:58 ltserver2 named[1611]: generating session key for dynamic DNS Apr 23 16:55:58 ltserver2 named[1611]: unable to set effective uid to 0: Operation not permitted Apr 23 16:55:58 ltserver2 named[1611]: sizing zone task pool based on 0 zones Apr 23 16:55:58 ltserver2 named[1611]: none:100: 'max-cache-size 90%' - setting to 3513MB (out of 3903MB) Apr 23 16:55:58 ltserver2 named[1611]: set up managed keys zone for view _default, file 'managed-keys.bind' Apr 23 16:55:58 ltserver2 named[1611]: loading DynDB instance 'MY_FULLY_Qualified_LOCAL_DNS_NAME' driver '/usr/lib/bind/ldap.so' Apr 23 16:55:58 ltserver2 named[1611]: failed to dynamically load instance 'MY_FULLY_Qualified_LOCAL_DNS_NAME' driver '/usr/lib/bind/ldap.so': /usr/lib/bind/ldap.so: undefined symbol: cfg_parse_buffer2 (failure) Apr 23 16:55:58 ltserver2 named[1611]: dynamic database 'dns.schapker.athome' configuration failed: failure Apr 23 16:55:58
