** Description changed: Affects: 1:9.7.0.dfsg.P1-1ubuntu0.8, 1:9.8.1.dfsg.P1-4ubuntu0.4, 1:9.8.4 .dfsg-1ubuntu1. bind9.postinst only sets permissions on /var/cache/bind on a fresh install. When the bind9 package is removed but not purged, /var/cache/bind is removed, but /etc/bind is left alone (as expected). When the bind9 package is reinstalled from this state, the postinst fails to correct the default 755 permissions on /var/cache/bind. This is particularly a problem for users upgrading from Lucid, since this - situation causes 100% CPU usage due to bug 695264. + situation causes 100% CPU usage due to bug 1038199. Steps to reproduce: 1. Start with a Lucid system 2. apt-get install bind9 3. apt-get remove bind9 4. apt-get install bind9 Note broken permissions in /var/cache/bind. This isn't directly reproducible in Raring because files are now left behind in /var/cache/bind causing /var/cache/bind to not be removed when the package is removed (is this a separate bug?) However, if from Lucid you then do: 5. do-release-upgrade Then the problem propagates to Raring, and you'll see bug 1038199 (100% CPU usage). Workaround: # chown root.bind /var/cache/bind # chmod 775 /var/cache/bind # service bind9 restart Logs from the upgraded machine (see 'working directory not writeable' and 'permission denied') 05-Dec-2012 12:23:35.719 found 2 CPUs, using 2 worker threads 05-Dec-2012 12:23:35.720 using up to 4096 sockets 05-Dec-2012 12:23:35.726 loading configuration from '/etc/bind/named.conf' 05-Dec-2012 12:23:35.727 reading built-in trusted keys from file '/etc/bind/bind.keys' 05-Dec-2012 12:23:35.727 using default UDP/IPv4 port range: [1024, 65535] 05-Dec-2012 12:23:35.728 using default UDP/IPv6 port range: [1024, 65535] 05-Dec-2012 12:23:35.729 listening on IPv6 interfaces, port 53 05-Dec-2012 12:23:35.731 listening on IPv4 interface lo, 127.0.0.1#53 05-Dec-2012 12:23:35.732 listening on IPv4 interface eth0, 10.40.0.5#53 05-Dec-2012 12:23:35.734 listening on IPv4 interface eth1, 10.157.128.1#53 05-Dec-2012 12:23:35.735 listening on IPv4 interface eth1, 10.161.208.1#53 05-Dec-2012 12:23:35.736 listening on IPv4 interface eth0.60, 10.157.16.12#53 05-Dec-2012 12:23:35.738 generating session key for dynamic DNS 05-Dec-2012 12:23:35.738 sizing zone task pool based on 7 zones 05-Dec-2012 12:23:35.744 using built-in root key for view _default 05-Dec-2012 12:23:35.744 set up managed keys zone for view _default, file 'managed-keys.bind' 05-Dec-2012 12:23:35.744 Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones 05-Dec-2012 12:23:35.744 automatic empty zone: 254.169.IN-ADDR.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 2.0.192.IN-ADDR.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 100.51.198.IN-ADDR.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 113.0.203.IN-ADDR.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 255.255.255.255.IN-ADDR.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: D.F.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 8.E.F.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 9.E.F.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: A.E.F.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: B.E.F.IP6.ARPA 05-Dec-2012 12:23:35.744 automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA 05-Dec-2012 12:23:35.749 command channel listening on 127.0.0.1#953 05-Dec-2012 12:23:35.749 command channel listening on ::1#953 05-Dec-2012 12:23:35.749 the working directory is not writable 05-Dec-2012 12:23:35.749 ignoring config file logging statement due to -g option 05-Dec-2012 12:23:35.750 zone 0.in-addr.arpa/IN: loaded serial 1 05-Dec-2012 12:23:35.750 zone 157.10.in-addr.arpa/IN: loaded serial 1 05-Dec-2012 12:23:35.751 zone 127.in-addr.arpa/IN: loaded serial 1 05-Dec-2012 12:23:35.752 zone 255.in-addr.arpa/IN: loaded serial 1 05-Dec-2012 12:23:35.753 zone extility.install/IN: loaded serial 1300877104 05-Dec-2012 12:23:35.754 zone localhost/IN: loaded serial 2 05-Dec-2012 12:23:35.754 managed-keys-zone ./IN: loading from master file managed-keys.bind failed: file not found 05-Dec-2012 12:23:35.754 managed-keys.bind.jnl: create: permission denied 05-Dec-2012 12:23:35.754 managed-keys-zone ./IN: sync_keyzone:dns_journal_open -> unexpected error
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1086775 Title: Maintainer scripts mishandle /var/cache/bind permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1086775/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
