Segmentation fault 9.1.0
Balgansuren
balgaa at publica.ub.mng.net
Tue Feb 13 23:09:20 UTC 2001
Hello,
I am sorry, very bad English.
Thank you for migration notes. Yesterday I installed 9.1.0 on secondary
named machine. I can to see following in /var/named:
bash-2.03$ ls -l
total 214
<snip> There is old zone files
-rw-r--r-- 1 root other 583 Feb 12 17:27 db-XX1ua4tO
-rw-r--r-- 1 root other 527 Feb 12 16:12 db-XX3ua4tO
-rw-r--r-- 1 root other 553 Feb 12 17:06 db-XX5ua4tO
-rw-r--r-- 1 root other 622 Feb 12 16:12 db-XX7ua4tO
-rw-r--r-- 1 root other 613 Feb 12 17:11 db-XX9ua4tO
-rw-r--r-- 1 root root 6161 Feb 12 16:45 db-XXBva4tO
-rw-r--r-- 1 root other 732 Feb 12 16:01 db-XXDva4tO
-rw-r--r-- 1 root other 522 Feb 12 16:11 db-XXFva4tO
-rw-r--r-- 1 root other 654 Feb 12 17:00 db-XXHva4tO
-rw-r--r-- 1 root other 610 Feb 12 16:41 db-XXJva4tO
-rw-r--r-- 1 root root 2933 Feb 12 16:44 db-XXLua4tO
-rw-r--r-- 1 root other 583 Feb 12 16:49 db-XXLva4tO
-rw-r--r-- 1 root root 604 Feb 12 16:12 db-XXNua4tO
-rw-r--r-- 1 root other 588 Feb 12 17:34 db-XXNva4tO
-rw-r--r-- 1 root root 604 Feb 12 16:04 db-XXPua4tO
-rw-r--r-- 1 root root 519 Feb 12 17:13 db-XXPva4tO
-rw-r--r-- 1 root other 763 Feb 12 16:15 db-XXRua4tO
-rw-r--r-- 1 root root 458 Feb 12 16:37 db-XXRva4tO
-rw-r--r-- 1 root other 4728 Feb 12 16:23 db-XXTua4tO
-rw-r--r-- 1 root other 593 Feb 12 16:06 db-XXTva4tO
-rw-r--r-- 1 root root 607 Feb 12 15:49 db-XXVua4tO
-rw-r--r-- 1 root other 549 Feb 12 15:32 db-XXVva4tO
-rw-r--r-- 1 root root 650 Feb 12 16:07 db-XXXua4tO
-rw-r--r-- 1 root other 519 Feb 12 15:56 db-XXXva4tO
-rw-r--r-- 1 root other 559 Feb 12 17:02 db-XXZua4tO
-rw-r--r-- 1 root other 573 Feb 12 16:01 db-XX_ua4tO
-rw-r--r-- 1 root other 658 Feb 12 15:18 db-XXbva4tO
-rw-r--r-- 1 root other 583 Feb 12 17:35 db-XXdva4tO
-rw-r--r-- 1 root other 559 Feb 12 16:21 db-XXfva4tO
-rw-r--r-- 1 root other 615 Feb 12 17:01 db-XXhva4tO
-rw-r--r-- 1 root other 549 Feb 12 17:02 db-XXjva4tO
-rw-r--r-- 1 root other 578 Feb 12 15:31 db-XXlva4tO
-rw-r--r-- 1 root root 2393 Feb 12 17:27 db-XXnva4tO
-rw-r--r-- 1 root other 555 Feb 12 17:09 db-XXpva4tO
-rw-r--r-- 1 root other 530 Feb 12 17:08 db-XXrva4tO
-rw-r--r-- 1 root other 467 Feb 12 15:51 db-XXtva4tO
-rw-r--r-- 1 root other 470 Feb 12 17:38 db-XXvva4tO
-rw-r--r-- 1 root other 752 Feb 12 17:05 db-XXxva4tO
-rw-r--r-- 1 root other 554 Feb 12 17:25 db-XXzva4tO
<snip> There is old zone files
a.Why there are many db-XXxxxxxx files?
b.Why name is strange?
c.Can I to use old named zone files instead of db-XXxxxxxx?
d.When I use "host", "dig" tools and I got "Segmentation fault".
Host:
-----
bash-2.03$ sudo gdb /usr/local/bin/host
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are welcome to change it and/or distribute copies of it under certain
conditions.Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-sun-solaris2.7"...
(gdb) run
Starting program: /usr/local/bin/host
[New LWP 2 ]
[New LWP 3 ]
Usage: host [-aCdlrTwv] [-c class] [-n] [-N ndots] [-t type] [-W time]
[-R number] hostname [server]
-a is equivalent to -v -t *
-c specifies query class for non-IN data
-C compares SOA records on authorative nameservers
-d is equivalent to -v
-l lists all hosts in a domain, using AXFR
-n Use the nibble form of IPv6 reverse lookup
-N changes the number of dots allowed before root lookup is done
-r disables recursive processing
-R specifies number of retries for UDP packets
-t specifies the query type
-T enables TCP/IP mode
-v enables verbose output
-w specifies to wait forever for a reply
-W specifies how long to wait for a reply
Program received signal SIGSEGV, Segmentation fault.
0xff2b41d4 in __do_global_dtors_aux () from /usr/lib/libcrypto.so.0
(gdb) quit
The program is running. Exit anyway? (y or n) y
Dig:
----
bash-2.03$ sudo gdb /usr/local/bin/dig
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-sun-solaris2.7"...
(gdb) run
Starting program: /usr/local/bin/dig
[New LWP 2 ]
[New LWP 3 ]
[New LWP 4 ]
[New LWP 5 ]
; <<>> DiG 9.1.0 <<>>
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 9981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;. IN NS
;; Query time: 10 msec
;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx)
;; WHEN: Tue Feb 13 15:06:54 2001
;; MSG SIZE rcvd: 17
[New LWP 6 ]
[Switching to LWP 3 ]
Program received signal SIGTERM, Terminated.
0xff114644 in _libc_sigtimedwait () from /usr/lib/libc.so.1
Configure:
----------
./configure --with-openssl=/usr/local/lib
I think "configure" automatically find thread libraries.
How can I to fix it?
Thank you,
Balgaa
On Mon, 12 Feb 2001 Mark.Andrews at nominum.com wrote:
> >
> > Hello,
> >
> > Where can I to get these migration notes?
>
> This is doc/src/migration, part of the BIND 9 distribution.
> I just added the BIND 4 part. I was getting tired of repeating
> it.
>
> Mark
>
> >
> > Thank you,
> > Balgaa
> >
> > On Mon, 12 Feb 2001 Mark.Andrews at nominum.com wrote:
> >
> > >
> > > >
> > > > Hello,
> > > >
> > > > Currently, we are using Solaris 2.6/SPARC and Solaris 7/SPARC.
> > > > It includes BIND-4.9.7 (primary) and BIND-8.1.2 (secondary).
> > > >
> > > > I want to upgrade it to 9.1.0, but unfortunately I don't know exact
> > > > procedure of upgrade. I have compiled/installed source of 9.1.0 on
> > > > Solaris/SPARC (in /usr/local). I need help to convert old 4.9.7, 8.1.2
> > > > config file to 9.1.0.
> > > >
> > > > Also I don't know 9.1.0 configuration file structure.
> > > >
> > > > Please send me suggestion and helpful information.
> > > >
> > > > Thanks,
> > > > Balgaa
> > > > System Admin
> > > >
> > > >
> > >
> > > Copyright (C) 2000, 2001 Internet Software Consortium.
> > > See COPYRIGHT in the source root or http://isc.org/copyright.html for terms
> > .
> > >
> > > BIND 4 to BIND 9 Migration Notes
> > >
> > > To transition from BIND 4 to BIND 9 you first need to convert your
> > > configuration file to the new format. The is conversion tool in
> > > contrib/named-bootconf that allows you to this.
> > >
> > > named-bootconf.sh < /etc/named.boot > /etc/named.conf
> > >
> > > BIND 9 uses a system assigned port for the UDP queries it makes rather
> > > that port 53 that BIND uses. This may conflict with some firewalls.
> > > The following directives in /etc/named.conf allow allow you to specify
> > > a port to use.
> > >
> > > query-source address * port 53;
> > > transfer-source * port 53;
> > > notify-source * port 53;
> > >
> > > BIND 9 no-longer uses the minimum field to specify the TTL of records
> > > without a explicit TTL. Use $TTL directive to specify a default TTL
> > > before the first record without a explict TTL.
> > >
> > > $TTL 3600
> > > @ IN SOA ns1.example.com. hostmaster.example.com. (
> > > 2001021100
> > > 7200
> > > 1200
> > > 3600000
> > > 7200 )
> > >
> > > BIND 9 does not support multiple CNAMES with the same owner name.
> > >
> > > Illegal:
> > > www.example.com. CNAME host1.example.com.
> > > www.example.com. CNAME host2.example.com.
> > >
> > > BIND 9 does not support "CNAMES with other data" with the same owner name,
> > > ignoring DNSSEC records (SIG, NXT, KEY) that BIND 4 did not support.
> > >
> > > Illegal:
> > > www.example.com. CNAME host1.example.com.
> > > www.example.com. MX 10 host2.example.com.
> > >
> > > BIND 9 is less tolerant of errors in master files so check your logs and
> > > fix any errors reported.
> > >
> > > BIND 8 to BIND 9 Migration Notes
> > >
> > > BIND 9 is designed to be mostly upwards compatible with BIND 8, but
> > > there is still a number of caveats you should be aware of when
> > > upgrading an existing BIND 8 installation to use BIND 9.
> > >
> > >
> > > 1. Configuration File Compatibility
> > >
> > > 1.1. Unimplemented Options and Changed Defaults
> > >
> > > BIND 9.1 supports most, but not all but not of the named.conf options
> > > of BIND 8. For a complete list of implmented options, see
> > > doc/misc/options.
> > >
> > > If your named.conf file uses an unimplemented option, named will log a
> > > warning message. A message is also logged about each option whose
> > > default has changed unless the option is set explicitly in named.conf.
> > >
> > > In particular, if you see a warning message about the default for the
> > > "auth-nxdomain" option having changed, you can suppress it by adding
> > > one of the following lines to the named.conf options { } block:
> > >
> > > auth-nxdomain no; # conform to RFC1035
> > > auth-nxdomain yes; # do what BIND 8 did by default
> > >
> > > 1.2. Handling of Configuration File Errors
> > >
> > > In BIND 9, named refuses to start if it detects an error in
> > > named.conf. Earlier versions would start despite errors, causing the
> > > server to run with a partial configuration. Errors detected during
> > > subsequent reloads do not cause the server to exit.
> > >
> > > Errors in master files never cause the server to exit.
> > >
> > > 1.3. Logging
> > >
> > > The set of logging categories in BIND 9 is different from that
> > > in BIND 8. If you have customized your logging on a per-category
> > > basis, you need to modify your logging statement to use the
> > > new categories.
> > >
> > > Another difference is that the "logging" statement only takes effect
> > > after the entire named.conf file has been read. This means that when
> > > the server starts up, any messages about errors in the configuration
> > > file are always logged to the default destination (syslog) when the
> > > server first starts up, regardless of the contents of the "logging"
> > > statement. In BIND 8, the new logging configuration took effect
> > > immediately after the "logging" statement was read.
> > >
> > > 1.4. Case sensitivity
> > >
> > > In BIND 9, ACL names are case sensitive. In BIND 8 they were case
> > > insensitive.
> > >
> > > 1.5. Notify messages and Refesh queries
> > >
> > > The source address and port for these is now controlled by
> > > "notify-source" and "transfer-source", respectively, rather that
> > > query-source as in BIND 8.
> > >
> > > 1.6. Multiple Classes.
> > >
> > > Multiple classes have to be put into explicit views for each class.
> > >
> > > 1.7. New Reserved Words
> > >
> > > When specifying the names of entities like ACLs, logging channels, or
> > > views, they can be written with or without surrounding double quotes.
> > > However, the quotes are required if the name is identical to an option
> > > name or other reserved word. Since BIND 9 has a number of new options
> > > and reserves some additional words for anticipated future options, it
> > > is possible that some of these option names conflict with existing
> > > names in named.conf. For example, instead of
> > >
> > > acl internal { 127.0.0.1/32; 10.0.0.0/8; };
> > >
> > > you need to write
> > >
> > > acl "internal" { 127.0.0.1/32; 10.0.0.0/8; };
> > >
> > > because "internal" is now a reserved word.
> > >
> > > 2. Zone File Compatibility
> > >
> > > 2.1. Strict RFC1035 Interpretation of TTLs in Zone Files
> > >
> > > BIND 8 allowed you to omit all TTLs from a zone file, and used the
> > > value of the SOA MINTTL field as a default for missing TTL values.
> > >
> > > BIND 9 enforces strict compliance with the RFC1035 and RFC2308 TTL
> > > rules. The default TTL is the value specified with the $TTL
> > > directive, or the previous explicit TTL if there is no $TTL directive.
> > > If there is no $TTL directive and the first RR in the file does not
> > > have an explicit TTL field, the error message "no TTL specified" is
> > > logged and loading the zone file fails.
> > >
> > > To avoid problems, use a $TTL directive in each zone file.
> > >
> > > 2.2. Periods in SOA Serial Numbers Deprecated
> > >
> > > Some versions of BIND allow SOA serial numbers with an embedded
> > > period, like "3.002", and convert them into integers in a rather
> > > unintuitive way. This feature is not supported by BIND 9; serial
> > > numbers must be integers.
> > >
> > > 2.3. Handling of Unbalanced Quotes
> > >
> > > TXT records with unbalanced quotes, like 'host TXT "foo', were not
> > > treated as errors in some versions of BIND. If your zone files
> > > contain such records, you will get potentially confusing error
> > > messages like "unexpected end of file" because BIND 9 will interpret
> > > everything up to the next quote character as a literal string.
> > >
> > > 2.4. Handling of Line Breaks
> > >
> > > Some versions of BIND accept RRs containing line breaks that are not
> > > properly quoted with parentheses, like the following SOA:
> > >
> > > @ IN SOA ns.example. hostmaster.example.
> > > ( 1 3600 1800 1814400 3600 )
> > >
> > > This is not legal master file syntax and will be treated as an error
> > > by BIND 9. The fix is to move the opening parenthesis to the first
> > > line.
> > >
> > > 2.5. Unimplemented BIND 8 Extensions
> > >
> > > $GENERATE: The "$$" construct for getting a literal $ into a domain
> > > name is deprecated. Use \$ instead.
> > >
> > > 3. Interoperability Impact of New Protocol Features
> > >
> > > BIND 9 uses EDNS0 (RFC2671) to advertise its receive buffer size. It
> > > also sets an EDNS flag bit in queries to indicate that it wishes to
> > > receive DNSSEC responses; this flag bit usage is not yet standardized,
> > > but we hope it will be.
> > >
> > > Most older servers that do not support EDNS0, including prior versions
> > > of BIND, will send a FORMERR or NOTIMP response to these queries.
> > > When this happens, BIND 9 will automatically retry the query without
> > > EDNS0.
> > >
> > > Unfortunately, there exists at least one non-BIND name server
> > > implementation that silently ignores these queries instead of sending
> > > an error response. Resolving names in zones where all or most
> > > authoritative servers use this server will be very slow or fail
> > > completely. We have contacted the manufacturer of the name server in
> > > case, and they are working on a solution.
> > >
> > >
> > > 4. Unrestricted Character Set
> > >
> > > BIND 9 does not restrict the character set of domain names - it is
> > > fully 8-bit clean in accordance with RFC2181 section 11.
> > >
> > > It is strongly recommended that hostnames published in the DNS follow
> > > the RFC952 rules, but BIND 9 will not enforce this restriction.
> > >
> > > Historically, some applications have suffered from security flaws
> > > where data originating from the network, such as names returned by
> > > gethostbyaddr(), are used with insufficient checking and may cause a
> > > breach of security when containing unexpected characters; see
> > > <http://www.cert.org/advisories/CA-96.04.corrupt_info_from_servers.html>
> > > for details. Some earlier versions of BIND attempt to protect these
> > > flawed applications from attack by discarding data containing
> > > characters deemed inappropriate in host names or mail addresses, under
> > > the control of the "check-names" option in named.conf and/or "options
> > > no-check-names" in resolv.conf. BIND 9 provides no such protection;
> > > if applications with these flaws are still being used, they should
> > > be upgraded.
> > >
> > >
> > > 5. Server Administration Tools
> > >
> > > The "ndc" program has been replaced by "rndc", which is capable of
> > > remote operation. Unlike ndc, rndc requires a configuration file;
> > > see the man pages in doc/man/bin/rndc.1 and doc/man/bin/rndc.conf.5 for
> > > details. Some of the ndc commands are still unimplemented in rndc.
> > >
> > >
> > > 6. No Information Leakage between Zones
> > >
> > > BIND 9 stores the authoritative data for each zone in a separate data
> > > structure, as recommended in RFC1035 and as required by DNSSEC and
> > > IXFR. When a BIND 9 server is authoritative for both a child zone and
> > > its parent, it will have two distinct sets of NS records at the
> > > delegation point: the authoritative NS records at the child's apex,
> > > and a set of glue NS records in the parent.
> > >
> > > BIND 8 was unable to properly distinguish between these two sets of NS
> > > records and would "leak" the child's NS records into the parent,
> > > effectively causing the parent zone to be silently modified: responses
> > > and zone transfers from the parent contained the child's NS records
> > > rather than the glue configured into the parent (if any). In the case
> > > of children of type "stub", this behavior was documented as a feature,
> > > allowing the glue NS records to be omitted from the parent
> > > configuration.
> > >
> > > Sites that were relying on this BIND 8 behavior need to add any
> > > omitted glue NS records, and any necessary glue A records, to the
> > > parent zone.
> > >
> > > Although stub zones can no longer be used as a mechanism for injecting
> > > NS records into their parent zones, they are still useful as a way of
> > > directing queries for a given domain to a particular set of name
> > > servers.
> > >
> > >
> > > $Id: migration,v 1.22 2001/02/12 01:55:18 marka Exp $
> > > --
> > > Mark Andrews, Nominum Inc.
> > > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > > PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
> > >
> >
> >
> --
> Mark Andrews, Nominum Inc.
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
>
More information about the bind-users
mailing list