upgrade from v9.9.3-rpz2+rl -> v9.9.4-rpz2+rl introduces fatal launch error: "initializing DST: no engine"
pgndev
pgnet.dev at gmail.com
Sat Sep 28 01:19:33 UTC 2013
I currently run,
named -V
BIND 9.9.3-rpz2+rl.13204.02-P2 (Extended Support Version)
<id:d8a6fe8b> built with '--prefix=/usr/local/bind-9.9.3-P2'
'--libdir=/usr/local/bind-9.9.3-P2/lib64'
'--sysconfdir=/usr/local/etc/named' '--localstatedir=/var'
'--enable-shared' '--disable-static' '--enable-chroot' '--enable-ipv6'
'--with-libxml2=yes' '--with-gnu-ld' '--with-libtool' '--without-idn'
'--enable-threads' '--enable-largefile'
'--with-randomdev=/dev/urandom' '--enable-openssl-version-check'
'--disable-openssl-hash' '--with-openssl=/usr/local/ssl'
'--without-pkcs11' '--with-dlz-postgres=no' '--with-dlz-mysql=no'
'--with-dlz-bdb=/usr/local/dlz-bdb' '--with-dlz-filesystem=yes'
'--with-dlz-ldap=no' '--with-dlz-odbc=no' '--with-dlz-stub=yes'
'--with-dlopen=yes' '--enable-rpz-nsip' '--enable-rpz-nsdname'
'--with-make-clean' 'CC=/usr/bin/gcc-4.8' 'CFLAGS=-O2
-fmessage-length=0 -D_FORTIFY_SOURCE=2 -fstack-protector
-funwind-tables -fasynchronous-unwind-tables -march=atom -mtune=atom
-fPIC -DPIC -D_GNU_SOURCE -fno-strict-aliasing -Wall'
'LDFLAGS=-L/usr/local/ssl/lib64 -Wl,-rpath,/usr/local/ssl/lib64 -lssl
-lcrypto ' 'CPPFLAGS=-I/usr/local/include -I/usr/local/ssl/include
-I/usr/include'
using OpenSSL version: OpenSSL 1.0.1e 11 Feb 2013
using libxml2 version: 2.9.0
On the same box, with similar ./configure, I build/install bin v9.9.4
+ rpz2+rl patch, with no errors.
On launch, though, it FAILS, with a fatal error; from `journalctl`,
Sep 27 17:14:46 test03.devlan.int named[28862]: starting BIND
9.9.4-rpz2+rl.13269.14 -t /var/chroot/named -n 4 -S 1024 -u named -c
/etc/named.conf -d 90
Sep 27 17:14:46 test03.devlan.int named[28862]: built with
'--with-make-clean' '--enable-full-report'
'--prefix=/usr/local/bind-9.9.4'
'--libdir=/usr/local/bind-9.9.4/lib64'
'--sysconfdir=/usr/local/etc/named' '--localstatedir=/var'
'--enable-shared' '--disable-static' '--enable-chroot' '--enable-ipv6'
'--with-libxml2=yes' '--with-gnu-ld' '--with-libtool' '--without-idn'
'--enable-threads' '--enable-largefile'
'--with-randomdev=/dev/urandom' '--enable-openssl-version-check'
'--disable-openssl-hash' '--with-openssl=/usr/local/ssl'
'--without-pkcs11' '--with-dlz-postgres=no' '--with-dlz-mysql=no'
'--with-dlz-bdb=/usr/local/dlz-bdb' '--with-dlz-filesystem=yes'
'--with-dlz-ldap=no' '--with-dlz-odbc=no' '--with-dlz-stub=yes'
'--with-dlopen=yes' '--enable-rpz-nsip' '--enable-rpz-nsdname'
'--enable-rrl' '--enable-filter-aaaa' '--with-pkcs11'
'CC=/usr/bin/gcc-4.8' 'CFLAGS=-O2 -fmessage-length=0
-D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables
-fasynchronous-unwind-tables -march=atom -mtune=atom -fPIC -DPIC
-D_GNU_SOURCE -fno-strict-aliasing -Wall'
'LDFLAGS=-L/usr/local/ssl/lib64 -Wl,-rpath,/usr/local/ssl/lib64 -lssl
-lcrypto ' 'CPPFLAGS=-I/usr/local/include -I/usr/local/ssl/include
-I/usr/include'
Sep 27 17:14:46 test03.devlan.int named[28862]:
----------------------------------------------------
Sep 27 17:14:46 test03.devlan.int named[28862]: BIND 9 is
maintained by Internet Systems Consortium,
Sep 27 17:14:46 test03.devlan.int named[28862]: Inc. (ISC), a
non-profit 501(c)(3) public-benefit
Sep 27 17:14:46 test03.devlan.int named[28862]: corporation.
Support and training for BIND 9 are
Sep 27 17:14:46 test03.devlan.int named[28862]: available at
https://www.isc.org/support
Sep 27 17:14:46 test03.devlan.int named[28862]:
----------------------------------------------------
Sep 27 17:14:46 test03.devlan.int named[28862]: adjusted limit on
open files from 4096 to 1048576
Sep 27 17:14:46 test03.devlan.int named[28862]: found 4 CPUs,
using 4 worker threads
Sep 27 17:14:46 test03.devlan.int named[28862]: using 4 UDP
listeners per interface
Sep 27 17:14:46 test03.devlan.int named[28862]: using up to 1024 sockets
Sep 27 17:14:46 test03.devlan.int named[28862]: initializing DST: no engine
Sep 27 17:14:46 test03.devlan.int named[28862]: exiting (due to fatal error)
Same Openssl version, similar configure, same systemctl launch scripts.
Old posts referred to issues with libgost.so 'vs' chroot.
In the 9.9.3 instance (running atm), libgost is in the chroot built by
the startup script,
ls -al /var/chroot/named/usr/local/ssl/lib64/engines/
total 132K
drwxr-xr-x 2 root root 4.0K Sep 27 17:12 ./
drwxr-xr-x 3 root root 4.0K Sep 27 17:12 ../
-r-xr-xr-x 1 root root 123K Sep 27 17:32 libgost.so*
The logs above don't tell me enough to know if the issue has returned
bet 993 & 994.
Any guidance as to where to start to beter identify & troubleshoot
this? I can provide additional detail as needed.
More information about the bind-users
mailing list