Cannot chroot bind: ENGINE_by_id failed (crypto failure)
Matthew Washington
deity_chooch at yahoo.com
Fri Jun 27 21:22:39 UTC 2014
I created the directory '/var/run/nscd' (owned by named), and symbolically linked '/usr/lib64' to the '/usr/lib' directory... and it's working! Thank you all very much for your speedy and accurate help!
On Thursday, June 26, 2014 5:17 PM, Hauke Lampe <lampe at hauke-lampe.de> wrote:
On 26.06.2014 22:53, Matthew Washington wrote:
> May 20 16:32:15 fortress named[6034]: error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:
> May 20 16:32:15 fortress named[6034]: error:2606A074:engine routines:ENGINE_by_id:no such engine:eng_list.c:418:id=gost
> May 20 16:32:15 fortress named[6034]: initializing DST: crypto failure
libssl tries to load the GOST engine from a platform-specific path.
I used strace to find it:
strace named -f -c /etc/named.conf -t /svc/name -u named 2>&1|grep gost
|open("/usr/lib/x86_64-linux-gnu/openssl-1.0.0/engines/libgost.so",
|O_RDONLY) = -1 ENOENT (No such file or directory)
Alternatively, the Debian package patched named and moved the SSL init
code before the chroot:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696661
Hauke.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140627/3996ede9/attachment.html>
More information about the bind-users
mailing list