Learn more about these different git repos.
Other Git URLs
A copy from IPA trac https://fedorahosted.org/freeipa/ticket/2924 (originaly reported by shanks):
Version: freeipa-server-2.99.0-0.20120710T1130Zgit0d11b8b.fc17.x86_64 bind-9.9.1-2.P1.fc17.x86_64 bind-dyndb-ldap-1.1.0-0.20120618T1354Zgita7cd8ae.fc17.x86_64
[root@dhcp201-193 ~]# ipactl start Starting Directory Service Starting KDC Service Starting KPASSWD Service Starting DNS Service Job failed. See system journal and 'systemctl status' for details. Failed to start DNS Service Shutting down Aborting ipactl [root@dhcp201-193 ~]#
/var/log/messages:
Jul 12 08:31:51 dhcp201-193 named[8040]: set up managed keys zone for view _default, file 'managed-keys.bind' Jul 12 08:32:01 dhcp201-193 named[8040]: bind to LDAP server failed: Timed out Jul 12 08:32:01 dhcp201-193 kernel: [258419.211587] named[8041] general protection ip:7f0a3e674e7b sp:7f0a40cdaa20 error:0 in libldap-2.4.so.2.8.3[7f0a3e65b000+4c000] Jul 12 08:32:01 dhcp201-193 abrt[8045]: /var/named/core.8040 fd(-1) is not a regular file with link count 1: Permission denied Jul 12 08:32:02 dhcp201-193 abrt[8045]: Saved core dump of pid 8040 (/usr/sbin/named) to /var/spool/abrt/ccpp-2012-07-12-08:32:01-8040 (42422272 bytes) Jul 12 08:32:02 dhcp201-193 abrtd: Directory 'ccpp-2012-07-12-08:32:01-8040' creation detected Jul 12 08:32:02 dhcp201-193 systemd[1]: named.service: control process exited, code=exited status=1 Jul 12 08:32:02 dhcp201-193 systemd[1]: Unit named.service entered failed state.
backtrace bt.txt
attachment named.conf
Steps to reproduce
First connection has to be established properly and some other connection has to fail with timeout. It is not enough to timeout on first connection, that case is handled properly.
Modified /etc/named.conf:
/etc/named.conf
dynamic-db "ipa" { library "ldap.so"; #arg "uri ldapi://%2fvar%2frun%2fslapd-E-ORG.socket"; arg "uri ldap://127.0.0.1:3899"; arg "base cn=dns, dc=e,dc=org"; arg "fake_mname unused-4-107.brq.redhat.com."; arg "auth_method simple"; #arg "sasl_mech GSSAPI"; #arg "sasl_user DNS/unused-4-107.brq.redhat.com"; arg "bind_dn cn=Directory Manager"; arg "password aaaaaaaa"; arg "timeout 1"; arg "connections 4"; };
Persistent search setting doesn't affect this problem.
Before named start create a TCP tunnel limited to two concurrent connections (from 4 required by plugin):
named
socat -x TCP-LISTEN:3899,fork,reuseaddr,max-children=2 TCP:127.0.0.1:389
Start named:
named -g -u named
It should fail:
12-Jul-2012 14:57:50.334 bind to LDAP server failed: Timed out Segmentation fault
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=840381
Fixed by commit: https://fedorahosted.org/bind-dyndb-ldap/changeset/e44ce4d9c42ad9b1226cea5b62e9040f2d7e4df2
Reopening because fixing the crash is not enough. BIND should start and reconnect periodically.
Fixed by https://fedorahosted.org/bind-dyndb-ldap/changeset/6049a88729368082480e3fb76289670912e0217a
Metadata Update from @pspacek: - Issue assigned to pspacek - Issue set to the milestone: 3.0 IPA
Login to comment on this ticket.