[Swan-dev] f28: unbound crashing

Paul Wouters paul at nohats.ca
Wed Aug 8 19:21:31 UTC 2018 

On Tue, 7 Aug 2018, Andrew Cagney wrote:

> Subject: [Swan-dev] f28: unbound crashing

These are now fixed.

Paul

>> From IRC discussion of
> http://testing.libreswan.org/results/testing/v3.25-375-g619052a-f28/seccomp-03-updown/OUTPUT/road.console.diff
> Bleve points out that the failure is because unbound didn't start.
> The logs show:
>
> Aug 07 16:22:37 road unbound[941]: [941:0] notice: init module 0: subnet
> Aug 07 16:22:37 road unbound[941]: [941:0] notice: init module 1: validator
> Aug 07 16:22:37 road unbound[941]: [941:0] error: error opening file
> /etc/unbound/dlv.isc.org.key: No such file or directory
> Aug 07 16:22:37 road unbound[941]: [941:0] error: error reading
> dlv-anchor-file: /etc/unbound/dlv.isc.org.key
> Aug 07 16:22:37 road unbound[941]: [941:0] error: validator: error in
> trustanchors config
> Aug 07 16:22:37 road unbound[941]: [941:0] error: validator: could not
> apply configuration settings.
> Aug 07 16:22:37 road unbound[941]: [941:0] error: module init for
> module validator failed
> Aug 07 16:22:37 road unbound[941]: [941:0] fatal error: failed to setup modules
>
> and it is something being picked up from our custom config.  Anyone
> with an easy fix?
>
> Here are some more details.
>
> # ls -l /etc/unbound/
> total 60
> drwxr-xr-x. 2 root unbound    30 Jul 27 16:34 conf.d
> -rw-r--r--. 1 root root    13026 Jul 18 05:41 icannbundle.pem
> drwxr-xr-x. 2 root unbound    29 Jul 27 16:34 keys.d
> drwxr-xr-x. 2 root unbound    36 Jul 27 16:34 local.d
> -rw-r--r--. 1 root root      939 Jul 18 05:43 root.key
> -rw-r--r--. 1 root root    21940 Aug  7 16:22 unbound.conf
> -rw-------. 1 root root     2455 Aug  7 16:22 unbound_control.key
> -rw-r-----. 1 root root     1330 Aug  7 16:22 unbound_control.pem
> -rw-------. 1 root root     2459 Aug  7 16:22 unbound_server.key
> -rw-r-----. 1 root root     1318 Aug  7 16:22 unbound_server.pem
>
> # rpm -V unbound
> S.5....T.  c /etc/unbound/unbound.conf
> .M....G..  g /etc/unbound/unbound_control.key
> ......G..  g /etc/unbound/unbound_control.pem
> .M....G..  g /etc/unbound/unbound_server.key
> ......G..  g /etc/unbound/unbound_server.pem
>
> # grep dlv.isc.org.key /etc/unbound/*
> grep: /etc/unbound/conf.d: Is a directory
> grep: /etc/unbound/keys.d: Is a directory
> grep: /etc/unbound/local.d: Is a directory
> /etc/unbound/unbound.conf:    # Downloaded from
> https://secure.isc.org/ops/dlv/dlv.isc.org.key
> /etc/unbound/unbound.conf:    dlv-anchor-file: "/etc/unbound/dlv.isc.org.key"
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
>

More information about the Swan-dev mailing list