[Swan-dev] f28: nsd crashing

Andrew Cagney andrew.cagney at gmail.com
Wed Aug 8 20:20:51 UTC 2018 

Progress, I'mseeing the below which is pretty weird:

[root at nic dnsoe-06]# systemctl status nsd-keygen.service
● nsd-keygen.service - NSD Control Key And Certificate Generator
   Loaded: loaded (/usr/lib/systemd/system/nsd-keygen.service;
disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2018-08-08 13:48:54
EDT; 1h 59min ago
  Process: 1048 ExecStart=/usr/sbin/nsd-control-setup -d /etc/nsd/
(code=exited, status=1/FAILURE)
 Main PID: 1048 (code=exited, status=1/FAILURE)

Aug 08 13:48:54 nic systemd[1]: Starting NSD Control Key And
Certificate Generator...
Aug 08 13:48:54 nic nsd-control-setup[1048]: setup in directory /etc/nsd/
Aug 08 13:48:54 nic nsd-control-setup[1048]: generating nsd_server.key
Aug 08 13:48:54 nic nsd-control-setup[1048]: genrsa: Can't open
"nsd_server.key" for writing, Permission denied
Aug 08 13:48:54 nic nsd-control-setup[1048]:
/usr/sbin/nsd-control-setup fatal error: could not genrsa
Aug 08 13:48:54 nic systemd[1]: nsd-keygen.service: Main process
exited, code=exited, status=1/FAILURE
Aug 08 13:48:54 nic systemd[1]: nsd-keygen.service: Failed with result
'exit-code'.
Aug 08 13:48:54 nic systemd[1]: Failed to start NSD Control Key And
Certificate Generator.
[root at nic dnsoe-06 3]# ls -ld /etc/nsd/
drwxrwxr-x. 4 1000 1000 52 Aug  8 13:48 /etc/nsd/
[root at nic dnsoe-06]#
On Wed, 8 Aug 2018 at 15:21, Paul Wouters <paul at nohats.ca> wrote:
>
> On Tue, 7 Aug 2018, Andrew Cagney wrote:
>
> > Subject: [Swan-dev] f28: nsd crashing
>
> These are all fixed now.
>
> Paul
>
> > For instance http://testing.libreswan.org/results/testing/v3.25-375-g619052a-f28/dnsoe-01/OUTPUT/nic.console.diff
> >
> > the logs show:
> >
> > Aug 07 16:45:52 nic nsd[1049]: Error in SSL_CTX use_certificate_file
> > crypto error:02001002:system library:fopen:No such file or directory
> > Aug 07 16:45:52 nic nsd[1049]: [2018-08-07 16:45:52.578] nsd[1049]:
> > error: Error in SSL_CTX use_certificate_file crypto
> > error:02001002:system library:fopen:No such file or directory
> > Aug 07 16:45:52 nic nsd[1049]: and additionally crypto
> > error:20074002:BIO routines:file_ctrl:system lib
> > Aug 07 16:45:52 nic nsd[1049]: [2018-08-07 16:45:52.578] nsd[1049]:
> > error: and additionally crypto error:20074002:BIO
> > routines:file_ctrl:system lib
> > Aug 07 16:45:52 nic nsd[1049]: and additionally crypto
> > error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
> > Aug 07 16:45:52 nic nsd[1049]: [2018-08-07 16:45:52.578] nsd[1049]:
> > error: and additionally crypto error:140AD002:SSL
> > routines:SSL_CTX_use_certificate_file:system lib
> > Aug 07 16:45:52 nic nsd[1049]: could not perform remote control setup
> > Aug 07 16:45:52 nic nsd[1049]: [2018-08-07 16:45:52.578] nsd[1049]:
> > error: could not perform remote control setup
> > Aug 07 16:45:52 nic systemd[1]: nsd.service: Main process exited,
> > code=exited, status=1/FAILURE
> > Aug 07 16:45:52 nic systemd[1]: nsd.service: Failed with result 'exit-code'.
> >
> > any easy ideas?
> > _______________________________________________
> > Swan-dev mailing list
> > Swan-dev at lists.libreswan.org
> > https://lists.libreswan.org/mailman/listinfo/swan-dev
> >

More information about the Swan-dev mailing list